www.crowdstrike.com Open in urlscan Pro
2606:4700:10::6814:5ef6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u3459990.ct.sendgrid.net/wf/click?upn=H7aPXv7yEJWMhEeqM8fowydhJWkDjuZazlTzr-2FuQjtCes-2Bbr-2BRfMYll-2Bmb16IAeZ2hw2QuSLSPS...
Effective URL:
https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Part...
Submission: On December 18 via manual (December 18th 2018, 5:43:09 pm UTC) from US

Summary HTTP 186 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 32 domains to perform 186 HTTP transactions. The main IP is 2606:4700:10::6814:5ef6, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.crowdstrike.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 6th 2018. Valid for: 2 years.

This is the only time www.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID - SendGrid)
68	2606:4700:10:... 2606:4700:10::6814:5ef6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.166.11.26 52.166.11.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.246.243.35 23.246.243.35	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
14	192.28.144.241 192.28.144.241	53580 (MARKETO) (MARKETO - MARKETO)
2	52.222.149.41 52.222.149.41	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
8	104.111.239.158 104.111.239.158	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	104.111.242.254 104.111.242.254	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	192.28.144.124 192.28.144.124	53580 (MARKETO) (MARKETO - MARKETO)
3	52.216.160.37 52.216.160.37	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.216.162.205 52.216.162.205	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
23 30	176.34.111.91 176.34.111.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:20b... 2600:9000:20bb:1600:b:6d87:aa40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.190.74.199 35.190.74.199	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.201.88.237 35.201.88.237	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.186.237.72 35.186.237.72	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	35.157.225.240 35.157.225.240	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	23.211.2.27 23.211.2.27	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
4	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 3	18.153.11.24 18.153.11.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	185.33.223.221 185.33.223.221	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	18.207.56.96 18.207.56.96	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE - Google LLC)
186	38

1 167.89.115.54 (Denver, United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u3459990.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 2606:4700:10::6814:5ef6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.246.243.35 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 23.f3.f617.ip4.static.sl-reverse.com

api.ipstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.28.144.241 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

go.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.149.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-41.fra53.r.cloudfront.net

d12ulf131zb0yj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.239.158 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-158.deploy.static.akamaitechnologies.com

app-ab01.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sjrtp-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.254 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-254.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.144.124 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

281-obq-266.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.160.37 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.162.205 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 176.34.111.91 (Dublin, Ireland) 23 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bb:1600:b:6d87:aa40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

pixel.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.199 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 199.74.190.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.88.237 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 237.88.201.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.237.72 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 72.237.186.35.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.225.240 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-225-240.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.211.2.27 (Cambridge, United States) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-2-27.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.153.11.24 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-24.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.221 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.56.96 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-207-56-96.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 17.47.211.130.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	crowdstrike.com www.crowdstrike.com go.crowdstrike.com Failed	1 MB
38	adroll.com 23 redirects s.adroll.com d.adroll.com	45 KB
9	googleapis.com ajax.googleapis.com fonts.googleapis.com	166 KB
8	marketo.com app-ab01.marketo.com sjrtp-cdn.marketo.com	251 KB
6	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	2 KB
6	cdnwidget.com pixel.cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	51 KB
6	google-analytics.com www.google-analytics.com	115 KB
5	google.com cse.google.com www.google.com	126 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	facebook.net connect.facebook.net	101 KB
4	amazonaws.com s3.amazonaws.com	211 KB
4	marketo.net munchkin.marketo.net	12 KB
3	bidswitch.net 1 redirects x.bidswitch.net	2 KB
3	ipstack.com api.ipstack.com	2 KB
2	facebook.com www.facebook.com	343 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	540 B
2	openx.net 1 redirects us-u.openx.net	599 B
2	rlcdn.com idsync.rlcdn.com	68 B
2	yahoo.com ads.yahoo.com	2 KB
2	taboola.com trc.taboola.com	505 B
2	pubmatic.com simage2.pubmatic.com	2 KB
2	outbrain.com sync.outbrain.com	461 B
2	rubiconproject.com pixel.rubiconproject.com	742 B
2	advertising.com 1 redirects pixel.advertising.com	440 B
2	mktoresp.com 281-obq-266.mktoresp.com	544 B
2	jquery.com code.jquery.com	67 KB
2	cloudfront.net d12ulf131zb0yj.cloudfront.net	3 KB
2	addsearch.com addsearch.com	15 KB
1	gstatic.com www.gstatic.com	90 KB
1	sendgrid.net 1 redirects u3459990.ct.sendgrid.net	391 B
0	3lift.com Failed eb2.3lift.com Failed
186	32

	Domain	Requested by
68	www.crowdstrike.com	www.crowdstrike.com go.crowdstrike.com www.google-analytics.com
30	d.adroll.com	23 redirects s.adroll.com
14	go.crowdstrike.com	www.crowdstrike.com ajax.googleapis.com go.crowdstrike.com app-ab01.marketo.com
8	s.adroll.com	go.crowdstrike.com s.adroll.com
6	app-ab01.marketo.com	go.crowdstrike.com app-ab01.marketo.com
6	www.google-analytics.com	www.crowdstrike.com www.google-analytics.com go.crowdstrike.com
5	ajax.googleapis.com	www.crowdstrike.com go.crowdstrike.com d12ulf131zb0yj.cloudfront.net
4	ib.adnxs.com	2 redirects
4	dsum-sec.casalemedia.com	2 redirects
4	connect.facebook.net	s.adroll.com connect.facebook.net
4	s3.amazonaws.com	d12ulf131zb0yj.cloudfront.net
4	munchkin.marketo.net	go.crowdstrike.com munchkin.marketo.net
4	www.google.com	cse.google.com go.crowdstrike.com
4	fonts.googleapis.com	www.crowdstrike.com ajax.googleapis.com
3	x.bidswitch.net	1 redirects
3	api.ipstack.com	www.crowdstrike.com code.jquery.com
2	e.cdnwidget.com
2	ids.cdnwidget.com	pixel.cdnwidget.com
2	www.facebook.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	idsync.rlcdn.com
2	ads.yahoo.com
2	trc.taboola.com
2	simage2.pubmatic.com
2	sync.outbrain.com
2	pixel.rubiconproject.com
2	pixel.advertising.com	1 redirects
2	view.cdnbasket.net	pixel.cdnwidget.com
2	page.cdnbasket.net	pixel.cdnwidget.com
2	data.cdnbasket.net	pixel.cdnwidget.com
2	pixel.cdnwidget.com	s.adroll.com
2	281-obq-266.mktoresp.com	munchkin.marketo.net
2	sjrtp-cdn.marketo.com	go.crowdstrike.com
2	code.jquery.com	go.crowdstrike.com
2	d12ulf131zb0yj.cloudfront.net	go.crowdstrike.com
2	addsearch.com	www.crowdstrike.com addsearch.com
1	www.gstatic.com	www.google.com
1	cse.google.com	www.crowdstrike.com
1	u3459990.ct.sendgrid.net	1 redirects
0	eb2.3lift.com Failed
186	41

This site contains links to these domains. Also see Links.

Domain
go.crowdstrike.com
secure.ethicspoint.com
www.crowdstrike.org
partner.crowdstrike.com
blog.crowdstrike.com
twitter.com
www.facebook.com
plus.google.com
www.linkedin.com
www.youtube.com
www.addsearch.com

Subject Issuer	Validity	Valid
www.crowdstrike.com DigiCert SHA2 Extended Validation Server CA	`2018-06-06` - `2020-06-24`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
www.addsearch.com DigiCert SHA2 Extended Validation Server CA	`2017-12-29` - `2019-03-04`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
www.apilayer.net GeoTrust RSA CA 2018	`2018-03-02` - `2019-04-22`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
go.crowdstrike.com DigiCert SHA2 High Assurance Server CA	`2016-04-22` - `2019-07-10`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2018-02-13` - `2019-02-13`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-02-22` - `2019-02-22`	a year	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
*.cdnwidget.com COMODO RSA Domain Validation Secure Server CA	`2018-03-01` - `2019-03-01`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2018-09-19` - `2019-09-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-03` - `2019-09-07`	9 months	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-07-05` - `2019-01-10`	6 months	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Frame ID: 6A13B07D908171888211986FE197D083
Requests: 74 HTTP requests in this frame

Frame: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Frame ID: 0C6E538E01A444B4BB6818FD3E776EB3
Requests: 56 HTTP requests in this frame

Frame: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Frame ID: EE79C6CA3B07BF10EFDE905BE5D8F8B0
Requests: 55 HTTP requests in this frame

Frame: https://www.crowdstrike.com/wp-content/img/cs-logo.svg
Frame ID: AF465C802E7657DE01E5A55A935E160C
Requests: 2 HTTP requests in this frame

Frame: https://app-ab01.marketo.com/index.php/form/XDFrame
Frame ID: 740CD77275A823A4B6B21F21E3B107E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u3459990.ct.sendgrid.net/wf/click?upn=H7aPXv7yEJWMhEeqM8fowydhJWkDjuZazlTzr-2FuQjtCes-2Bbr-2BRfMYll-2... HTTP 302
https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i
env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i
env /pp_(?:alreadyInitialized|descriptions|images|titles)/i

Page Statistics

186
Requests

98 %
HTTPS

31 %
IPv6

32
Domains

41
Subdomains

38
IPs

6
Countries

2509 kB
Transfer

7133 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://go.crowdstrike.com/product-demo-platform.html
Title: WATCH NOW >

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/54989/index.html
Title: Code of Ethics and Compliance

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.org/
Title: CrowdStrike Foundation

Search URL Search Domain Scan URL

URL: https://partner.crowdstrike.com/
Title: Partners Login

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/product-demo.html
Title: Falcon Demos

Search URL Search Domain Scan URL

URL: http://blog.crowdstrike.com/
Title: CrowdStrike Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike/

Search URL Search Domain Scan URL

URL: https://plus.google.com/101967380457820256808/posts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crowdstrike

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u3459990.ct.sendgrid.net/wf/click?upn=H7aPXv7yEJWMhEeqM8fowydhJWkDjuZazlTzr-2FuQjtCes-2Bbr-2BRfMYll-2Bmb16IAeZ2hw2QuSLSPSDqpmDbev-2FEe3U3IUYBq6DVfqOXf7zpbtZuqVKj98l40U1sRRBU7J8vsM7PZIC0sWfvlUYGkNhhgTgTcEIXzonlZ802NlYP-2FjC8GOUKkMrIcFs0ynwmwqwS7gyUBS64-2F62cB7kiOsgKzibf-2Fd-2B-2BHZQgUK5Ew7V-2F86HpruRNEqAV6rgAUOwILV1_xldZNndQ0Fk4frClCuCP-2BiF8Ma0PnosWN12U-2B0FbksVrMNWaE20hxzAGJAw7FZfQBo-2BzCDLlEiS-2FmCbGygPybhGwsAf8aWVsJl4BMrZqXtekbtMhgnEoH27g5jZL3DWisJObWPOevtJScGCuE3MhRPbXpMwy-2BHcScc-2Brnbj8tUrIKn1bKubLYXk1KZqLMPhFXHcPYiNMO81Rbe05cRZRLR-2FC8Q598pToYxJ-2BYvpWMhipVAhLP45CGrDu1S5fX4Ts0juRVbiCpMpwdG3aiZ1IS73xGnPqZq80GftxnqIj81VBykdliWo7Ufx2rq5uA12ENNMUs2NZC7SvBoAIzxJwlAWjaTiHru6vJD9EndHcI-2FDur618LRFgF7Mwp7sM2hphug5jg46LWZaDnvSFz83QdJsy-2FJmXoJv8QG0xenlcKWn9QWAxtWU13P92rrWTPcuO77YT82t9ZV1dl7LPRkLIiuuK2QxIQ5BLlFDLBxq81zMV9tP0uE-2F-2Brvdr3qQqH2A9 HTTP 302
https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?pv=42415794832.49345&cookie=&adroll_s_ref=https%3A//www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&keyw=&arrfrr=https%3A%2F%2Fgo.crowdstrike.com%2FWF-Trial-to-Pay_LP-Registration-Footer.html%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email HTTP 302
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

Request Chain 148

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?pv=74024892279.66838&cookie=&adroll_s_ref=https%3A//www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&keyw=&arrfrr=https%3A%2F%2Fgo.crowdstrike.com%2FWC2018CyberIntrusionServicesCasebook_LPDownload2.html%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email HTTP 302
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

Request Chain 151

https://d.adroll.com/cm/aol/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 152

https://d.adroll.com/cm/index/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975&C=1

Request Chain 153

https://d.adroll.com/cm/n/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expires=365

Request Chain 154

https://d.adroll.com/cm/outbrain/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM

Request Chain 155

https://d.adroll.com/cm/pubmatic/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 156

https://d.adroll.com/cm/taboola/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM

Request Chain 158

https://d.adroll.com/cm/r/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 159

https://d.adroll.com/cm/b/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY

Request Chain 160

https://d.adroll.com/cm/x/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%27) HTTP 302
https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%2527%29

Request Chain 161

https://d.adroll.com/cm/l/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=07685fb1bdaf968cc1e082bed5274216

Request Chain 167

https://d.adroll.com/cm/index/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976&C=1

Request Chain 168

https://d.adroll.com/cm/n/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTlmZmNjZWQ4NDgzMGI4NzZmYmRlMTExOTE3ZjI2NzQ&expires=365

Request Chain 169

https://d.adroll.com/cm/outbrain/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

Request Chain 170

https://d.adroll.com/cm/pubmatic/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 171

https://d.adroll.com/cm/taboola/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

Request Chain 172

https://d.adroll.com/cm/triplelift/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&dongle=c85e

Request Chain 174

https://d.adroll.com/cm/r/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 175

https://d.adroll.com/cm/b/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

Request Chain 176

https://d.adroll.com/cm/x/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%27) HTTP 302
https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%2527%29

Request Chain 177

https://d.adroll.com/cm/l/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=c7a8b3ba93182d19900a6bab395b000c

Request Chain 178

https://d.adroll.com/cm/o/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=c7a8b3ba93182d19900a6bab395b000c HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c7a8b3ba93182d19900a6bab395b000c

Request Chain 179

https://d.adroll.com/cm/g/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=x6izupMYLRmQCmurOVsADA&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=x6izupMYLRmQCmurOVsADA&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

186 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/
Redirect Chain

https://u3459990.ct.sendgrid.net/wf/click?upn=H7aPXv7yEJWMhEeqM8fowydhJWkDjuZazlTzr-2FuQjtCes-2Bbr-2BRfMYll-2Bmb16IAeZ2hw2QuSLSPSDqpmDbev-2FEe3U3IUYBq6DVfqOXf7zpbtZuqVKj98l40U1sRRBU7J8vsM7PZIC0sWfv...
https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report

78 KB
15 KB

335ms
254ms

Document
text/html

2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42c22314f51099ba0ea3b08e1cdf4bc7deb6c666174831e342de951c97d79f5

Request headers

:method: GET
:authority: www.crowdstrike.com
:scheme: https
:path: /resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 18 Dec 2018 17:42:49 GMT
content-type: text/html
set-cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; expires=Wed, 18-Dec-19 17:42:49 GMT; path=/; domain=.crowdstrike.com; HttpOnly
x-amz-id-2: HH94olJeFIQ9TsucBq1g3yrLjxuYOWFlpIUZDrBh/lLkJsYfW2+vhigYJI6T6ApSjCiMLgesYec=
x-amz-request-id: 12110C2CA90A35CC
last-modified: Tue, 11 Dec 2018 22:23:48 GMT
x-amz-version-id: FMv6URhpsisjDlFmVt65xR2OCej.EKy6
etag: W/"b0273a0fb1afec2acf522224913b3cfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48b36da0ee39c283-FRA
content-encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 18 Dec 2018 17:42:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
X-Robots-Tag: noindex, nofollow

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 13:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14466
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33507
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 13:41:44 GMT

GET
H2 200 jquery.prettyPhoto.js Show response
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/ 21 KB
6 KB 271ms
270ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c

Request headers

:path: /resources/wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 11 Dec 2018 22:24:17 GMT
server: cloudflare
x-amz-request-id: 60AA35595C1F03C8
etag: W/"f81c3c778084503cad39095830c6b3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: R2rYHUJNJQ6daLcJZDF_4PMMtME1bgCK
status: 200
cf-ray: 48b36da29c0fc283-FRA
x-amz-id-2: o33rq90yMlbzmDW2Fkc8QaK869yO+zE4wriKVctfBat/sGUPeXgQKSd193Kvs2aAKC0/+2Ujw7U=

GET
H2 200 jquery.flip.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 4 KB
2 KB 33ms
17ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.flip.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc0997fb73941bf769cca6ddc74aecf4dba4999bf00a0535da15559236d5b76

Request headers

:path: /resources/wp-content/custom_js/plugins/jquery.flip.min.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 40A8577D5AC02E71
status: 200
x-amz-version-id: 8jiwvKOe6ucCmU6DQKrsaF0FsQgfb9nX
x-amz-id-2: sOS5Db4TwsEd07Dk2MQDJYZPNNM0ZHFe6kI5Vc3aCz2l9g7H8jTJPqJIx/S1KK133orBp9C7tT0=
last-modified: Tue, 11 Dec 2018 22:24:14 GMT
server: cloudflare
etag: W/"754fcf29adc867efb4196d8cdd289656"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2ac4cc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 jquery.easing.1.3.wrapped.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 7 KB
2 KB 33ms
17ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.easing.1.3.wrapped.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0300012087dee57a051d6abd72c298d9acad1e42d1447f8aabbc7bf253f0dcc1

Request headers

:path: /resources/wp-content/custom_js/plugins/jquery.easing.1.3.wrapped.min.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: A094D4D2598D9FB5
status: 200
x-amz-version-id: VTrpbsWQYNvl5l_nhOnACHDsyN3guzzB
x-amz-id-2: +IjHLo4NWTmygfR8vPPwil7Z9kemiRo2xIROSXGGgAnX6qBnMJ7laBI/vZv5GX35IrKQzFk2Oqk=
last-modified: Tue, 11 Dec 2018 22:24:13 GMT
server: cloudflare
etag: W/"0a23f7ccb0433bd252a0769c91f0ebbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2ac4ec283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 jquery.cj-swipe.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 2 KB
924 B 26ms
11ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.cj-swipe.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f48c986f95a04235efded783989bb4ea3baf9d441119a49cbabd1a345ae08cdc

Request headers

:path: /resources/wp-content/custom_js/plugins/jquery.cj-swipe.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: B4B9BF89C72B44B4
status: 200
x-amz-version-id: KLjyUNBm5J0_7hWA4cFSeQkKdbbmaGKh
x-amz-id-2: wOT0CjARw7iMrewkCZ+mt6MPZEqMdH7oFm/tAgKFZppS8EUpPH/OgnTTcAFRLSEq1egGQVcG+1M=
last-modified: Tue, 11 Dec 2018 22:24:13 GMT
server: cloudflare
etag: W/"4c293dbd0d52ae4afc229e17a6950bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2ac4fc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 jquery-ui.min.js Show response
www.crowdstrike.com/wp-content/custom_js/plugins/ 248 KB
66 KB 51ms
3ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/plugins/jquery-ui.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

:path: /wp-content/custom_js/plugins/jquery-ui.min.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 2F586089758E8F3D
status: 200
x-amz-version-id: L4OwbgVsu5hih1tJJJXx79oSSUPXD3yN
x-amz-id-2: H8q/wW4G9uIzcs4JWwxI8bAAIykfEpjFRWPx6+XeEkL/InqW6JbxPfP4psQaO4k4dpsrCM6JFjk=
last-modified: Tue, 27 Nov 2018 18:20:03 GMT
server: cloudflare
etag: W/"0a497d4661df7b82feee14332ce0bdaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2cc94c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 lightslider.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 16 KB
5 KB 60ms
13ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/lightslider.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a

Request headers

:path: /resources/wp-content/custom_js/plugins/lightslider.min.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 44B2EB7A997885FB
status: 200
x-amz-version-id: rrJN2GWCGZ.v07B6UD6J9lkyhL78iuMb
x-amz-id-2: 89+nH6xKnGV+YMdGGvamIBHz39riMux6o2jY4ljIaxkq+cFasVSDxPcArG1m0NGodt7TX7ys5JI=
last-modified: Tue, 11 Dec 2018 22:24:14 GMT
server: cloudflare
etag: W/"50f50ebefe7e6c7fc39dc21b4d4e5242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2cc96c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 jquery-base.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/ 22 KB
4 KB 44ms
0ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/custom_js/jquery-base.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218b2d4092ae8e75483c52600e140383590205b2d0f03c2e7f3065b38ee0139f

Request headers

:path: /resources/wp-content/custom_js/jquery-base.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5B5C1A80BF4360B2
status: 200
x-amz-version-id: 2hVBCrev0fqf7LbfSlMHxXdzgbKNgmjB
x-amz-id-2: 35EUy7LAY0lAjByMbeIjfm4yXOZsSHK6xuz+wYi9kdp40BqPPUfSYWd66PKpztg8ChRo6FLRfQk=
last-modified: Tue, 11 Dec 2018 22:24:12 GMT
server: cloudflare
etag: W/"c66de985f93f51fa09b2fe6c0e1fae76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da2cc9dc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-fonts.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/ 25 KB
4 KB 32ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce1b6287b7527cd0a3d68ec397ed9f19433f057a730f4bdce654969ba58fa5b

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 16BAC2281B6C7FFD
status: 200
x-amz-version-id: Wj1rNIVA0lOpis2Xa5VdpQFXHRPyYTXn
x-amz-id-2: NxVxjV2kNXN/R191MADZ/iCzM01ytTzYJLOzJ/2n9AJbp5ZyKU6LLQmSvvG6RlAScVzqhVAGD9I=
last-modified: Tue, 27 Nov 2018 18:11:55 GMT
server: cloudflare
etag: W/"812527d476dd1346cafb86bc94f5826f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc71c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-pages.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/ 146 KB
24 KB 49ms
3ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-pages.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf4a030e4250257aa3ef74c27ade1f269a58d6b7325c4c3e36bde6daf78935e

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-pages.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 2C4D0FC732B3616F
status: 200
x-amz-version-id: YlR.kc8Yi_cJw1OPC.EJWlpkjDAMXi.l
x-amz-id-2: JsKv9QM5FEIfXcgSy2p36cFxUI4Xx5VfOOGPg9mIcMvHA1ZBmoISQcOi5aY/cWnarK1xmouXoL0=
last-modified: Fri, 30 Nov 2018 17:47:40 GMT
server: cloudflare
etag: W/"0877b0033b4aba27e7c7c0c6d3235c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc72c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-components.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/ 16 KB
3 KB 44ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-components.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f85a766546b626861fca2007c82b74931a63eea013e56835f6be5bef0f71ff

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-components.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: D67A7FD5B049CBEA
status: 200
x-amz-version-id: YUhr.p6o3.XKV8Ath.gVtDSWAc7uQxzO
x-amz-id-2: o0ajwt72r51RDjCpx0RmsujC1foj0HVXNAbsQsIl70QgXPVoGst/g+mAlFN5YVjTP8IIqZDALuk=
last-modified: Fri, 30 Nov 2018 17:47:40 GMT
server: cloudflare
etag: W/"d877fb35a98ad583570081dca9fb5df8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc73c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-header-footer.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/ 29 KB
6 KB 32ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-header-footer.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8da872d82b58140b45bb8b0538e83a8fb7aa43388233cb35c9c849022e32cd4

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-header-footer.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: F036E0A0FD8E6580
status: 200
x-amz-version-id: WsTUj_6Aelb_mroDmyPdrGwirP3hQotR
x-amz-id-2: wK9BIAmGIoUh3vU/+FtTcwJQ9DPoNIzf297vEHw5UtrQU2ry3luhzbtKmf0N3tV51mm+zsVsMlI=
last-modified: Fri, 30 Nov 2018 17:47:40 GMT
server: cloudflare
etag: W/"551cb7bf3e7be49e146b9ec3b21ddca2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc74c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-resources.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/ 46 KB
9 KB 32ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-resources.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54c96162b8289ea4ed06e2723acb3b5873e0a8be842f885782c1ead58ab5591

Request headers

:path: /resources/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-resources.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: AFAFF42D51A35830
status: 200
x-amz-version-id: Ac2_1DAnxdZCiUmtPei3MDxgnWx99qu9
x-amz-id-2: oyAL+LVF+wE9MQY+p/PnL0S3Rd51bHYw7fFKetESvBlyIJHbK9N/pzKPlCwlL8b/86nR3ydtp5A=
last-modified: Tue, 11 Dec 2018 22:24:17 GMT
server: cloudflare
etag: W/"b62adeee8947a31599c3ba769041a632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc75c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-fonts.css
www.crowdstrike.com/wp-content/new-css/ 18 KB
3 KB 41ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/new-css/crowdstrike-fonts.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2930218d98b2c98df97bbfcbac87448e891f65a6ad033713778a5f174278715e

Request headers

:path: /wp-content/new-css/crowdstrike-fonts.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5CB1B2467DB37840
status: 200
x-amz-version-id: QadISj4R__TNNZuHwA4L87zVZjryfDRE
x-amz-id-2: JH2Y9x/Z1ZsaTG2JQ0d4KF1139tAw02FcZ/CqJnVjq6MVpmsDmn54WwUpj5FMp5Bivs+8bQYUqA=
last-modified: Mon, 17 Apr 2017 20:52:15 GMT
server: cloudflare
etag: W/"258a075c19cebf498afc14efaf717c71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc78c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 crowdstrike-base.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/ 23 KB
5 KB 40ms
0ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-base.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3371f28daadee8d511e5fdb27d79f11de7988285b59cb88123e8291408df9ce5

Request headers

:path: /resources/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-base.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6EF9B32624302030
status: 200
x-amz-version-id: CbNWwPWPTF8iaDCz8fdhp5IEwgPzzHHt
x-amz-id-2: ITZPUkbfPnusLKtlXdHa44gy8OdriQFuZ0UoTxdWltCivMAjEvNLM9aBWV0hQooVLxWaPki8zhA=
last-modified: Mon, 26 Nov 2018 21:36:26 GMT
server: cloudflare
etag: W/"bc17cea379fbcb05a0081c3be691c093"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da2bc79c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 js_composer.min.css
www.crowdstrike.com/wp-content/plugins/js_composer/assets/css/ 711 KB
56 KB 297ms
251ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd

Request headers

:path: /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:11:52 GMT
server: cloudflare
x-amz-request-id: 259C75F180FFAF3F
etag: W/"75524a37b1fdfa976ca2a302619812ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: AM5P2zMFhLqFqo14OHJS7r1ArQ87Mvig
status: 200
cf-ray: 48b36da2bc7ac283-FRA
x-amz-id-2: AFnPqR2tPnNB+Vs9T/8hKRW/+iu5nsY4uS9ZGfVrp3ByZuarJambKFmlLBFynin6seXIOFbFutc=

GET
H2 200 settings.css
www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/css/ 33 KB
7 KB 264ms
219ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9be27c60a1df3dff3d8e4f98a6793ba65022c05d2414ada14a7acd2e36698f

Request headers

:path: /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 28 Feb 2017 22:05:27 GMT
server: cloudflare
x-amz-request-id: 84C3B1B4CB244CD7
etag: W/"db8b3df96f51e622970e3f0402e5e287"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RhfkHnFQ2zkWFFsrzI7nZ2VAx7mAmWxw
status: 200
cf-ray: 48b36da2bc7bc283-FRA
x-amz-id-2: MdIV2U3ACcHDYzvuEqvJqsyGK1kcetmb+XVnv5dY1Sdp9xD6sDAQ2fyA78AsicprIDemN69xh7A=

GET
H2 200 css
fonts.googleapis.com/ 3 KB
579 B 44ms
0ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko%3A300%2C400%2C500&ver=4.9

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

182678071a390e93d21e00bd79c2dfffb06bf5a6d8cc7acc3ffb12fc64988385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Dec 2018 17:42:50 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 18 Dec 2018 17:42:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:50 GMT

GET
H2 200 style.css
www.crowdstrike.com/wp-content/themes/Total/ 202 KB
35 KB 217ms
172ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/style.css?ver=4.9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35101d007f18afeb15ec1a5926befd059ce5e0ae1c8a480e7cbc1ad42cef5a9a

Request headers

:path: /wp-content/themes/Total/style.css?ver=4.9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:19:34 GMT
server: cloudflare
x-amz-request-id: 0B8DDD58F3D2DDA7
etag: W/"7eb4c276d265dc9b17f84084e3a6df77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: oJcX63KKo.ZOtu0BzB9rZcc8upQvboIw
status: 200
cf-ray: 48b36da2bc7dc283-FRA
x-amz-id-2: YyE/E4lpYHjTgi1PFownHd/Px7OuuL2slDTbNzBvqb3/GF4TRbV6AICkHWFwNJTpb1PN4JUd3vM=

GET
H2 200 prettyPhoto.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/ 19 KB
3 KB 238ms
193ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/prettyPhoto.css?ver=4.9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/cs/prettyPhoto.css?ver=4.9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:13:12 GMT
server: cloudflare
x-amz-request-id: 62CA451E137D395E
etag: W/"e8d324d0a1c308cc2c9fdddb263223d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 8s9E.R_yieLRfuNgTkHSjFrSCeqO2D6Y
status: 200
cf-ray: 48b36da2bc7ec283-FRA
x-amz-id-2: lNMpXx3ADaOgIlROwX39XRfbeG3tXJxFtTkYlMPU9i409IKqMpn5dopRt30QBCD7hujmtnZFNI4=

GET
H2 200 crowdstrike-resources.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/ 40 KB
8 KB 233ms
188ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-resources.css?ver=4.9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a4535ab8a85b397c6ab3a1f5a3a8a0cd098ff913fe2a013f12f8331cb33d60

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-resources.css?ver=4.9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Fri, 30 Nov 2018 17:47:40 GMT
server: cloudflare
x-amz-request-id: 9664508D6BC49B47
etag: W/"b8227a3a268bbbacac42743fc0e6ec2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9st775OZAB0LUnx0wQuYK4yyOn_rx.Vz
status: 200
cf-ray: 48b36da2bc80c283-FRA
x-amz-id-2: L63cuJOvejYRfos50T2MbXarcVzjSlvkEzzi3C9XpKD+hUZMSkql2oaSLZEFbOATvzSJg8UyYpI=

GET
H2 200 font-awesome.min.css
www.crowdstrike.com/wp-content/themes/Total/css/lib/ 27 KB
6 KB 241ms
195ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/css/lib/font-awesome.min.css?ver=4.3.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6b47fc2e4648d1f3173437faf2065ecd7cc89142d338151bf0b0c2404b5005

Request headers

:path: /wp-content/themes/Total/css/lib/font-awesome.min.css?ver=4.3.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:15:47 GMT
server: cloudflare
x-amz-request-id: E1FEFE51908A3A47
etag: W/"1a2da6a6f65981e490a4baa0b382bd76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: DRD02A68RhM9NR75qiXaWUR6uZeFSHio
status: 200
cf-ray: 48b36da2bc81c283-FRA
x-amz-id-2: A0iwef+Rm4OI/2CykjpwImJu7wy7WpWykoC8xgcjREnJKa0R+qSA+hCgi5QofQOK7xVRXUIxVo8=

GET
H2 200 style.css
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/ 14 KB
3 KB 235ms
190ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/style.css?ver=3.4.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8531ddc02bab94701064159a816171dbd641bfe0949c2e0b231b2203a1af6b80

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/style.css?ver=3.4.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:13:15 GMT
server: cloudflare
x-amz-request-id: 9B7CA9555B992D21
etag: W/"621a7c40d980038640a98f0f3536cd16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gzTnnT5IBByHhgU1wX6ZguWGgyonoIu.
status: 200
cf-ray: 48b36da2bc82c283-FRA
x-amz-id-2: FarfCAJ1HMK8QmKHDY6P5OTA7a/s/ETQKWFP4QVYWVxorc6ub6Ptw8CUYU9YeD9Bbw6/GgXhKTw=

GET
H2 200 wpex-visual-composer.css
www.crowdstrike.com/wp-content/themes/Total/css/ 21 KB
4 KB 246ms
202ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/css/wpex-visual-composer.css?ver=3.4.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633a7b4d57e877017e7527236411c514c932b590f817596dd13af817946dc6df

Request headers

:path: /wp-content/themes/Total/css/wpex-visual-composer.css?ver=3.4.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:15:52 GMT
server: cloudflare
x-amz-request-id: 91E818C757D900AA
etag: W/"b5ca5e5714e3c83db89b9fe0f706fb37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: VzRf7.YWF7zdZNe7t7hQrNdQ28ANu4E8
status: 200
cf-ray: 48b36da2bc83c283-FRA
x-amz-id-2: XAM+tyEGSza0r8Hvr2vmK2UGEEUPgVBjvaK5FtTCUvn/qvaKB07zlu7qXXqcZw8STmOjG1EDYCY=

GET
H2 200 wpex-visual-composer-extend.css
www.crowdstrike.com/wp-content/themes/Total/css/ 36 KB
6 KB 327ms
283ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/css/wpex-visual-composer-extend.css?ver=3.4.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e89c1a622073ff29d3d15454c87aaa907a6ce14bc585dca0758ac277631af4

Request headers

:path: /wp-content/themes/Total/css/wpex-visual-composer-extend.css?ver=3.4.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:15:52 GMT
server: cloudflare
x-amz-request-id: 7AB338DA9A60396B
etag: W/"34cf386947b3c746289c34f47bc78fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _mIsyGnhvXxyEvITAiEq4K3Yljdbe4o8
status: 200
cf-ray: 48b36da2bc85c283-FRA
x-amz-id-2: 8gEAv6Qy+6v5G36/4aYIfPk16XzjhyDGh4Vjnj+pJCMoBUP+AyOrlnMTe63GYcXRhwJBE1Zeyk8=

GET
H2 200 wpex-responsive.css
www.crowdstrike.com/wp-content/themes/Total/css/ 18 KB
4 KB 224ms
180ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/css/wpex-responsive.css?ver=3.4.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00798fc7cfe79e0e6f909c08bde3337f8132fa09e9f01318cc997f9d62a2bfb9

Request headers

:path: /wp-content/themes/Total/css/wpex-responsive.css?ver=3.4.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:15:50 GMT
server: cloudflare
x-amz-request-id: D74DB802D9B3E01A
etag: W/"114aa455cb3d24c0c808366bdae7b2bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0yKv0swGZOL6luXrnJcnrN9yYtAcMcvU
status: 200
cf-ray: 48b36da2bc86c283-FRA
x-amz-id-2: HBGGy58pUsOnHfFmua0alFvyv/vnTJSmVSgTBAnefmigIpNxtU/bnXpBy9AtQ4cKc2DdbK1RtR4=

GET
H2 200 agent-style.css
www.crowdstrike.com/wp-content/themes/Total/skins/classes/agent/css/ 12 KB
3 KB 226ms
183ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/skins/classes/agent/css/agent-style.css?ver=1.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13860fa49f9709e5237bc161dafea2e9a5664c98df9e65e4a90e14fb93eacc6c

Request headers

:path: /wp-content/themes/Total/skins/classes/agent/css/agent-style.css?ver=1.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: text/css
last-modified: Tue, 27 Nov 2018 18:19:29 GMT
server: cloudflare
x-amz-request-id: B6B147D9CBB72985
etag: W/"f667413df8c8853b9e1c92a5c68ff1df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: L7eigxg1nwxOnHEE.vXA5YARThkoIU72
status: 200
cf-ray: 48b36da2bc88c283-FRA
x-amz-id-2: 1Snshlnd+k/pC2Y7ED1CNH3DnUtxtwcxieYM7ylAiQG1qx7MrXcUoE+UOdIQh4KwnanRmQ7GciM=

GET
H2 200 jquery.js Show response
www.crowdstrike.com/wp-includes/js/jquery/ 95 KB
33 KB 240ms
197ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 27 Nov 2018 18:19:54 GMT
server: cloudflare
x-amz-request-id: 357EF91ECDEF4382
etag: W/"8610f03fe77640dee8c4cc924e060f12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: V32gQZ_5xYCcUctFW_2Ub90YR5ZY4p9y
status: 200
cf-ray: 48b36da2cc9fc283-FRA
x-amz-id-2: 9OOWtxuBB6rJmGDUD6tOIndGlsuo6bcXyIXzpTdCvJLWqbQceP+DVTKxeMIyAg1B2oaA9zFI0vg=

GET
H2 200 lightbox.js Show response
www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/ 29 KB
11 KB 232ms
189ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b7aec5587b37dacb4d88e9f7fbc6c8c4214f234b54a5bee2bcba5f74afb32b

Request headers

:path: /wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 28 Feb 2017 22:05:30 GMT
server: cloudflare
x-amz-request-id: 01CDEDAC38AF9613
etag: W/"4372d88a0e50a15ee53585816856b278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: q6bhSI8dvk.s0HEq9RqNGL4PaJvr4QL9
status: 200
cf-ray: 48b36da2cca0c283-FRA
x-amz-id-2: opgMdlC1HxycCFw+QuNH6cu90yJP9ain/TVsE3QHhTfOd9b4DR4hULruSmDKeC/mGZU5l6eX4lM=

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/ 99 KB
35 KB 235ms
192ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2173bda07583c48887c926e95bf4e5b0f6797d536c3af1975820d45bc479c76a

Request headers

:path: /wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 28 Feb 2017 22:05:29 GMT
server: cloudflare
x-amz-request-id: 072D68CF2152F9C8
etag: W/"112071ba5d19d0d1513b8d4b2ccb529a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: NCbbbDrlmqQHs9.9pcNZSGfeAHSaOyp6
status: 200
cf-ray: 48b36da2cca1c283-FRA
x-amz-id-2: +zJuVr56661SDd8ypBGRNAUnbbY4IOjgSiUsPGAbFNtcVdLncQfguzZSij/N2HOtnSdMSfd4Lp4=

GET
H2 200 jquery.themepunch.essential.min.js Show response
www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/ 119 KB
25 KB 290ms
289ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad07f7e4c992a797ddae26a89b57b9addbb1d74ab42559858041ea1020786c2

Request headers

:path: /wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 28 Feb 2017 22:05:28 GMT
server: cloudflare
x-amz-request-id: E6EFE22898E1F959
etag: W/"bdd9e84359cfe363323c69f7856eddbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: YnMtbzMyZHULUvWolHYMmJm3v8OU5Wu7
status: 200
cf-ray: 48b36da6b973c283-FRA
x-amz-id-2: c/iyyoN0rZcnHw0x7uOZTjfvKdfAn3Sw/MI07VTBfHpmICVzI/C6tq0B2W+/L4YefUPhposGjJA=

GET
H2 404 style_fix.css
www.crowdstrike.com/wp-content/themes/Total/ 0
0 412ms
398ms Stylesheet
text/html 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/style_fix.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /wp-content/themes/Total/style_fix.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
x-amz-error-code: NoSuchKey
cf-cache-status: EXPIRED
x-amz-request-id: 292916418A19721D
x-amz-error-message: The specified key does not exist.
status: 404
content-encoding: gzip
content-type: text/html
x-amz-id-2: XTHKiLDP+RtqnSJ7rOzbwY+71v8HvH4JvrwWbz8XeME8DSu54rHoNZ3dYltuN1JqyY2f4gwyRjk=
last-modified: Tue, 27 Nov 2018 18:04:07 GMT
server: cloudflare
etag: W/"01c140ed6e99005a09e433df46e411e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-error-detail-key: wp-content/themes/Total/style_fix.css
x-amz-version-id: _qgM0vbpdOqGVVh5YcMZkuDols0OFOrh
cache-control: public, max-age=3600
cf-ray: 48b36da36ee7c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 style.cs.css
www.crowdstrike.com/wp-content/themes/Total/ 258 KB
41 KB 45ms
32ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc81da89d941df8f10ce343f9bc90a33bc8ce8ff397940b7c1ac7459e7367e78

Request headers

:path: /wp-content/themes/Total/style.cs.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: FF9FF06D08B33EB0
status: 200
x-amz-version-id: iu.Om0o7q3pH_RdWEppDcUEqLer3EA8G
x-amz-id-2: V1mFtQWUe+n6GIG8ab+XvrHfxI+ExiJm+pG6mV/MQcQ9iu6X82KWLaCmeGRwRcHJCoBHvLb6jQI=
last-modified: Tue, 27 Nov 2018 18:19:33 GMT
server: cloudflare
etag: W/"d0b6632a2a3fffe7458355defc29f971"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36da36ee8c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 set_tracking.js Show response
www.crowdstrike.com/wp-content/custom_js/ 3 KB
1 KB 27ms
13ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set_tracking.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e65d391914c3234ed0c78ba58c01f2de221346af2dbcce936abacc24c55eea

Request headers

:path: /wp-content/custom_js/set_tracking.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 54978F15F0CB6E30
status: 200
x-amz-version-id: gvPh2.qMEI4BBr8IpBJaG36kaVcE4AcU
x-amz-id-2: C0UoIWAlI1Qd7swVVNYVGwrVCrbakDWwZ7sj3WOqLMLviA5gD+8iZPVgUXn56enXYQSLxdbm3AA=
last-modified: Tue, 27 Nov 2018 18:20:14 GMT
server: cloudflare
etag: W/"cf74d37541f7771cabb9c93a017fff65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da36ee9c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 2 KB
1 KB 125ms
18ms Script
application/javascript 52.166.11.26
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

nginx /

Resource Hash

06700f6c9628c8b7e06de86b97cfe32d88c9461178ba01c472671837ed7578a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ServicesEAB80x80.svg
www.crowdstrike.com/wp-content/uploads/2018/05/ 1 KB
944 B 14ms
12ms Image
image/svg+xml 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2018/05/ServicesEAB80x80.svg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c57252ccd7eb05486c77263f6c6212b26dd396d7b92fae37244a8201e33648

Request headers

:path: /wp-content/uploads/2018/05/ServicesEAB80x80.svg
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: C17BA110ECB3888B
status: 200
x-amz-version-id: FSMSVKIBxU.WaJ_C0TrNWnEjA0S4xN7Y
x-amz-id-2: YBSjvyzaKRzAZ73iSipxGJBZRQNjKvUGKZDaUn60+eKfpL1NulPgg9i0G7aW8tG9l/gsisgcHSE=
last-modified: Thu, 28 Jun 2018 02:06:33 GMT
server: cloudflare
etag: W/"33f02de3a81501e3f3ca63d3c9bb322d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 48b36da7ccd9c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 Partners80x80.svg
www.crowdstrike.com/wp-content/uploads/2018/05/ 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2018/05/Partners80x80.svg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c92cbd28b44e143836dc7e031d87335e48f041ee07c48b75c231e64b34408d9

Request headers

:path: /wp-content/uploads/2018/05/Partners80x80.svg
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5EAB04A872779C0E
status: 200
x-amz-version-id: yQrVFYbTnPY_G_VNTn.jc0WpoLC83qmj
x-amz-id-2: QHO1AE2uaax2D8H8J4BrQPH/IhZ5LhJntUje+HTTM+YKxnXrHxfT5Mt9+ptz3UmaXZnJLE3AGzQ=
last-modified: Thu, 28 Jun 2018 02:06:32 GMT
server: cloudflare
etag: W/"91578c220729a8e61a1a5d5a79ec2d9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 48b36da7ccddc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 ResourcesReports80x80.svg
www.crowdstrike.com/wp-content/uploads/2018/05/ 1 KB
884 B 15ms
13ms Image
image/svg+xml 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2018/05/ResourcesReports80x80.svg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a67e7556ccb810ba272b9cd2aa3beb81a54f29003aaacd0ab746fab90ce4268

Request headers

:path: /wp-content/uploads/2018/05/ResourcesReports80x80.svg
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E12C192BFBE6BB48
status: 200
x-amz-version-id: WdCyZvhzVYUrKzBgqbsu_0WhjAFX4_I8
x-amz-id-2: K5HeKElJlpl4NxwPH7IbUwErKgDumCI4+ivLl6b2YGLuizb2+IYzMdgSW7B9idiEfDwuiGTKYDY=
last-modified: Thu, 28 Jun 2018 02:06:33 GMT
server: cloudflare
etag: W/"a05521af69d1425c71763fc09c6cc648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 48b36da7ccdec283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 caseBook-Cover-V3.png
www.crowdstrike.com/resources/wp-content/uploads/2018/12/ 155 KB
156 KB 24ms
22ms Image
image/png 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/resources/wp-content/uploads/2018/12/caseBook-Cover-V3.png
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba07f1bd34e54ae1d4914794a3490b1d2f54438769fa0e8614071d92dbde0d23

Request headers

:path: /resources/wp-content/uploads/2018/12/caseBook-Cover-V3.png
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: 98ED98D309D28172
cf-polished: origSize=160492
cf-ray: 48b36da7ccdfc283-FRA
status: 200
last-modified: Tue, 11 Dec 2018 22:27:50 GMT
content-length: 158889
x-amz-id-2: zSGn++nAudjusqQyVJmOsSK5NO+zg0qwP3MdGAlgtr9zd0nMdZCi9htE/6lfBQSGUV++QDlVxec=
cf-bgj: imgq:100
server: cloudflare
etag: "08dd399a068f5235bf76ea5173816343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gLDr1nUMJe5E9WS0.JEhivmNC3ur.Hop
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/png
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
513 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&ver=4.9

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

68fd0c06d8a213544b18ac16739513e900ddc39f3928448d8663bd2b9ce87862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Dec 2018 17:42:50 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 18 Dec 2018 17:42:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:50 GMT

GET
H2 200 jquery.prettyPhoto.js Show response
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/js/ 21 KB
6 KB 217ms
215ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 27 Nov 2018 18:13:12 GMT
server: cloudflare
x-amz-request-id: 4838E9E44BCDD341
etag: W/"f81c3c778084503cad39095830c6b3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5balolZzL5.foHqMnLacPyRhIteI77ol
status: 200
cf-ray: 48b36da7cce0c283-FRA
x-amz-id-2: WG6KHiKPBbetRgKa4KfhkabfopNINYtNxPAapdVi+2EgcwjPo2ZHb3A3/tgiatyvYS78IV0ZuWQ=

GET
H2 200 comment-reply.min.js Show response
www.crowdstrike.com/wp-includes/js/ 1 KB
857 B 215ms
214ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-includes/js/comment-reply.min.js?ver=4.9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=4.9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 23:15:28 GMT
server: cloudflare
x-amz-request-id: BAE47B0948F8A771
etag: W/"56bc2726d829207bfa802f957aac0791"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: FjchcuLsvCa8l2IrwXb5RRthzaD6vnnS
status: 200
cf-ray: 48b36da7cce1c283-FRA
x-amz-id-2: CI9q71tp0/jQEkd/1MolXF4dkHX7AZF9gqamM49Pe0zKLOAB+IxEXVWq/iIQEYK9nWE/4Uq5vwI=

GET
H2 200 total-min.js Show response
www.crowdstrike.com/wp-content/themes/Total/js/ 419 KB
92 KB 226ms
225ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/js/total-min.js?ver=3.4.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84af42a699988e6446d1c4597d80b0631a8fc0e56b8059f526bc97275005e9cb

Request headers

:path: /wp-content/themes/Total/js/total-min.js?ver=3.4.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 27 Nov 2018 18:18:49 GMT
server: cloudflare
x-amz-request-id: C1F1E7C0A3FEBCF8
etag: W/"ba232ff1b3f9417601be484bdc03f7f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tHo2tOoml7Mkwv1bREFH_YObfrg6WAls
status: 200
cf-ray: 48b36da4bb4dc283-FRA
x-amz-id-2: IQLKqLrmB0VXBwV7ypyaaojFjEalCi3EYgA9oat+Z+OkGX7q7dhBUBzXk7KlucD9mx4xBeW9Q/U=

GET
H2 200 wp-embed.min.js Show response
www.crowdstrike.com/wp-includes/js/ 1 KB
977 B 225ms
224ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-includes/js/wp-embed.min.js?ver=4.9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 27 Nov 2018 18:19:55 GMT
server: cloudflare
x-amz-request-id: 2588CE8FA516134D
etag: W/"5a03f97cc479b9f5d7efdaccec31bc17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .jbcSwcgzjrAXbZ6DqbA0ztqaY7dHemJ
status: 200
cf-ray: 48b36da7cce2c283-FRA
x-amz-id-2: IOu06P61VJUhqiB5vOtt3EWgnOzHPcNRtuEYiW9JVkkaME2Xm779JD9IEEjl7DjDmCmYw8zG9ik=

GET
H2 200 js_composer_front.min.js Show response
www.crowdstrike.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 224ms
223ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2.1
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac

Request headers

:path: /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2.1
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 27 Nov 2018 18:11:53 GMT
server: cloudflare
x-amz-request-id: 7AB2A7D078DA0045
etag: W/"1b9a9d83b03c320fb2351c0713248761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bqt42yL9VrAHYFrnnFhIW58COPUe8aIB
status: 200
cf-ray: 48b36da7cce3c283-FRA
x-amz-id-2: vbWuPgcUWG094ttYcUbk3St9TKDdQ+8+YoKAmeuJPCf26pqw/iuTgWKfeeE65nyrO7iFQWbBPwU=

GET
H2 200 cs_menu.js Show response
www.crowdstrike.com/wp-content/themes/Total/js/ 5 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/js/cs_menu.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796c7745023e1dde305650acd08803c06efddabf993595dbb8abe1f2f6160362

Request headers

:path: /wp-content/themes/Total/js/cs_menu.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E2967489D2D5DF37
status: 200
x-amz-version-id: ys3oXOHQccnp_HbDvrpfMQyNFaWYrfh.
x-amz-id-2: lsfJSdz5AkYflaAifvEB9LodtcgswY7b0md6E/FXQoJfwYX80yKYKJC19qkIQX9w03hG+iLp1is=
last-modified: Tue, 27 Nov 2018 18:18:32 GMT
server: cloudflare
etag: W/"36c1dedfd254965f7d62a4f86c022dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da57ddcc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 set-utm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1 KB
748 B 12ms
12ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set-utm-cookies.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8117c8a7e885205eee8bcab4a30d4a304729da61f094d29871e8fc7c721c4456

Request headers

:path: /wp-content/custom_js/set-utm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: BA10D8C6432341B3
status: 200
x-amz-version-id: n4bQq0Zo5r3.eoIExP.AF3EmDPqOkBWl
x-amz-id-2: 26xamovoREjsVg7uLerdtGwAqKf3wcobtuXVQ9vjkb1wdTSshnT99bxD/69OP+JVixI8zzwtQeI=
last-modified: Tue, 27 Nov 2018 18:20:13 GMT
server: cloudflare
etag: W/"7c429891d15c5cfa0947bceb6916815e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da59e39c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1 KB
706 B 18ms
17ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e530db53062089708537e511833c28b4bfc74e444e956e4fe7ce2e091ccd90b

Request headers

:path: /wp-content/custom_js/set-ctm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 8C085C588B7B656E
status: 200
x-amz-version-id: 5Re2GOvFdyT7MdIpy2ze0opEJkTy9Gcd
x-amz-id-2: f3JzYIK5NWsZssUM5tdb5kFmSJn53WJ0AIzQ8MZGMjzMJFcUYxaQPD8SoR9A/1FC8DNGseNcsa8=
last-modified: Fri, 14 Dec 2018 18:56:40 GMT
server: cloudflare
etag: W/"b1fb87e80528be927436e6b7ca59fac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da5ce8bc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 retrieve-utm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1 KB
756 B 27ms
26ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/retrieve-utm-cookies.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ca6eabb420758aa2d6c907cebea4cce2b76f8d887aec18d9e83659cf4c2a78

Request headers

:path: /wp-content/custom_js/retrieve-utm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 682863364FB49AD4
status: 200
x-amz-version-id: kUzzuLRRF_S3rntlQkghwJF6xbtTMjDJ
x-amz-id-2: GBeeUJlThvmPzhktUndeP7ArONtflCcYx4w/v2evwdO7TNLD5/wAxxmQr1oiXeuVtSzXYtcuPVk=
last-modified: Tue, 27 Nov 2018 18:20:11 GMT
server: cloudflare
etag: W/"ac57e5b5af25529d0682cd716c58339c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da5eef2c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 retrieve-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1 KB
761 B 25ms
25ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/retrieve-ctm-cookies.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b12f729f6e038efce3a2c1b339b0b0eb6abd9183818857aa377dc82ecf88236

Request headers

:path: /wp-content/custom_js/retrieve-ctm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: DC77F70F637361E7
status: 200
x-amz-version-id: nwkavna4j1sP7ctTDjsg3GOaHGo0DoYz
x-amz-id-2: vVNMMuQEZVy6ZcEtMlbshMm3wJR96plDYXRBKlj97VR19kJmgwkoj0XLli7NtUZl5IwQ0AOwnT0=
last-modified: Fri, 14 Dec 2018 18:58:10 GMT
server: cloudflare
etag: W/"01686cbcf10865432e5a5996e226a44b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da61f6dc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 event_tracking.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1 KB
554 B 12ms
11ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/event_tracking.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a064f3625001979cf1ac8f806587e0c947056b3ad441b0d70eee8c4c6ceb7c42

Request headers

:path: /wp-content/custom_js/event_tracking.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 2533517F70565F5B
status: 200
x-amz-version-id: X.TC4Q8Jvc_XP7MAfUociHeN9UFavAuy
x-amz-id-2: sIC/JEQsYI42/hqW/DPNhKWGbf0Rb7/Fs/5jjc2SxoigXgjWiGq7Fe19A/794WnOZsKYJu6QImk=
last-modified: Tue, 27 Nov 2018 18:19:56 GMT
server: cloudflare
etag: W/"8fc383f80e946aa25788e3f317ad0f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36da688cbc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 5314
date: Tue, 18 Dec 2018 16:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Tue, 18 Dec 2018 18:14:16 GMT

GET
H2 404 style_fix.css
www.crowdstrike.com/wp-content/themes/Total/ 0
0 53ms
53ms Stylesheet
text/html 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/style_fix.css
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /wp-content/themes/Total/style_fix.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
x-amz-error-code: NoSuchKey
cf-cache-status: HIT
x-amz-request-id: 292916418A19721D
x-amz-error-message: The specified key does not exist.
status: 404
content-encoding: gzip
content-type: text/html
x-amz-id-2: XTHKiLDP+RtqnSJ7rOzbwY+71v8HvH4JvrwWbz8XeME8DSu54rHoNZ3dYltuN1JqyY2f4gwyRjk=
last-modified: Tue, 27 Nov 2018 18:04:07 GMT
server: cloudflare
etag: W/"01c140ed6e99005a09e433df46e411e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-error-detail-key: wp-content/themes/Total/style_fix.css
x-amz-version-id: _qgM0vbpdOqGVVh5YcMZkuDols0OFOrh
cache-control: public, max-age=3600
cf-ray: 48b36da7ac77c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 54 KB
21 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N8HXDD2&cid=721406751.1545154971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

da8cb8957a11094c70a4e1d060a63b22f908cf04639a5071fd42564817014807

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21572
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:50 GMT

GET
H/1.1 200
OK check Show response
api.ipstack.com/ 276 B
630 B 1665ms
184ms Script
application/json 23.246.243.35
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=c4145bb60c6eaa1379ba0a6589da27de&legacy=1&callback=jQuery112403483080023521672_1545154970820&_=1545154970821
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.246.243.35 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 23.f3.f617.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: bd865ef23b5371d37d427d59b5b4b708c1738ec68473536e0a42b789f3a35505

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Server: nginx
X-Apilayer-Transaction-Id: eaa86810-2264-4e13-b4ca-ec5cfc9a94c2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type: application/json; Charset=UTF-8
Access-Control-Allow-Origin: *
X-Request-Time: 0.029

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
3 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

b9ce1c289bc9aaa511a8dbe5451a34c39b7e1dcd04591634d317ae74b74b1737

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3230
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:50 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 52 KB
14 KB 36ms
35ms Script
application/javascript 52.166.11.26
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/searchui/v3/?key=7737a29b854de71521b1cd72c4118cfc&i=

Requested by

Host: addsearch.com
URL: https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

nginx /

Resource Hash

7a00e5df00af10491323dab5e15374debae190aab3b2928b6c03df8456cbf6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET WC2018CyberIntrusionServicesCasebook_LPDownload2.html
go.crowdstrike.com/ Frame 0C6E 0
0

GET
H2 200 lightgreyglobebg.png
www.crowdstrike.com/wp-content/uploads/2018/11/ 19 KB
20 KB 20ms
20ms Image
image/png 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crowdstrike.com/wp-content/uploads/2018/11/lightgreyglobebg.png
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18ec4b0d01e6b4cdd71bc71588dbb1f5c7e1a4fbba0b2ff47172554236101ae

Request headers

:path: /wp-content/uploads/2018/11/lightgreyglobebg.png
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-header-footer.css
:scheme: https
:method: GET
Referer: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-header-footer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: 815845D5E52EF316
cf-polished: pngoptimizer, origSize=24771
cf-ray: 48b36da87f66c283-FRA
status: 200
last-modified: Tue, 27 Nov 2018 18:19:53 GMT
content-length: 19897
x-amz-id-2: M80tZmxLUboUS25eZFd3IkxdzZREDXkJ0/SESyCCLI5lziwZu1GyFMump65FE6I4nejP8onRVhM=
cf-bgj: imgq:100
server: cloudflare
etag: "879696cde98851e22a1b0e32a2490bc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mMMskyPqso9_RNZY8_qVogmh_IsK_4fW
cache-control: public, max-age=3600
accept-ranges: bytes
content-type: image/png
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/wp-content/themes/Total/fonts/ 17 KB
17 KB 30ms
28ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/karla-regular-webfont.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Request headers

:path: /wp-content/themes/Total/fonts/karla-regular-webfont.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: F32AA619C26A7A16
status: 200
content-type: application/x-font-woff
content-length: 17512
x-amz-id-2: 1izcB3heUzJfpV8kCBF2jZ6IXslTmvTTlaOB1atJFtoX0MG2ZA+s3VTFeZbVqPfpk83r2J9n8EI=
last-modified: Tue, 27 Nov 2018 18:17:33 GMT
server: cloudflare
etag: "6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _fux1t7oMxqpOd0gJb7QNvhDJ5LAfCKv
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da89facc283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 fontawesome-webfont.woff2
www.crowdstrike.com/wp-content/themes/Total/fonts/ 75 KB
76 KB 222ms
221ms Font
binary/octet-stream 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/Total/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-type: binary/octet-stream
last-modified: Tue, 27 Nov 2018 18:17:17 GMT
server: cloudflare
x-amz-request-id: A7A2C6474AA647BA
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: myUtfTG.6JAutUwSFeU9fWPXe78YNSWy
status: 200
cf-ray: 48b36da89faec283-FRA
content-length: 77160
x-amz-id-2: QQkU28iUQ72FexOrpKWxGUztmu6d4dePF+GEKr5XEVHr4sIClyH+OjIcmpK1ZFtnsYpRKUd+w/w=

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/wp-content/themes/Total/fonts/ 76 KB
76 KB 228ms
227ms Font
binary/octet-stream 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/crowdstrike.ttf?n9zbs9
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4065673ebda1df1b479a99a366d0e50d722f1c3214f7be8b95ccdae1e6d1c22

Request headers

:path: /wp-content/themes/Total/fonts/crowdstrike.ttf?n9zbs9
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-type: binary/octet-stream
last-modified: Tue, 27 Nov 2018 18:17:12 GMT
server: cloudflare
x-amz-request-id: 0E0EE3389BC2C6B1
etag: "1a3312b54d26726aacb71e9580fc0725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Uw11puyDdnYnf61KJdbG78LvtjDOvIi_
status: 200
cf-ray: 48b36da89fb1c283-FRA
content-length: 77956
x-amz-id-2: jJu9chWAAOSD+sYEXniDujLlQDuhMEb+pYdLRyOFflH9jZavNIGlAVr/rOAPfJRXhHFS96zp/ek=

GET
H2 200 Batman-Book.otf
www.crowdstrike.com/wp-content/themes/Total/fonts/ 66 KB
67 KB 23ms
22ms Font
binary/octet-stream 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/Batman-Book.otf
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f13811af8ffa2ed4056e972230f724ab550386ee12d6590302cb4114ae3c880f

Request headers

:path: /wp-content/themes/Total/fonts/Batman-Book.otf
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: 5A30544ACF99D1ED
status: 200
content-type: binary/octet-stream
content-length: 67874
x-amz-id-2: EFx387zp2Ltt/19UAwnVeae9wapUB8u3Hh2d/OxzF+4Q8dnSM5zk9i8j5+wWGn6VoRjyyTekGP0=
last-modified: Tue, 27 Nov 2018 18:16:24 GMT
server: cloudflare
etag: "60331cca859d8d6a6b3bb8287d598ebf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 8T5Bp1uZ53SIE6X5wlr3srGm.ywIf.Dg
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da89fb2c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 Batman-Light.otf
www.crowdstrike.com/wp-content/themes/Total/fonts/ 66 KB
67 KB 30ms
29ms Font
binary/octet-stream 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/Batman-Light.otf
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b5aaeebef58c37a9ff0662decd51762c5923053a59cb67a503e936ef80cf38

Request headers

:path: /wp-content/themes/Total/fonts/Batman-Light.otf
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: C87A85B7BDC14515
status: 200
content-type: binary/octet-stream
content-length: 68022
x-amz-id-2: fDT+JRc3CdrTlVhwIkZ2SfiOtUYbmuUhDr62KdKSIoVbTydiOhdpmhLi7P/UUZ2eIDohKsrwgc0=
last-modified: Tue, 27 Nov 2018 18:16:29 GMT
server: cloudflare
etag: "b1665ef6fa0c74fa267ef756a53a6f16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1vvhbGMTpYMRmJ0WZ9sm3_H31f8JBhcJ
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da89fb4c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 karla-bold-webfont.woff
www.crowdstrike.com/wp-content/themes/Total/fonts/ 18 KB
18 KB 24ms
23ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/karla-bold-webfont.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91c4ae88469b2db9f529556b7fad60a298f25d0e18dd36212bf58029fba67cf

Request headers

:path: /wp-content/themes/Total/fonts/karla-bold-webfont.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:50 GMT
cf-cache-status: HIT
x-amz-request-id: DAB4D412A7D5DFE2
status: 200
content-type: application/x-font-woff
content-length: 18252
x-amz-id-2: bai+W+TZLNLpfzs0QVpDmi3GO4ORmdZGLILIWVZ7V2k6x59lEw4ZRlC4Oe8RToEsnBdy6CVXTpU=
last-modified: Tue, 27 Nov 2018 18:17:27 GMT
server: cloudflare
etag: "904fee4ac5e8088210a4c906944c4c32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: b0iYxba1dvGkW0fQOmYutZbZzKF1vuU9
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da89fb6c283-FRA
expires: Tue, 18 Dec 2018 18:42:50 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/fonts/ 17 KB
17 KB 24ms
24ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/fonts/karla-regular-webfont.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Request headers

:path: /wp-content/themes/CrowdStrike_Theme/cs/fonts/karla-regular-webfont.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
cf-cache-status: HIT
x-amz-request-id: 8CE59F149BE67491
status: 200
content-type: application/x-font-woff
content-length: 17512
x-amz-id-2: cOLs9PmspfXlYfwavCYArNVHxSXkJWW2dgmZyVY31W31QQd85f/hAwKnnUK7citIG3x1KLwqAwQ=
last-modified: Tue, 27 Nov 2018 18:13:11 GMT
server: cloudflare
etag: "6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: kZ6VwMbOI7fQMIkaVU6DeZ3FHZAe8pdx
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da9ab7cc283-FRA
expires: Tue, 18 Dec 2018 18:42:51 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/aab18d33f43dc0c3/ 324 KB
108 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d00b25b28944a3a7c4fb4b935e9920f2e5af33ab7d1ef325394e7409a10ddf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 09 Dec 2018 11:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Nov 2018 14:57:13 GMT
server: sffe
age: 800223
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 110803
x-xss-protection: 1; mode=block
expires: Mon, 09 Dec 2019 11:25:48 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/aab18d33f43dc0c3/ 46 KB
10 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/aab18d33f43dc0c3/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

beb07d6ff422dd77de376852a3d0f9a47891159503f4aaadbac5ee5cc02a9589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 10 Dec 2018 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Nov 2018 14:57:13 GMT
server: sffe
age: 682617
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10178
x-xss-protection: 1; mode=block
expires: Tue, 10 Dec 2019 20:05:54 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v2/ 15 KB
3 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

653bbc0f39278f1bc1e84c154c76d445e65ab88c7bf9d5e81830676c2d80c61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Oct 2018 18:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3425
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:51 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Response headers

Content-Type: image/gif

GET
H2 200 Batman-Book.woff
www.crowdstrike.com/wp-content/themes/Total/fonts/ 21 KB
22 KB 26ms
11ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/Batman-Book.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce7920df0659e5cd6b178128c1e4f9b59bef133bb36e18465f8be01a92b2b3a

Request headers

:path: /wp-content/themes/Total/fonts/Batman-Book.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
cf-cache-status: HIT
x-amz-request-id: 48EB38296099F67D
status: 200
content-type: application/x-font-woff
content-length: 22000
x-amz-id-2: EqmpDGW93K3RVgsglJCIlOnwLvw8iKjPUw1/dYUKGYzcHHRraDRhwwCFVGK2PaZcxlkLCHZFrXs=
last-modified: Tue, 27 Nov 2018 18:16:25 GMT
server: cloudflare
etag: "8ea66788d9ca751c257467940883190b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RcBJLU1lPLMxq0Pl4ClTJTWFwQADcziD
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da9dc0fc283-FRA
expires: Tue, 18 Dec 2018 18:42:51 GMT

GET
H2 200 Batman-Light.woff
www.crowdstrike.com/wp-content/themes/Total/fonts/ 22 KB
22 KB 29ms
14ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/Batman-Light.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0735e3827a3d7fe722b56733ca79c2bad9aca48c3a0d12c50617fcfdb09b61ee

Request headers

:path: /wp-content/themes/Total/fonts/Batman-Light.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
cf-cache-status: HIT
x-amz-request-id: 7C36C79602EA93B5
status: 200
content-type: application/x-font-woff
content-length: 22044
x-amz-id-2: r1zQLnExKHgHmI0mDnF690eQZNxzjeReZFW3LfVjyP4U0Vc07dxfs3vmBIspHyyehdyIdglaMUs=
last-modified: Tue, 27 Nov 2018 18:16:31 GMT
server: cloudflare
etag: "ec5483510d888278a73ec600aced08cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bxp42gTJ8icLkzaiTKle_SS68ZoTUerL
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36da9dc12c283-FRA
expires: Tue, 18 Dec 2018 18:42:51 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/wp-content/new-css/fonts/ 17 KB
17 KB 15ms
15ms Font
application/x-font-woff 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/new-css/fonts/karla-regular-webfont.woff
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Request headers

:path: /wp-content/new-css/fonts/karla-regular-webfont.woff
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/new-css/crowdstrike-fonts.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/new-css/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:51 GMT
cf-cache-status: HIT
x-amz-request-id: F13FAFB190D31139
status: 200
content-type: application/x-font-woff
content-length: 17512
x-amz-id-2: YK4A5IcvgGJ4x++2vxvX6A3P+gw+iSpHJPnTXan5AOnnMIHeNaGBG6EOEnkNizV5lbEdUndDQ8M=
last-modified: Mon, 17 Apr 2017 20:52:38 GMT
server: cloudflare
etag: "6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mvjtCOyc1H9Locs.muXG5SGsHqLXJyIC
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36daa4d42c283-FRA
expires: Tue, 18 Dec 2018 18:42:51 GMT

GET WF-Trial-to-Pay_LP-Registration-Footer.html
go.crowdstrike.com/ Frame EE79 0
0

GET
H2 200 cs-logo.svg Show response
www.crowdstrike.com/wp-content/img/ Frame AF46 5 KB
3 KB 38ms
38ms Document
image/svg+xml 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/img/cs-logo.svg
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a31cfcac2526065e9c82913dd203a60ea8d01e318c5865c9ca08914056962a

Request headers

:method: GET
:authority: www.crowdstrike.com
:scheme: https
:path: /wp-content/img/cs-logo.svg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
accept-encoding: gzip, deflate, br
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report

Response headers

status: 200
date: Tue, 18 Dec 2018 17:42:51 GMT
content-type: image/svg+xml
x-amz-id-2: efoaPImoNXuGQVqNR6CNpTbU4IcKuZnxsrUKrleW4BEhyQGX7QCGLuX408whw7vitEFzIFlR97s=
x-amz-request-id: 49B9CC0ADFC5E826
last-modified: Tue, 27 Nov 2018 18:06:31 GMT
x-amz-version-id: DO_onUwsxqh_lEA5s5iCLl.WuUX7IbT0
etag: W/"0b9307bfd21296e2a9044e30f3ae7a51"
cf-cache-status: HIT
expires: Tue, 18 Dec 2018 18:42:51 GMT
cache-control: public, max-age=3600
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 48b36dacfd84c283-FRA
content-encoding: gzip

GET
H/1.1 200
OK Cookie set WC2018CyberIntrusionServicesCasebook_LPDownload2.html Show response
go.crowdstrike.com/ Frame 0C6E 82 KB
12 KB 357ms
277ms Document
text/html 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

867dcd95053e2a2e7dcdecc4d2207720337e925238f6232a57681a626e72e617

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: go.crowdstrike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report

Response headers

Server: nginx
Date: Tue, 18 Dec 2018 17:42:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 11779
Connection: keep-alive
P3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
Vary: *,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: BIGipServerab01web-nginx-app_https=!TNwvijSzAoIU+sm5yiPNdgcigIaMSX/lPW7toF8JmfPUp3107VRS9P58PR9HSyNUAruHOcutFJ7kK5I=; path=/; Httponly; Secure

GET
H/1.1 200
OK Cookie set WF-Trial-to-Pay_LP-Registration-Footer.html Show response
go.crowdstrike.com/ Frame EE79 11 KB
5 KB 637ms
276ms Document
text/html 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

dce5fa963518a673d96725c523714b522a5979f09df09575d00be56f925181d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: go.crowdstrike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-2018/?ctm_source=Digital&ctm_medium=3rd_Party_Email&ctm_campaign=SecurityInsider_Casebook2018_Report

Response headers

Server: nginx
Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4303
Connection: keep-alive
P3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
Vary: *,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; path=/; Httponly; Secure

GET
DATA 200
OK truncated
/ Frame AF46 3 KB
0 Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6be998879083b4324442cad47d8ad7bb85e9135c9f3d2bf3b70c71add2a7c7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: img/png

GET
H/1.1 200
OK SmartForms.js Show response
d12ulf131zb0yj.cloudfront.net/ Frame 0C6E 2 KB
1 KB 322ms
9ms Script
text/javascript 52.222.149.41
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.149.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a1c3024f3fe34859daacf4f8491c9ccfa999b2ee44502bb2b3d1c119f1aa84

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 8b2yWLxoGDZ0rPOBokYAmh9vHdV04rA.
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 16:34:31 GMT
Server: AmazonS3
Age: 4000
Date: Tue, 18 Dec 2018 16:43:17 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 65715c6e447bfc4ebcfb81f088c7e3f3.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: u9gOKvl2IcourViHi2nc09DZNDGckEN3kPrCIyfo6CGaUL0mxwQzpQ==

GET
H2 200 marketo-gdpr-msg.css
www.crowdstrike.com/wp-content/css/ Frame 0C6E 2 KB
855 B 12ms
11ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/css/marketo-gdpr-msg.css
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3005e200eae72242a4b3adb55419417b83e65a3f3c9e1c850fee1d134f3db015

Request headers

:path: /wp-content/css/marketo-gdpr-msg.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E02F50EC4D44F707
status: 200
x-amz-version-id: AX9jHkq.aTlNiNu5CnvSSOZUTeQk9x22
x-amz-id-2: OJ6vcBpr3gAe8hgVDBONtSkupmnX/K22I1zsWQ5cAfQZYHgeZomy7Eu/JH6BgkwFdQWjQEHGe+E=
last-modified: Thu, 13 Dec 2018 16:25:28 GMT
server: cloudflare
etag: W/"b51c5aa50248df101a269968f063d77e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36daf4cbec283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
code.jquery.com/ Frame 0C6E 95 KB
33 KB 65ms
23ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:18:54 GMT
Server: nginx
ETag: W/"573f46fe-17b8b"
Vary: Accept-Encoding
X-HW: 1545154972.dop002.pa1.shc,1545154972.dop002.pa1.t,1545154972.cds007.pa1.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33738

GET
H2 200 set_tracking_marketo.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame 0C6E 3 KB
1 KB 11ms
10ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set_tracking_marketo.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16ac1dc7d59388720d91c40296251a35df9428418908f40b5377f1758f142ff

Request headers

:path: /wp-content/custom_js/set_tracking_marketo.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: B121812ED570D552
status: 200
x-amz-version-id: mQ2zqL4CFgnKg97cWuAAT_0acO7oOH4C
x-amz-id-2: fOdBtAzrcFWJvgSt2H5yLyDmgoW8hOatiQNslUpjM2h+ecANnALZXNLHWus8P8UNd4PEm4t7DwM=
last-modified: Tue, 27 Nov 2018 18:20:14 GMT
server: cloudflare
etag: W/"0e13f963adfeac351b2874ea74632590"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36daf4cc0c283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK mktLPSupportCompat.css
go.crowdstrike.com/css/ Frame 0C6E 2 KB
956 B 93ms
92ms Stylesheet
text/css 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/css/mktLPSupportCompat.css

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!TNwvijSzAoIU+sm5yiPNdgcigIaMSX/lPW7toF8JmfPUp3107VRS9P58PR9HSyNUAruHOcutFJ7kK5I=
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:32 GMT
Server: nginx
ETag: "61cd2-633-57c2742edc200"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 635

GET
H/1.1 200
OK forms2.min.js Show response
app-ab01.marketo.com/js/forms2/js/ Frame 0C6E 169 KB
57 KB 375ms
19ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8a889f8cd41e5a86957e338c937f62848ff948ec2fd995280858ca90f5c01dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "5608c4-2a23a-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Content-Length: 58229

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 0C6E 94 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 13:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14468
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33507
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 13:41:44 GMT

GET
H/1.1 200
OK forms2.min.js Show response
go.crowdstrike.com/js/forms2/js/ Frame 0C6E 169 KB
57 KB 95ms
95ms Script
application/x-javascript 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/js/forms2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

8a889f8cd41e5a86957e338c937f62848ff948ec2fd995280858ca90f5c01dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!TNwvijSzAoIU+sm5yiPNdgcigIaMSX/lPW7toF8JmfPUp3107VRS9P58PR9HSyNUAruHOcutFJ7kK5I=
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "6149d-2a23a-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame 0C6E 1 KB
683 B 19ms
19ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e530db53062089708537e511833c28b4bfc74e444e956e4fe7ce2e091ccd90b

Request headers

:path: /wp-content/custom_js/set-ctm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 8C085C588B7B656E
status: 200
x-amz-version-id: 5Re2GOvFdyT7MdIpy2ze0opEJkTy9Gcd
x-amz-id-2: f3JzYIK5NWsZssUM5tdb5kFmSJn53WJ0AIzQ8MZGMjzMJFcUYxaQPD8SoR9A/1FC8DNGseNcsa8=
last-modified: Fri, 14 Dec 2018 18:56:40 GMT
server: cloudflare
etag: W/"b1fb87e80528be927436e6b7ca59fac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36dafeef7c283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// Frame 0C6E 1 KB
1 KB 354ms
21ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jun 2018 01:36:41 GMT
Server: Apache
ETag: "8a1ad47bd9401d0c4cde2aab48eeb571:1528767401"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK SmartForms.js Show response
d12ulf131zb0yj.cloudfront.net/ Frame EE79 2 KB
1 KB 271ms
9ms Script
text/javascript 52.222.149.41
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.149.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-41.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a1c3024f3fe34859daacf4f8491c9ccfa999b2ee44502bb2b3d1c119f1aa84

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 8b2yWLxoGDZ0rPOBokYAmh9vHdV04rA.
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 16:34:31 GMT
Server: AmazonS3
Age: 2554
Date: Mon, 17 Dec 2018 16:42:26 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 65715c6e447bfc4ebcfb81f088c7e3f3.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: RGjbFazVHYOu6ZSpCbpJZM6tGjsSM1308rsI1BoboU5oHFRHMVydow==

GET
H2 200 marketo-gdpr-msg.css
www.crowdstrike.com/wp-content/css/ Frame EE79 2 KB
690 B 18ms
17ms Stylesheet
text/css 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/css/marketo-gdpr-msg.css
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3005e200eae72242a4b3adb55419417b83e65a3f3c9e1c850fee1d134f3db015

Request headers

:path: /wp-content/css/marketo-gdpr-msg.css
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E02F50EC4D44F707
status: 200
x-amz-version-id: AX9jHkq.aTlNiNu5CnvSSOZUTeQk9x22
x-amz-id-2: OJ6vcBpr3gAe8hgVDBONtSkupmnX/K22I1zsWQ5cAfQZYHgeZomy7Eu/JH6BgkwFdQWjQEHGe+E=
last-modified: Thu, 13 Dec 2018 16:25:28 GMT
server: cloudflare
etag: W/"b51c5aa50248df101a269968f063d77e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 48b36db10aa2c283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
code.jquery.com/ Frame EE79 95 KB
33 KB 19ms
19ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:18:54 GMT
Server: nginx
ETag: W/"573f46fe-17b8b"
Vary: Accept-Encoding
X-HW: 1545154972.dop002.pa1.shc,1545154972.dop002.pa1.t,1545154972.cds007.pa1.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33738

GET
H2 200 set_tracking_marketo.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame EE79 3 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set_tracking_marketo.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16ac1dc7d59388720d91c40296251a35df9428418908f40b5377f1758f142ff

Request headers

:path: /wp-content/custom_js/set_tracking_marketo.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: B121812ED570D552
status: 200
x-amz-version-id: mQ2zqL4CFgnKg97cWuAAT_0acO7oOH4C
x-amz-id-2: fOdBtAzrcFWJvgSt2H5yLyDmgoW8hOatiQNslUpjM2h+ecANnALZXNLHWus8P8UNd4PEm4t7DwM=
last-modified: Tue, 27 Nov 2018 18:20:14 GMT
server: cloudflare
etag: W/"0e13f963adfeac351b2874ea74632590"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36db10aa3c283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK mktLPSupportCompat.css
go.crowdstrike.com/css/ Frame EE79 2 KB
956 B 92ms
91ms Stylesheet
text/css 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/css/mktLPSupportCompat.css

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:32 GMT
Server: nginx
ETag: "61cd2-633-57c2742edc200"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 635

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame EE79 94 KB
33 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 13:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14468
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33507
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 13:41:44 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame EE79 762 B
541 B 20ms
18ms Script
text/javascript 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2e4f2bc1db0f75a7a5288dc28dcb4ad4a67cec1d8beb3d5510d85d06ea883585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 448
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:52 GMT

GET
H/1.1 200
OK forms2.min.js Show response
app-ab01.marketo.com/js/forms2/js/ Frame EE79 169 KB
57 KB 159ms
20ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8a889f8cd41e5a86957e338c937f62848ff948ec2fd995280858ca90f5c01dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "5608c4-2a23a-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Content-Length: 58229

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame EE79 1 KB
526 B 14ms
13ms Script
application/javascript 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e530db53062089708537e511833c28b4bfc74e444e956e4fe7ce2e091ccd90b

Request headers

:path: /wp-content/custom_js/set-ctm-cookies.js
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
:scheme: https
:method: GET
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 8C085C588B7B656E
status: 200
x-amz-version-id: 5Re2GOvFdyT7MdIpy2ze0opEJkTy9Gcd
x-amz-id-2: f3JzYIK5NWsZssUM5tdb5kFmSJn53WJ0AIzQ8MZGMjzMJFcUYxaQPD8SoR9A/1FC8DNGseNcsa8=
last-modified: Fri, 14 Dec 2018 18:56:40 GMT
server: cloudflare
etag: W/"b1fb87e80528be927436e6b7ca59fac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 48b36db18c8cc283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// Frame EE79 1 KB
1 KB 110ms
21ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jun 2018 01:36:41 GMT
Server: Apache
ETag: "8a1ad47bd9401d0c4cde2aab48eeb571:1528767401"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 0C6E 95 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 06 Dec 2018 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1061893
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33951
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2019 10:44:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0C6E 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 5316
date: Tue, 18 Dec 2018 16:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Tue, 18 Dec 2018 18:14:16 GMT

GET
H/1.1 200
OK check Show response
api.ipstack.com/ Frame 0C6E 276 B
630 B 176ms
175ms Script
application/json 23.246.243.35
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=c4145bb60c6eaa1379ba0a6589da27de&legacy=1&callback=jQuery112405583508245577606_1545154972605&_=1545154972606
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.246.243.35 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 23.f3.f617.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 35e83b5477f2eb1f496ec61c425298e13ac09aeb468ae4591af97d72aefef422

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Server: nginx
X-Apilayer-Transaction-Id: 346f8a32-52b1-4288-97cb-54afdd2a3206
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type: application/json; Charset=UTF-8
Access-Control-Allow-Origin: *
X-Request-Time: 0.020

GET
H/1.1 200
OK rtp.js Show response
sjrtp-cdn.marketo.com/rtp-api/v1/ Frame 0C6E 148 KB
41 KB 100ms
31ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=crowdstrike

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

482248da20a3122a6d9d219b802c3b4ce696b1043c1fc06c39c1a12cc081d6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:03:49 GMT
Server: Jetty(7.3.1.v20110307)
Date: Tue, 18 Dec 2018 17:42:52 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=190
Connection: keep-alive
Content-Length: 41324

GET
H/1.1 200
OK forms2.css
go.crowdstrike.com/js/forms2/css/ Frame 0C6E 13 KB
3 KB 100ms
98ms Stylesheet
text/css 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/css/forms2.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "80e48-33f8-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2610

GET
H/1.1 200
OK forms2-theme-plain.css
go.crowdstrike.com/js/forms2/css/ Frame 0C6E 828 B
567 B 93ms
92ms Stylesheet
text/css 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "80e44-33c-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 246

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/154/ Frame 0C6E 8 KB
5 KB 23ms
22ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/154/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 May 2018 02:45:27 GMT
Server: Apache
ETag: "808fc844032f646c32adce24553838be:1526611527"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3700
Expires: Thu, 28 Mar 2019 17:42:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame EE79 95 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 06 Dec 2018 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1061893
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33951
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2019 10:44:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EE79 43 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 5316
date: Tue, 18 Dec 2018 16:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Tue, 18 Dec 2018 18:14:16 GMT

GET
H/1.1 200
OK check Show response
api.ipstack.com/ Frame EE79 276 B
630 B 276ms
169ms Script
application/json 23.246.243.35
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=c4145bb60c6eaa1379ba0a6589da27de&legacy=1&callback=jQuery112407457053161134213_1545154972672&_=1545154972673
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.246.243.35 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 23.f3.f617.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 31f62d134043e412f82ec6c2562133aece36170cf3f0bdb78a05026ab509bbda

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Server: nginx
X-Apilayer-Transaction-Id: 231d3e6e-254d-4c1c-b5ff-71f5053ba02a
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type: application/json; Charset=UTF-8
Access-Control-Allow-Origin: *
X-Request-Time: 0.014

GET
H/1.1 200
OK rtp.js Show response
sjrtp-cdn.marketo.com/rtp-api/v1/ Frame EE79 148 KB
41 KB 69ms
20ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=crowdstrike

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

482248da20a3122a6d9d219b802c3b4ce696b1043c1fc06c39c1a12cc081d6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:03:49 GMT
Server: Jetty(7.3.1.v20110307)
Date: Tue, 18 Dec 2018 17:42:52 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=190
Connection: keep-alive
Content-Length: 41324

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1543818755456/ Frame EE79 259 KB
90 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1543818755456/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d1a400c49ae5c9c548af7919dac261384e7456fa588091ae3b78e0f50693cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Dec 2018 18:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Dec 2018 17:45:00 GMT
server: sffe
age: 515232
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 92306
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 18:35:40 GMT

GET
H/1.1 200
OK getForm Show response
app-ab01.marketo.com/index.php/form/ Frame EE79 51 KB
52 KB 545ms
544ms Script
application/javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/index.php/form/getForm?munchkinId=281-OBQ-266&form=4551&url=https%3A%2F%2Fgo.crowdstrike.com%2FWF-Trial-to-Pay_LP-Registration-Footer.html&callback=jQuery112409540269532910404_1545154972689&_=1545154972690

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ecd499b06de85cddd4484253bdf960cabcf5f87fa5eecf188478e407a0e665a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive, Transfer-Encoding
Date: Tue, 18 Dec 2018 17:42:53 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/154/ Frame EE79 8 KB
5 KB 22ms
21ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/154/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 May 2018 02:45:27 GMT
Server: Apache
ETag: "808fc844032f646c32adce24553838be:1526611527"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3700
Expires: Thu, 28 Mar 2019 17:42:52 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame 0C6E 54 KB
21 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N8HXDD2&cid=721406751.1545154971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

da8cb8957a11094c70a4e1d060a63b22f908cf04639a5071fd42564817014807

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21572
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:52 GMT

GET
H/1.1 200
OK visitWebPage Show response
281-obq-266.mktoresp.com/webevents/ Frame 0C6E 2 B
272 B 552ms
102ms XHR
text/plain 192.28.144.124
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://281-obq-266.mktoresp.com/webevents/visitWebPage?_mchNc=1545154972734&_mchCn=WC2018CyberIntrusionServicesCasebook_LPDownload2&_mchId=281-OBQ-266&_mchTk=_mch-crowdstrike.com-1545154972734-11401&_mchWs=j1RR&_mchHo=go.crowdstrike.com&_mchPo=&_mchRu=%2FWC2018CyberIntrusionServicesCasebook_LPDownload2.html&_mchPc=https%3A&_mchVr=154&_mchHa=&_mchRe=https%3A%2F%2Fwww.crowdstrike.com%2Fresources%2Freports%2Fcyber-intrusion-services-casebook-2018%2F%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&_mchQp=ctm_source%3DDigital__-__ctm_campaign%3DSecurityInsider_Casebook2018_Report__-__ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital__-__ctm_campaign%3DSecurityInsider_Casebook2018_Report__-__ctm_medium%3D3rd_Party_Email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/154/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: spray-can/1.3.3 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Dec 2018 17:42:53 GMT
Content-Encoding: gzip
Server: spray-can/1.3.3
Content-Length: 22
X-Request-Id: e955c789-4c9b-4513-b45b-895bf7d53d54
Content-Type: text/plain; charset=UTF-8

GET
H2 200 Fatman-Book.woff2
www.crowdstrike.com/wp-content/themes/Total/fonts/ 18 KB
18 KB 22ms
22ms Font
binary/octet-stream 2606:4700:10::6814:5ef6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crowdstrike.com/wp-content/themes/Total/fonts/Fatman-Book.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:5ef6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4818ae419e22957b27ca326dc9df7af0d8c5cd30bd6aa2ac00e650de00c98c1b

Request headers

:path: /wp-content/themes/Total/fonts/Fatman-Book.woff2
pragma: no-cache
cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
origin: https://www.crowdstrike.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.crowdstrike.com
referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.crowdstrike.com/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
cf-cache-status: HIT
x-amz-request-id: 2C88EBCFDADA3D8A
status: 200
content-type: binary/octet-stream
content-length: 18072
x-amz-id-2: GvPa1Mfw/RkhYO0j+/57Ku2gUZaby4n2KDWAm4tQg4GP2+TFWdPd0otSiRk7/KM7gANeAr0fpLs=
last-modified: Tue, 27 Nov 2018 18:16:49 GMT
server: cloudflare
etag: "3e16fbabc84694a0187442b767dfe881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6tL.Y8vpk4KDDwi5RxyCaFYJ79ZSoaRf
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 48b36db3bca6c283-FRA
expires: Tue, 18 Dec 2018 18:42:52 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame EE79 54 KB
21 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N8HXDD2&cid=721406751.1545154971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

da8cb8957a11094c70a4e1d060a63b22f908cf04639a5071fd42564817014807

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:52 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21572
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:52 GMT

GET
H/1.1 200
OK 143731.js Show response
s3.amazonaws.com/smartforms-configurations/ Frame EE79 23 KB
24 KB 113ms
113ms Script
application/javascript 52.216.160.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/smartforms-configurations/143731.js
Requested by: Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.160.37 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0a73a6e119e70e02ff11950264a74c32f30a2dc9f606aa557e2cc7be3a2a44a1

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:53 GMT
Last-Modified: Tue, 16 Oct 2018 22:19:30 GMT
Server: AmazonS3
x-amz-request-id: 6C7D4B352A2ACAB4
ETag: "c1a4b10a159b5eb00a57eb322552c0f6"
Content-Type: application/javascript
Content-Length: 23968
Accept-Ranges: bytes
x-amz-version-id: pyLKGFJZYHBdrn6vvZYE53FwAIbgdg8L
x-amz-id-2: 9F/KbaLpG6qz4Cb9piGYTr3buIFXybuvtSfCm3qAS5vf6KHnf8a6xONFl9uuaLGCMKAusR0uq+0=

GET
H/1.1 200
OK 143731.js Show response
s3.amazonaws.com/smartforms-configurations/ Frame 0C6E 23 KB
24 KB 308ms
105ms Script
application/javascript 52.216.160.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/smartforms-configurations/143731.js
Requested by: Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.160.37 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0a73a6e119e70e02ff11950264a74c32f30a2dc9f606aa557e2cc7be3a2a44a1

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:54 GMT
Last-Modified: Tue, 16 Oct 2018 22:19:30 GMT
Server: AmazonS3
x-amz-request-id: 18036E326EC1167E
ETag: "c1a4b10a159b5eb00a57eb322552c0f6"
Content-Type: application/javascript
Content-Length: 23968
Accept-Ranges: bytes
x-amz-version-id: pyLKGFJZYHBdrn6vvZYE53FwAIbgdg8L
x-amz-id-2: yueiR5DKto/4NMUczZKqoA+oQTahWhqQsg9iu+AXzpC7Pt0sIXQbPHhW5Sb/Rxlszo9FwxGhRPU=

GET
H/1.1 200
OK visitWebPage Show response
281-obq-266.mktoresp.com/webevents/ Frame EE79 2 B
272 B 600ms
96ms XHR
text/plain 192.28.144.124
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://281-obq-266.mktoresp.com/webevents/visitWebPage?_mchNc=1545154972783&_mchCn=WF-Trial-to-Pay_LP-Registration-Footer&_mchId=281-OBQ-266&_mchTk=_mch-crowdstrike.com-1545154972734-11401&_mchWs=j1RR&_mchHo=go.crowdstrike.com&_mchPo=&_mchRu=%2FWF-Trial-to-Pay_LP-Registration-Footer.html&_mchPc=https%3A&_mchVr=154&_mchHa=&_mchRe=https%3A%2F%2Fwww.crowdstrike.com%2Fresources%2Freports%2Fcyber-intrusion-services-casebook-2018%2F%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&_mchQp=ctm_source%3DDigital__-__ctm_campaign%3DSecurityInsider_Casebook2018_Report__-__ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital__-__ctm_campaign%3DSecurityInsider_Casebook2018_Report__-__ctm_medium%3D3rd_Party_Email
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/154/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: spray-can/1.3.3 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Dec 2018 17:42:53 GMT
Content-Encoding: gzip
Server: spray-can/1.3.3
Content-Length: 22
X-Request-Id: 7a7441e5-d686-4cf5-b801-322314e3cae0
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK name.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 0C6E 1 KB
2 KB 95ms
95ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/name.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

7c4daad866e19daf2e5089bf09a821ce5b21a2a88e6af402b5979837f3a32d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; ctm_source=Digital; ctm_campaign=SecurityInsider_Casebook2018_Report; ctm_medium=3rd_Party_Email; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:42 GMT
Server: nginx
ETag: "a119a-508-57c7a13bc93a5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1288

GET
H/1.1 200
OK email.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 0C6E 1 KB
1 KB 92ms
92ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/email.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

8801be0e66832c555176c8964efc290cd759eb25fcd9f0c7868971cdacdf538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; ctm_source=Digital; ctm_campaign=SecurityInsider_Casebook2018_Report; ctm_medium=3rd_Party_Email; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:42 GMT
Server: nginx
ETag: "a119b-4a7-57c7a13bcbe9d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1191

GET
H/1.1 200
OK job.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 0C6E 1 KB
2 KB 99ms
99ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/job.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

cc97c1fc5bd6ce393ae8ac5ef9e03990e96b6181be6d4e267147d8a9e8c7aca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; ctm_source=Digital; ctm_campaign=SecurityInsider_Casebook2018_Report; ctm_medium=3rd_Party_Email; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:42 GMT
Server: nginx
ETag: "a119c-529-57c7a13bf6a34"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1321

GET
H/1.1 200
OK phone.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 0C6E 1 KB
1 KB 97ms
96ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/phone.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

be0e6080cb4849fd985b55c305c4fe7f81c123b0ca3e834feb905f5104e39c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; ctm_source=Digital; ctm_campaign=SecurityInsider_Casebook2018_Report; ctm_medium=3rd_Party_Email; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:42 GMT
Server: nginx
ETag: "a119d-444-57c7a13bf7204"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1092

GET
H/1.1 200
OK company.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 0C6E 1 KB
2 KB 176ms
96ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/company.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

643fb5ad280920a70c2d372ac3448aaa2724fbddea2710b8eef4abc8b8b335e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Cookie: __cfduid=da543b8e91b42b45e99d7e1d66ed778481545154969; _ga=GA1.2.721406751.1545154971; _gid=GA1.2.1487246496.1545154971; BIGipServerab01web-nginx-app_https=!9wYrpMPHrNJdFZG5yiPNdgcigIaMSQXBJ4GiHWx6LwVLxYoQsy4vaaYLuBI/I2Y3iHnWOQ//hIGWGP0=; ctm_source=Digital; ctm_campaign=SecurityInsider_Casebook2018_Report; ctm_medium=3rd_Party_Email; _mkto_trk=id:281-OBQ-266&token:_mch-crowdstrike.com-1545154972734-11401
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:42 GMT
Server: nginx
ETag: "a119e-57c-57c7a13bfb46c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1404

GET
H/1.1 200
OK sf3-load.js Show response
s3.amazonaws.com/smartforms-configurations/ Frame EE79 81 KB
82 KB 177ms
105ms Script
text/javascript 52.216.160.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/smartforms-configurations/sf3-load.js
Requested by: Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.160.37 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d726095b397854d9cf864f9a9f4f023a69ce476a27fefdf64bc118c37f3d2c59

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:54 GMT
Last-Modified: Wed, 12 Dec 2018 16:34:32 GMT
Server: AmazonS3
x-amz-request-id: 981F880289B29D48
ETag: "fae5afae8412b117c396b49a873a3e5e"
Content-Type: text/javascript
Content-Length: 83168
Accept-Ranges: bytes
x-amz-version-id: WiJfg9SD4.q2A9v6BVLeixFy70B_SitV
x-amz-id-2: /XkIrPu/TtNKjpqRgAleoze2vLizHnRKZta8T49yK2i65SfWzvE//872RUZdWXWn0IJIlWJrCWY=

GET
H/1.1 200
OK sf3-load.js Show response
s3.amazonaws.com/smartforms-configurations/ Frame 0C6E 81 KB
82 KB 113ms
112ms Script
text/javascript 52.216.162.205
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/smartforms-configurations/sf3-load.js
Requested by: Host: d12ulf131zb0yj.cloudfront.net
URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.162.205 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d726095b397854d9cf864f9a9f4f023a69ce476a27fefdf64bc118c37f3d2c59

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:54 GMT
Last-Modified: Wed, 12 Dec 2018 16:34:32 GMT
Server: AmazonS3
x-amz-request-id: 00EA21D63A69CA94
ETag: "fae5afae8412b117c396b49a873a3e5e"
Content-Type: text/javascript
Content-Length: 83168
Accept-Ranges: bytes
x-amz-version-id: WiJfg9SD4.q2A9v6BVLeixFy70B_SitV
x-amz-id-2: R/OzxGjRY+iSV1lempkWPaDt024Cms61Y/dqJiD82NMTHgmm5vnkvon0LkiinYFX95T9ONcQNc4=

GET
H/1.1 200
OK forms2.css
app-ab01.marketo.com/js/forms2/css/ Frame EE79 13 KB
3 KB 19ms
18ms Stylesheet
text/css 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "80e48-33f8-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: text/css
Date: Tue, 18 Dec 2018 17:42:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2610

GET
H/1.1 200
OK forms2-theme-plain.css
app-ab01.marketo.com/js/forms2/css/ Frame EE79 828 B
612 B 39ms
20ms Stylesheet
text/css 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Dec 2018 00:22:29 GMT
Server: nginx
ETag: "80e44-33c-57c2742bffb40"
Vary: Accept-Encoding
Content-Type: text/css
Date: Tue, 18 Dec 2018 17:42:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 246

GET
H2 200 css
fonts.googleapis.com/ Frame EE79 783 B
439 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

534f2f25f81301ecc9f48fb15f9e75088d334a1a9d3c0ea35757a9bc7519870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Dec 2018 17:42:53 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 18 Dec 2018 17:42:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:53 GMT

GET
H/1.1 200
OK Cookie set Karla-Regular.woff
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame EE79 12 KB
12 KB 95ms
94ms Font
text/plain 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/Karla-Regular.woff

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

b64183b20a1b5ab56761fb503e7197c641ae2a61e065bf5452a4fa5c0afd9c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: https://go.crowdstrike.com
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Date: Tue, 18 Dec 2018 17:42:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:20 GMT
Server: nginx
ETag: "a1186-2ef4-57c7a1268bfce"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Set-Cookie: BIGipServerab01web-nginx-app_https=!UtL/Kv/Vqe/V0Oa5yiPNdgcigIaMSeRuDz4DGhR2LEmfoRsucbt/aicdzDO6j9rvUgE0wiff5GShUB8=; path=/; Httponly; Secure
Accept-Ranges: bytes
Content-Length: 12020

GET
H/1.1 200
OK Cookie set checkbox-options.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame EE79 320 B
751 B 93ms
93ms Image
image/png 192.28.144.241
MARKETO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/checkbox-options.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

192.28.144.241 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

fdad32c41d21060f8af1be5ad5455784f92fe6a767dbcd4344d7a43699cc8918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: go.crowdstrike.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Connection: keep-alive
Cache-Control: no-cache
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 08 Dec 2018 03:10:20 GMT
Server: nginx
ETag: "a1185-140-57c7a126773c6"
Content-Type: image/png
Connection: keep-alive
Set-Cookie: BIGipServerab01web-nginx-app_https=!QtqhdagJA7s27aG5yiPNdgcigIaMSXuSrn8UKB5184zG8MWUmG9BjzRYW/CPXYzggFFg6XXUYvVKl+8=; path=/; Httponly; Secure
Accept-Ranges: bytes
Content-Length: 320

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame EE79 32 KB
11 KB 90ms
22ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 39tn_AebqRF_U41IkOA_qLVkPWXUce5S
Content-Encoding: gzip
x-amz-request-id: 51C74201D94EE472
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Dec 2018 17:42:53 GMT
Connection: keep-alive
Content-Length: 10327
x-amz-id-2: D03gzId0FH0AhRqE5CHMaMEbtvmglcsjnSJzMs+MIrgBLirEaic+f8ymsgP63evogoPxFYecBrY=
Last-Modified: Thu, 06 Dec 2018 16:29:41 GMT
Server: AmazonS3
ETag: "26f3d6cad93fa863d92ab072d9fd9a75"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK XDFrame
app-ab01.marketo.com/index.php/form/ Frame 740C 0
0 387ms
386ms Document
text/html 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Host: app-ab01.marketo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Accept-Encoding: gzip, deflate, br
Cookie: BIGipServerab01web-nginx-app_https=!L/ED02NubfZuul25yiPNdgcigIaMSdZ/X5l1VFqY7UZh2JyT9+Oy8U5U8Noei5um3ZgBB897PcsH4ZQ=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Content-Length: 636
Strict-Transport-Security: max-age=63113904
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 18 Dec 2018 17:42:53 GMT
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ Frame 0C6E 783 B
0 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

534f2f25f81301ecc9f48fb15f9e75088d334a1a9d3c0ea35757a9bc7519870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Dec 2018 17:42:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 18 Dec 2018 17:42:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 17:42:53 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 0C6E 32 KB
11 KB 36ms
20ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 39tn_AebqRF_U41IkOA_qLVkPWXUce5S
Content-Encoding: gzip
x-amz-request-id: 51C74201D94EE472
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Dec 2018 17:42:53 GMT
Connection: keep-alive
Content-Length: 10327
x-amz-id-2: D03gzId0FH0AhRqE5CHMaMEbtvmglcsjnSJzMs+MIrgBLirEaic+f8ymsgP63evogoPxFYecBrY=
Last-Modified: Thu, 06 Dec 2018 16:29:41 GMT
Server: AmazonS3
ETag: "26f3d6cad93fa863d92ab072d9fd9a75"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5Q4Q33H4BRCRBAXODNJYP6 Show response
d.adroll.com/consent/check/ Frame EE79 40 B
200 B 1137ms
32ms Script
application/javascript 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6?_s=6aed15f98d9589d0161a12548e603161
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:54 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 40
Content-Type: application/javascript

GET
H/1.1 200
OK 5Q4Q33H4BRCRBAXODNJYP6 Show response
d.adroll.com/consent/check/ Frame 0C6E 40 B
200 B 1162ms
33ms Script
application/javascript 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6?_s=d3722fa9154f9c07102dae541300c9e7
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:54 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 40
Content-Type: application/javascript

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/ Frame EE79 37 B
712 B 20ms
20ms Script
application/json 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2fb574e7bb951deb621f32ec4a6d95faa84d74218fdfaf60f77333c5c106b185

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: YjylsuTPIv1C822maTha5W_X6QrK0gQo
x-amz-request-id: 3FEE1BA2EF80126B
x-amz-server-side-encryption: AES256
Date: Tue, 18 Dec 2018 17:42:54 GMT
Connection: keep-alive
Content-Length: 37
x-amz-id-2: j2MuvGHTWVvPpVa7Ihzm5hqT710XrQlb7l5HDFOdMSpPckOGicl4QZM4FcQ6yErWZry5Qt1zdIo=
Last-Modified: Sat, 08 Dec 2018 00:01:27 GMT
Server: AmazonS3
ETag: "3e831ba8e3905ef1055f66e223ec3042"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/ Frame 0C6E 37 B
0 20ms
20ms Script
application/json 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2fb574e7bb951deb621f32ec4a6d95faa84d74218fdfaf60f77333c5c106b185

Request headers

Response headers

x-amz-version-id: YjylsuTPIv1C822maTha5W_X6QrK0gQo
ETag: "3e831ba8e3905ef1055f66e223ec3042"
x-amz-request-id: 3FEE1BA2EF80126B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 37
x-amz-id-2: j2MuvGHTWVvPpVa7Ihzm5hqT710XrQlb7l5HDFOdMSpPckOGicl4QZM4FcQ6yErWZry5Qt1zdIo=
Last-Modified: Sat, 08 Dec 2018 00:01:27 GMT
Server: AmazonS3
Date: Tue, 18 Dec 2018 17:42:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 c.min.js Show response
pixel.cdnwidget.com/cdn/ Frame EE79 80 KB
25 KB 56ms
13ms Script
text/javascript 2600:9000:20bb:1600:b:6d87:aa40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:1600:b:6d87:aa40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8ab7619f3398bd7fc411b192770b88ae0d3ad473f526c41d09bc069af0599bd

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 19:20:40 GMT
content-encoding: gzip
last-modified: Mon, 17 Dec 2018 19:20:36 GMT
server: AmazonS3
age: 80535
etag: "006a566d9233adafe94bd826d443c163"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public,max-age=259200,no-transform
accept-ranges: bytes
content-length: 25544
via: 1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
x-amz-cf-id: A_Fk_occ4-HS_7Ti-HIjd2g41XsQINaSjIN52YwrxmAy6R3tDmNenA==

GET
H2 200 c.min.js Show response
pixel.cdnwidget.com/cdn/ Frame 0C6E 80 KB
25 KB 50ms
17ms Script
text/javascript 2600:9000:20bb:1600:b:6d87:aa40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:1600:b:6d87:aa40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8ab7619f3398bd7fc411b192770b88ae0d3ad473f526c41d09bc069af0599bd

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 17 Dec 2018 19:20:40 GMT
content-encoding: gzip
last-modified: Mon, 17 Dec 2018 19:20:36 GMT
server: AmazonS3
age: 80535
etag: "006a566d9233adafe94bd826d443c163"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public,max-age=259200,no-transform
accept-ranges: bytes
content-length: 25544
via: 1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
x-amz-cf-id: 3ZkZyN_IWnIgk7zGSh1gR75TpyrBeZU7wmoxOlDUInIxB4fBIKR7Cw==

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ Frame EE79 57 B
382 B 475ms
243ms XHR
application/json 35.190.74.199
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.74.199 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 199.74.190.35.bc.googleusercontent.com
Software: /
Resource Hash: f6b16f531a6416235fe80a83ae3bf8734ace42fc18e6bb95281dbbcd291ab932

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ Frame EE79 14 B
338 B 437ms
108ms XHR
application/json 35.201.88.237
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.88.237 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 237.88.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 3c131461c86e0f324d7b53c197bb175d77e59ff7d8fdbc9fed6c7b58557c193d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ Frame EE79 57 B
382 B 4152ms
238ms XHR
application/json 35.186.237.72
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.237.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 72.237.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ac8a8de796dc2cb26352c6c2aa2badabe38143990433a8fe11cd2f5aecfbdd65

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:58 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ Frame 0C6E 14 B
338 B 563ms
107ms XHR
application/json 35.190.74.199
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.74.199 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 199.74.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 7322c6b395210149360a505c214681510bf9717456331ff1344228fc962bbc57

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ Frame 0C6E 57 B
382 B 524ms
106ms XHR
application/json 35.201.88.237
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.88.237 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 237.88.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 1a96431a6015362d8651e9cba98b6397ecf6d7e1c191fbd42e218379caed5a8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ Frame 0C6E 14 B
338 B 4248ms
111ms XHR
application/json 35.186.237.72
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.237.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 72.237.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 00f8ad974c63166a03f417cbe637d42e8bbca9127cdc21eccbcf6b783421757d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:59 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1

200
OK

JK7SIYBXVFBL3G4JSDFST7.js Show response
s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/ Frame EE79
Redirect Chain

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?pv=42415794832.49345&cookie=&adroll_s_ref=https%3A//www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-...
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

6 KB
2 KB

23ms
22ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9005e84badbea35440ca2ee78aff1ab77646a724409cd2036364a3363beda59

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: dRYQ54vD17jKRNg1sPaiLK7u2gtg6Nn_
Content-Encoding: gzip
x-amz-request-id: FF0C97C79DE3316A
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Dec 2018 17:42:55 GMT
Connection: keep-alive
Content-Length: 1728
x-amz-id-2: du6dbBIf/DzD9fzApb8nYEZ9tUImCq2t7zzgQgJz9vMuGRG4pLAr5+HLwq5Sw3zofQQvXSJT1WU=
Last-Modified: Tue, 18 Dec 2018 17:05:49 GMT
Server: AmazonS3
ETag: "889a62080ea37b9d6958509fa302bb57"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 18 Dec 2018 17:42:55 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: JK7SIYBXVFBL3G4JSDFST7
Location: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 3VD6P4Z5VVGIDCI2DJK7LT
X-Segment-Name: *
X-Advertisable-Eid: 5Q4Q33H4BRCRBAXODNJYP6
X-Conversion-Currency

GET
H/1.1

200
OK

JK7SIYBXVFBL3G4JSDFST7.js Show response
s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/ Frame 0C6E
Redirect Chain

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?pv=74024892279.66838&cookie=&adroll_s_ref=https%3A//www.crowdstrike.com/resources/reports/cyber-intrusion-services-casebook-...
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

6 KB
2 KB

40ms
19ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9005e84badbea35440ca2ee78aff1ab77646a724409cd2036364a3363beda59

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: dRYQ54vD17jKRNg1sPaiLK7u2gtg6Nn_
Content-Encoding: gzip
x-amz-request-id: FF0C97C79DE3316A
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Dec 2018 17:42:55 GMT
Connection: keep-alive
Content-Length: 1728
x-amz-id-2: du6dbBIf/DzD9fzApb8nYEZ9tUImCq2t7zzgQgJz9vMuGRG4pLAr5+HLwq5Sw3zofQQvXSJT1WU=
Last-Modified: Tue, 18 Dec 2018 17:05:49 GMT
Server: AmazonS3
ETag: "889a62080ea37b9d6958509fa302bb57"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 18 Dec 2018 17:42:55 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: JK7SIYBXVFBL3G4JSDFST7
Location: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 3VD6P4Z5VVGIDCI2DJK7LT
X-Segment-Name: *
X-Advertisable-Eid: 5Q4Q33H4BRCRBAXODNJYP6
X-Conversion-Currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame EE79 51 KB
15 KB 16ms
13ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: J3/RECyUfHyfLBi8nHVbj6LqLrP+7fYrAqAMvBaFLUZX9uxsnhIS2urA9flSu0L3SutNTeTPR5ug/EGKv3TBKw==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Dec 2018 17:42:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 14861
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame EE79 9 KB
3 KB 21ms
20ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e8d3647d7007583e9190b3fce74c540b9bf0421c2208996a127cc19622b08aa

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: arl4cOkwzYKQov9f2LpCRnTYEsZwE8XH
Content-Encoding: gzip
x-amz-request-id: BE1CAEAC57C9DD3D
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 18 Dec 2018 17:42:55 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: VOa518j7we0UtKX5++PRX8nwws2ojOC5/wyNBaoO/o56+fOoWQtf35s4TUpzP9O7GGOeitJf94M=
Last-Modified: Wed, 05 Dec 2018 18:21:51 GMT
Server: AmazonS3
ETag: "85b93291e89d9a13691b42e5716334ee"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
pixel.advertising.com/ups/55980/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
92 B

9ms
9ms

Image
text/plain

35.157.225.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.225.240 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-225-240.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 18 Dec 2018 17:42:56 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 18 Dec 2018 17:42:55 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55980/sync?uid=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975&C=1

43 B
1 KB

105ms
59ms

Image
image/gif

23.211.2.27
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.2.27 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-2-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Dec 2018 17:42:56 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expiration=1576690975&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 18 Dec 2018 17:42:56 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expires=365

42 B
371 B

98ms
22ms

Image
image/gif

213.19.162.90
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: 7zWKUZq-H1cVUdTpAxdB1A
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://sync.outbrain.com/adroll/pixel?user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM

0
283 B

131ms
95ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1545154976.146381,VS0,VE85
date: Tue, 18 Dec 2018 17:42:56 GMT
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.23
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8123-JFK, cache-hhn1539-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:55 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
818 B

1032ms
20ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
X-lat: Pug22036:0:2795
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM

0
264 B

46ms
15ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:56 GMT
via: 1.1 varnish
server: nginx
x-timer: S1545154976.182157,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1539-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZWQ5NDhkZGQ0MWEyNzAwZmVkODE0ZjA1NDc2YWY0ZTM
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1 200
OK out
d.adroll.com/cm/triplelift/ Frame EE79 42 B
465 B 66ms
34ms Image
image/gif 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/triplelift/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1

200
OK

pixel
ads.yahoo.com/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
1 KB

148ms
39ms

Image
text/plain

2a00:1288:110:422::3000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:56 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://x.bidswitch.net/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY

43 B
575 B

24ms
18ms

Image
image/gif

18.153.11.24
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.24 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-24.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%27)
https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%2527%29

43 B
988 B

61ms
38ms

Image
image/gif

185.33.223.221
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%2527%29

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:43:01 GMT
AN-X-Request-Uuid: a187c96c-7990-45d3-9228-862d308cfbc1
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 89.249.64.204; 89.249.64.204; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:43:01 GMT
AN-X-Request-Uuid: 2033b019-3f42-4ce4-9708-94444daf6ae5
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527MDc2ODVmYjFiZGFmOTY4Y2MxZTA4MmJlZDUyNzQyMTY%2527%29
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 89.249.64.204; 89.249.64.204; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

377928.gif
idsync.rlcdn.com/ Frame EE79
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://idsync.rlcdn.com/377928.gif?partner_uid=07685fb1bdaf968cc1e082bed5274216

0
34 B

326ms
107ms

Image
text/plain

18.207.56.96
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=07685fb1bdaf968cc1e082bed5274216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.56.96 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-207-56-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 18 Dec 2018 17:42:56 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=07685fb1bdaf968cc1e082bed5274216
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H/1.1 200
OK out
d.adroll.com/cm/o/ Frame EE79 42 B
465 B 329ms
33ms Image
image/gif 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/o/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1 200
OK out
d.adroll.com/cm/g/ Frame EE79 42 B
465 B 286ms
37ms Image
image/gif 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6&google_nid=adroll5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H2 200 346813882393432 Show response
connect.facebook.net/signals/config/ Frame EE79 181 KB
43 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/346813882393432?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

928b6d9f436ca2b2e3eaff1d6b5ef5131c2c53455e55aea384d70a1a37e51786

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44257
x-xss-protection: 0
pragma: public
x-fb-debug: lA1EL4wvyuG2dzHeMK6uqR9ialJZHe3yFrAeLMgAlDRl9aMskX8G9wOafkkUL9eI0RvE4sunzFnzg7BGKPIk6Q==
date: Tue, 18 Dec 2018 17:42:55 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 0C6E 51 KB
0 16ms
13ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Response headers

pragma: public
x-fb-debug: J3/RECyUfHyfLBi8nHVbj6LqLrP+7fYrAqAMvBaFLUZX9uxsnhIS2urA9flSu0L3SutNTeTPR5ug/EGKv3TBKw==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Dec 2018 17:42:55 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 14861
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK out
d.adroll.com/cm/aol/ Frame 0C6E 42 B
465 B 105ms
35ms Image
image/gif 176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/aol/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976&C=1

43 B
1 KB

120ms
59ms

Image
image/gif

23.211.2.27
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.2.27 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-2-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 18 Dec 2018 17:42:57 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNiNDJiYzg4ZmJmYmUyM2MzN2Y3YWJiMTgxMDJlN2Y&expiration=1576690976&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 18 Dec 2018 17:42:56 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTlmZmNjZWQ4NDgzMGI4NzZmYmRlMTExOTE3ZjI2NzQ&expires=365

42 B
371 B

120ms
26ms

Image
image/gif

213.19.162.90
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTlmZmNjZWQ4NDgzMGI4NzZmYmRlMTExOTE3ZjI2NzQ&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: 7zWKUZq-H1cVUdTpAxdB1A
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTlmZmNjZWQ4NDgzMGI4NzZmYmRlMTExOTE3ZjI2NzQ&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://sync.outbrain.com/adroll/pixel?user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

0
178 B

93ms
93ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1545154977.867252,VS0,VE85
date: Tue, 18 Dec 2018 17:42:56 GMT
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.23
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8123-JFK, cache-hhn1539-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
941 B

188ms
18ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
X-lat: Pug22003:0:803
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:56 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

0
241 B

22ms
21ms

Image
text/plain

151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1545154977.034780,VS0,VE8
x-cache: MISS
status: 204
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn1539-HHN

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET

xuid
eb2.3lift.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://eb2.3lift.com/xuid?mid=4714&xuid=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&dongle=c85e

0
0

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame 0C6E 9 KB
0 21ms
20ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e8d3647d7007583e9190b3fce74c540b9bf0421c2208996a127cc19622b08aa

Request headers

Response headers

x-amz-version-id: arl4cOkwzYKQov9f2LpCRnTYEsZwE8XH
Content-Encoding: gzip
ETag: "85b93291e89d9a13691b42e5716334ee"
x-amz-request-id: BE1CAEAC57C9DD3D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: VOa518j7we0UtKX5++PRX8nwws2ojOC5/wyNBaoO/o56+fOoWQtf35s4TUpzP9O7GGOeitJf94M=
Last-Modified: Wed, 05 Dec 2018 18:21:51 GMT
Server: AmazonS3
Date: Tue, 18 Dec 2018 17:42:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

pixel
ads.yahoo.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
1 KB

370ms
289ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:57 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://x.bidswitch.net/sync?dsp_id=44&user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM

43 B
346 B

24ms
24ms

Image
image/gif

18.153.11.24
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.24 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-24.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://x.bidswitch.net/sync?dsp_id=44&user_id=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%27)
https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%2527%29

43 B
989 B

56ms
16ms

Image
image/gif

185.33.223.221
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%2527%29

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:43:01 GMT
AN-X-Request-Uuid: 77198c31-d8e3-465b-a6cd-6dde03db343a
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 89.249.64.204; 89.249.64.204; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:43:01 GMT
AN-X-Request-Uuid: 8f52a801-da7e-4731-8591-ea3867f72380
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fpxj%3Fbidder%3D172%26seg%3D802787%26action%3Dsetuid%28%2527YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM%2527%29
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 89.249.64.204; 89.249.64.204; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

377928.gif
idsync.rlcdn.com/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://idsync.rlcdn.com/377928.gif?partner_uid=c7a8b3ba93182d19900a6bab395b000c

0
34 B

115ms
113ms

Image
text/plain

18.207.56.96
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=c7a8b3ba93182d19900a6bab395b000c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.56.96 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-207-56-96.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 18 Dec 2018 17:42:57 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=c7a8b3ba93182d19900a6bab395b000c
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://us-u.openx.net/w/1.0/sd?id=537103138&val=c7a8b3ba93182d19900a6bab395b000c
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c7a8b3ba93182d19900a6bab395b000c

43 B
256 B

24ms
24ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c7a8b3ba93182d19900a6bab395b000c
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 17:42:57 GMT
server: OXGW/16.117.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 18 Dec 2018 17:42:57 GMT
server: OXGW/16.117.2
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c7a8b3ba93182d19900a6bab395b000c
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/ Frame 0C6E
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=5Q4Q33H4BRCRBAXODNJYP6&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=x6izupMYLRmQCmurOVsADA&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=x6izupMYLRmQCmurOVsADA&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

39ms
38ms

Image
image/gif

176.34.111.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.111.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-111-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Dec 2018 17:42:57 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Tue, 18 Dec 2018 17:42:57 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 346813882393432 Show response
connect.facebook.net/signals/config/ Frame 0C6E 181 KB
43 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/346813882393432?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

928b6d9f436ca2b2e3eaff1d6b5ef5131c2c53455e55aea384d70a1a37e51786

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44257
x-xss-protection: 0
pragma: public
x-fb-debug: lA1EL4wvyuG2dzHeMK6uqR9ialJZHe3yFrAeLMgAlDRl9aMskX8G9wOafkkUL9eI0RvE4sunzFnzg7BGKPIk6Q==
date: Tue, 18 Dec 2018 17:42:55 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 0C6E 44 B
245 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=346813882393432&ev=PageView&dl=https%3A%2F%2Fgo.crowdstrike.com%2FWC2018CyberIntrusionServicesCasebook_LPDownload2.html%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email&rl=https%3A%2F%2Fwww.crowdstrike.com%2Fresources%2Freports%2Fcyber-intrusion-services-casebook-2018%2F%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&if=true&ts=1545154976065&cd[segment_eid]=JK7SIYBXVFBL3G4JSDFST7&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=29&fbp=fb.1.1545154976064.60630213&it=1545154975894&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 17:42:56 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame EE79 44 B
98 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=346813882393432&ev=PageView&dl=https%3A%2F%2Fgo.crowdstrike.com%2FWF-Trial-to-Pay_LP-Registration-Footer.html%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email%3Fctm_source%3DDigital%26ctm_campaign%3DSecurityInsider_Casebook2018_Report%26ctm_medium%3D3rd_Party_Email&rl=https%3A%2F%2Fwww.crowdstrike.com%2Fresources%2Freports%2Fcyber-intrusion-services-casebook-2018%2F%3Fctm_source%3DDigital%26ctm_medium%3D3rd_Party_Email%26ctm_campaign%3DSecurityInsider_Casebook2018_Report&if=true&ts=1545154976088&cd[segment_eid]=JK7SIYBXVFBL3G4JSDFST7&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=29&fbp=fb.1.1545154976064.60630213&it=1545154975866&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 17:42:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 17:42:56 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ Frame EE79 37 B
179 B 170ms
114ms XHR
application/json 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=&GCS2=MTQ4LjI1MS40NS4xNzAsMmEwMTo0Zjg6MjAyOmE5Ojoy&pe=false&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%2C%22graphEN%22%3Afalse%7D%2C%22apikey%22%3A%22afaa2674%22%2C%22cjsversion%22%3A%221.5.17%22%2C%22loadID%22%3A%22FbpZIfXrZJ0HCNM%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A4%2C%22IDStageStart%22%3A5%2C%22netComplete%22%3A133%2C%22obsReq1%22%3A446%2C%22obsReq0%22%3A483%2C%22IDStagePrefire%22%3A4008%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%7D%7D
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

status: 200
date: Tue, 18 Dec 2018 17:42:58 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-origin: https://go.crowdstrike.com
alt-svc: clear
content-type: application/json

GET
H2 200 c Show response
ids.cdnwidget.com/ Frame 0C6E 37 B
98 B 731ms
694ms XHR
application/json 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=&GCS2=MTQ4LjI1MS40NS4xNzAsMmEwMTo0Zjg6MjAyOmE5Ojoy&pe=false&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%2C%22graphEN%22%3Afalse%7D%2C%22apikey%22%3A%22afaa2674%22%2C%22cjsversion%22%3A%221.5.17%22%2C%22loadID%22%3A%22GNGPkKRKmCbkvz7%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A1%2C%22IDStageStart%22%3A1%2C%22netComplete%22%3A109%2C%22obsReq1%22%3A527%2C%22obsReq0%22%3A567%2C%22IDStagePrefire%22%3A4004%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%7D%7D
Requested by: Host: pixel.cdnwidget.com
URL: https://pixel.cdnwidget.com/cdn/c.min.js?data-gdis=1&data-apikey=afaa2674&id=c.js&data-adcb=adroll_callback_adcb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
Origin: https://go.crowdstrike.com

Response headers

status: 200
date: Tue, 18 Dec 2018 17:42:59 GMT
via: 1.1 google
access-control-allow-credentials: true
access-control-allow-origin: https://go.crowdstrike.com
alt-svc: clear
content-type: application/json

GET
H2 204 cjs-logger
e.cdnwidget.com/ Frame EE79 0
49 B 140ms
114ms Image
image/png 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Not%2520Allowed%2520on%2520EU%2520traffic&cookieID=&deviceID=&BXWID=&warpspeed=afaa2674&loadID=FbpZIfXrZJ0HCNM&version=1.5.17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 18 Dec 2018 17:42:59 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H2 204 cjs-logger
e.cdnwidget.com/ Frame 0C6E 0
41 B 143ms
140ms Image
image/png 130.211.47.17
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Not%2520Allowed%2520on%2520EU%2520traffic&cookieID=&deviceID=&BXWID=&warpspeed=afaa2674&loadID=GNGPkKRKmCbkvz7&version=1.5.17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email?ctm_source=Digital&ctm_campaign=SecurityInsider_Casebook2018_Report&ctm_medium=3rd_Party_Email
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 18 Dec 2018 17:42:59 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2018CyberIntrusionServicesCasebook_LPDownload2.html

Domain: go.crowdstrike.com
URL: https://go.crowdstrike.com/WF-Trial-to-Pay_LP-Registration-Footer.html

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=4714&xuid=YzdhOGIzYmE5MzE4MmQxOTkwMGE2YmFiMzk1YjAwMGM&dongle=c85e

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.crowdstrike.com/	1970-01-20 17:00:34	Name: __adroll_fpc Value: ab13e4300918c25a09b2f7e1029d96dc
app-ab01.marketo.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !L/ED02NubfZuul25yiPNdgcigIaMSdZ/X5l1VFqY7UZh2JyT9+Oy8U5U8Noei5um3ZgBB897PcsH4ZQ=
go.crowdstrike.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !QtqhdagJA7s27aG5yiPNdgcigIaMSXuSrn8UKB5184zG8MWUmG9BjzRYW/CPXYzggFFg6XXUYvVKl+8=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

281-obq-266.mktoresp.com
addsearch.com
ads.yahoo.com
ajax.googleapis.com
api.ipstack.com
app-ab01.marketo.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cse.google.com
d.adroll.com
d12ulf131zb0yj.cloudfront.net
data.cdnbasket.net
dsum-sec.casalemedia.com
e.cdnwidget.com
eb2.3lift.com
fonts.googleapis.com
go.crowdstrike.com
ib.adnxs.com
ids.cdnwidget.com
idsync.rlcdn.com
munchkin.marketo.net
page.cdnbasket.net
pixel.advertising.com
pixel.cdnwidget.com
pixel.rubiconproject.com
s.adroll.com
s3.amazonaws.com
simage2.pubmatic.com
sjrtp-cdn.marketo.com
sync.outbrain.com
trc.taboola.com
u3459990.ct.sendgrid.net
us-u.openx.net
view.cdnbasket.net
www.crowdstrike.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
x.bidswitch.net
eb2.3lift.com
go.crowdstrike.com
104.111.239.158
104.111.242.254
130.211.47.17
151.101.2.2
167.89.115.54
172.217.16.130
173.241.240.143
176.34.111.91
18.153.11.24
18.207.56.96
185.33.223.221
185.64.189.110
192.28.144.124
192.28.144.241
2.18.233.40
205.185.208.52
213.19.162.90
23.211.2.27
23.246.243.35
2600:9000:20bb:1600:b:6d87:aa40:93a1
2606:4700:10::6814:5ef6
2a00:1288:110:422::3000
2a00:1288:110:833::4000
2a00:1450:4001:806::2004
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:821::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.157.225.240
35.186.237.72
35.190.74.199
35.201.88.237
52.166.11.26
52.216.160.37
52.216.162.205
52.222.149.41
00798fc7cfe79e0e6f909c08bde3337f8132fa09e9f01318cc997f9d62a2bfb9
00f8ad974c63166a03f417cbe637d42e8bbca9127cdc21eccbcf6b783421757d
0300012087dee57a051d6abd72c298d9acad1e42d1447f8aabbc7bf253f0dcc1
03b5aaeebef58c37a9ff0662decd51762c5923053a59cb67a503e936ef80cf38
06700f6c9628c8b7e06de86b97cfe32d88c9461178ba01c472671837ed7578a4
0735e3827a3d7fe722b56733ca79c2bad9aca48c3a0d12c50617fcfdb09b61ee
0a73a6e119e70e02ff11950264a74c32f30a2dc9f606aa557e2cc7be3a2a44a1
0e8d3647d7007583e9190b3fce74c540b9bf0421c2208996a127cc19622b08aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13860fa49f9709e5237bc161dafea2e9a5664c98df9e65e4a90e14fb93eacc6c
182678071a390e93d21e00bd79c2dfffb06bf5a6d8cc7acc3ffb12fc64988385
1a96431a6015362d8651e9cba98b6397ecf6d7e1c191fbd42e218379caed5a8a
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1e530db53062089708537e511833c28b4bfc74e444e956e4fe7ce2e091ccd90b
1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd
2173bda07583c48887c926e95bf4e5b0f6797d536c3af1975820d45bc479c76a
218b2d4092ae8e75483c52600e140383590205b2d0f03c2e7f3065b38ee0139f
24e89c1a622073ff29d3d15454c87aaa907a6ce14bc585dca0758ac277631af4
26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad
2930218d98b2c98df97bbfcbac87448e891f65a6ad033713778a5f174278715e
2a67e7556ccb810ba272b9cd2aa3beb81a54f29003aaacd0ab746fab90ce4268
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cf4a030e4250257aa3ef74c27ade1f269a58d6b7325c4c3e36bde6daf78935e
2d6be998879083b4324442cad47d8ad7bb85e9135c9f3d2bf3b70c71add2a7c7
2e4f2bc1db0f75a7a5288dc28dcb4ad4a67cec1d8beb3d5510d85d06ea883585
2fb574e7bb951deb621f32ec4a6d95faa84d74218fdfaf60f77333c5c106b185
3005e200eae72242a4b3adb55419417b83e65a3f3c9e1c850fee1d134f3db015
30b7aec5587b37dacb4d88e9f7fbc6c8c4214f234b54a5bee2bcba5f74afb32b
31f62d134043e412f82ec6c2562133aece36170cf3f0bdb78a05026ab509bbda
33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62
3371f28daadee8d511e5fdb27d79f11de7988285b59cb88123e8291408df9ce5
35101d007f18afeb15ec1a5926befd059ce5e0ae1c8a480e7cbc1ad42cef5a9a
35e83b5477f2eb1f496ec61c425298e13ac09aeb468ae4591af97d72aefef422
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
3b6b47fc2e4648d1f3173437faf2065ecd7cc89142d338151bf0b0c2404b5005
3c131461c86e0f324d7b53c197bb175d77e59ff7d8fdbc9fed6c7b58557c193d
3d9be27c60a1df3dff3d8e4f98a6793ba65022c05d2414ada14a7acd2e36698f
47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c
4818ae419e22957b27ca326dc9df7af0d8c5cd30bd6aa2ac00e650de00c98c1b
482248da20a3122a6d9d219b802c3b4ce696b1043c1fc06c39c1a12cc081d6c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c92cbd28b44e143836dc7e031d87335e48f041ee07c48b75c231e64b34408d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
534f2f25f81301ecc9f48fb15f9e75088d334a1a9d3c0ea35757a9bc7519870f
53a4535ab8a85b397c6ab3a1f5a3a8a0cd098ff913fe2a013f12f8331cb33d60
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
59c57252ccd7eb05486c77263f6c6212b26dd396d7b92fae37244a8201e33648
5b12f729f6e038efce3a2c1b339b0b0eb6abd9183818857aa377dc82ecf88236
633a7b4d57e877017e7527236411c514c932b590f817596dd13af817946dc6df
643fb5ad280920a70c2d372ac3448aaa2724fbddea2710b8eef4abc8b8b335e2
653bbc0f39278f1bc1e84c154c76d445e65ab88c7bf9d5e81830676c2d80c61a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68fd0c06d8a213544b18ac16739513e900ddc39f3928448d8663bd2b9ce87862
6d1a400c49ae5c9c548af7919dac261384e7456fa588091ae3b78e0f50693cc7
7322c6b395210149360a505c214681510bf9717456331ff1344228fc962bbc57
796c7745023e1dde305650acd08803c06efddabf993595dbb8abe1f2f6160362
7a00e5df00af10491323dab5e15374debae190aab3b2928b6c03df8456cbf6ce
7ad07f7e4c992a797ddae26a89b57b9addbb1d74ab42559858041ea1020786c2
7c4daad866e19daf2e5089bf09a821ce5b21a2a88e6af402b5979837f3a32d8b
7ce1b6287b7527cd0a3d68ec397ed9f19433f057a730f4bdce654969ba58fa5b
8117c8a7e885205eee8bcab4a30d4a304729da61f094d29871e8fc7c721c4456
82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259
84af42a699988e6446d1c4597d80b0631a8fc0e56b8059f526bc97275005e9cb
8531ddc02bab94701064159a816171dbd641bfe0949c2e0b231b2203a1af6b80
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
867dcd95053e2a2e7dcdecc4d2207720337e925238f6232a57681a626e72e617
8801be0e66832c555176c8964efc290cd759eb25fcd9f0c7868971cdacdf538d
8a889f8cd41e5a86957e338c937f62848ff948ec2fd995280858ca90f5c01dff
8ce7920df0659e5cd6b178128c1e4f9b59bef133bb36e18465f8be01a92b2b3a
928b6d9f436ca2b2e3eaff1d6b5ef5131c2c53455e55aea384d70a1a37e51786
9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a
a064f3625001979cf1ac8f806587e0c947056b3ad441b0d70eee8c4c6ceb7c42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9005e84badbea35440ca2ee78aff1ab77646a724409cd2036364a3363beda59
ac8a8de796dc2cb26352c6c2aa2badabe38143990433a8fe11cd2f5aecfbdd65
acc0997fb73941bf769cca6ddc74aecf4dba4999bf00a0535da15559236d5b76
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16ac1dc7d59388720d91c40296251a35df9428418908f40b5377f1758f142ff
b64183b20a1b5ab56761fb503e7197c641ae2a61e065bf5452a4fa5c0afd9c78
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b8ab7619f3398bd7fc411b192770b88ae0d3ad473f526c41d09bc069af0599bd
b9ce1c289bc9aaa511a8dbe5451a34c39b7e1dcd04591634d317ae74b74b1737
ba07f1bd34e54ae1d4914794a3490b1d2f54438769fa0e8614071d92dbde0d23
bd865ef23b5371d37d427d59b5b4b708c1738ec68473536e0a42b789f3a35505
be0e6080cb4849fd985b55c305c4fe7f81c123b0ca3e834feb905f5104e39c5f
beb07d6ff422dd77de376852a3d0f9a47891159503f4aaadbac5ee5cc02a9589
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed
c8da872d82b58140b45bb8b0538e83a8fb7aa43388233cb35c9c849022e32cd4
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
cc81da89d941df8f10ce343f9bc90a33bc8ce8ff397940b7c1ac7459e7367e78
cc97c1fc5bd6ce393ae8ac5ef9e03990e96b6181be6d4e267147d8a9e8c7aca7
d00b25b28944a3a7c4fb4b935e9920f2e5af33ab7d1ef325394e7409a10ddf1c
d4a31cfcac2526065e9c82913dd203a60ea8d01e318c5865c9ca08914056962a
d726095b397854d9cf864f9a9f4f023a69ce476a27fefdf64bc118c37f3d2c59
d7ca6eabb420758aa2d6c907cebea4cce2b76f8d887aec18d9e83659cf4c2a78
d8a1c3024f3fe34859daacf4f8491c9ccfa999b2ee44502bb2b3d1c119f1aa84
da8cb8957a11094c70a4e1d060a63b22f908cf04639a5071fd42564817014807
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dce5fa963518a673d96725c523714b522a5979f09df09575d00be56f925181d2
e18ec4b0d01e6b4cdd71bc71588dbb1f5c7e1a4fbba0b2ff47172554236101ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c22314f51099ba0ea3b08e1cdf4bc7deb6c666174831e342de951c97d79f5
e54c96162b8289ea4ed06e2723acb3b5873e0a8be842f885782c1ead58ab5591
e6e65d391914c3234ed0c78ba58c01f2de221346af2dbcce936abacc24c55eea
e91c4ae88469b2db9f529556b7fad60a298f25d0e18dd36212bf58029fba67cf
ecd499b06de85cddd4484253bdf960cabcf5f87fa5eecf188478e407a0e665a9
ecf74f827a3f7ff4c8e718bfac1591c46ae9bb3c2f56782e56d783fe8e08089b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13811af8ffa2ed4056e972230f724ab550386ee12d6590302cb4114ae3c880f
f4065673ebda1df1b479a99a366d0e50d722f1c3214f7be8b95ccdae1e6d1c22
f48c986f95a04235efded783989bb4ea3baf9d441119a49cbabd1a345ae08cdc
f6b16f531a6416235fe80a83ae3bf8734ace42fc18e6bb95281dbbcd291ab932
f7f85a766546b626861fca2007c82b74931a63eea013e56835f6be5bef0f71ff
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fdad32c41d21060f8af1be5ad5455784f92fe6a767dbcd4344d7a43699cc8918

www.crowdstrike.com Open in urlscan Pro 2606:4700:10::6814:5ef6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

98 %HTTPS

31 %IPv6

32 Domains

41 Subdomains

38 IPs

6 Countries

2509 kBTransfer

7133 kBSize

3 Cookies

12 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crowdstrike.com Open in urlscan Pro
2606:4700:10::6814:5ef6 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

98 %
HTTPS

31 %
IPv6

32
Domains

41
Subdomains

38
IPs

6
Countries

2509 kB
Transfer

7133 kB
Size

3
Cookies

186 HTTP transactions
2 data transactions