www.praetorian.com Open in urlscan Pro
13.248.141.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Effective URL:
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Submission: On July 24 via manual (July 24th 2019, 1:39:51 pm UTC) from US

Summary HTTP 105 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 23 domains to perform 105 HTTP transactions. The main IP is 13.248.141.96, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.praetorian.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 9th 2019. Valid for: 3 months.

This is the only time www.praetorian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.248.141.96 13.248.141.96	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	2600:9000:20b... 2600:9000:20bb:2800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700:20:... 2606:4700:20::6819:df07	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.32.222.3 13.32.222.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
40	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
7	2606:4700:20:... 2606:4700:20::6819:920	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2606:4700:20:... 2606:4700:20::6819:820	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
105	20

2 13.248.141.96 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.praetorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:20bb:2800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::6819:df07 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

p16.praetorian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.222.3 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-3.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::6819:920 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

sdk.getsitekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::6819:820 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.getsitekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	gstatic.com fonts.gstatic.com	510 KB
22	website-files.com assets.website-files.com	1 MB
13	getsitekit.com sdk.getsitekit.com api.getsitekit.com	152 KB
5	praetorian.com 1 redirects www.praetorian.com p16.praetorian.com	52 KB
3	facebook.net connect.facebook.net	96 KB
2	facebook.com www.facebook.com	424 B
2	bing.com bat.bing.com	7 KB
2	youtube.com www.youtube.com	1 KB
2	cloudflare.com cdnjs.cloudflare.com	28 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	8 KB
1	ytimg.com s.ytimg.com	10 KB
1	twitter.com platform.twitter.com	93 KB
1	bizographics.com sjs.bizographics.com	5 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	87 KB
1	bizible.com cdn.bizible.com	32 KB
0	reddit.com Failed alb.reddit.com Failed
0	quora.com Failed a.quora.com Failed
0	demandbase.com Failed scripts.demandbase.com Failed
0	adroll.com Failed s.adroll.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
0	ads-twitter.com Failed static.ads-twitter.com Failed
0	addthis.com Failed s7.addthis.com Failed
105	23

	Domain	Requested by
40	fonts.gstatic.com	ajax.googleapis.com
22	assets.website-files.com	www.praetorian.com
7	sdk.getsitekit.com	www.praetorian.com sdk.getsitekit.com
6	api.getsitekit.com	sdk.getsitekit.com www.praetorian.com
3	connect.facebook.net	www.praetorian.com connect.facebook.net
3	p16.praetorian.com	www.praetorian.com
2	www.facebook.com	www.praetorian.com
2	bat.bing.com	www.googletagmanager.com www.praetorian.com
2	www.youtube.com	www.praetorian.com
2	cdnjs.cloudflare.com	www.praetorian.com
2	www.praetorian.com	1 redirects
1	s.ytimg.com	www.youtube.com
1	platform.twitter.com	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.praetorian.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.praetorian.com
1	cdn.bizible.com	www.praetorian.com
1	ajax.googleapis.com	www.praetorian.com
0	alb.reddit.com Failed	www.praetorian.com
0	a.quora.com Failed	www.praetorian.com
0	scripts.demandbase.com Failed	www.praetorian.com
0	s.adroll.com Failed	www.googletagmanager.com
0	www.googleadservices.com Failed	www.googletagmanager.com
0	static.ads-twitter.com Failed	www.googletagmanager.com
0	s7.addthis.com Failed	www.praetorian.com
105	26

This site contains links to these domains. Also see Links.

Domain
www3.praetorian.com
github.com
support.microsoft.com
download.microsoft.com
technet.microsoft.com
www.microsoft.com

Subject Issuer	Validity	Valid
www.praetorian.com Let's Encrypt Authority X3	`2019-06-09` - `2019-09-07`	3 months	crt.sh
*.website-files.com Amazon	`2019-02-08` - `2020-03-08`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
praetorian.com CloudFlare Inc ECC CA-2	`2018-12-26` - `2019-12-26`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
ssl373587.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-23` - `2019-11-29`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Frame ID: E3235A76E6F2EB0C346FDF5FC46AC05A
Requests: 102 HTTP requests in this frame

Frame: https://www.youtube.com/embed/259vkUGNhLU?start=4
Frame ID: 4B9A20BDB5F6222FE45AB936125EBDD4
Requests: 1 HTTP requests in this frame

Frame: https://sdk.getsitekit.com/static/iframe/css/smart_bar/app.css?v=1563850779460
Frame ID: 6543A6D631FBDC7BAC3369079700CB4E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft HTTP 301
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /prism\.js/i

Page Statistics

105
Requests

93 %
HTTPS

84 %
IPv6

23
Domains

26
Subdomains

20
IPs

5
Countries

2377 kB
Transfer

3850 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www3.praetorian.com/how-to-dramatically-improve-corporate-IT-security-without-spending-millions-report.html?utm_source=blog&utm_medium=cta&utm_campaign=WC%202016-07%20Top%205%20Attacks&utm_content=download-report
Title: How to Dramatically Improve IT Security without Spending Millions.pdf‍‍

Search URL Search Domain Scan URL

URL: https://github.com/byt3bl33d3r/CrackMapExec
Title: CrackMapExec

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/kb/2871997
Title: KB 2871997

Search URL Search Domain Scan URL

URL: https://download.microsoft.com/download/9/8/7/9870AA0C-BA2F-4FD0-8F1C-F469CCA2C3FD/Windows6.1-KB2871997-v2-x86.msu
Title: direct download

Search URL Search Domain Scan URL

URL: https://download.microsoft.com/download/C/7/7/C77BDB45-54E4-485E-82EB-2F424113AA12/Windows6.1-KB2871997-v2-x64.msu
Title: direct download

Search URL Search Domain Scan URL

URL: https://download.microsoft.com/download/E/E/6/EE61BDFF-E2EA-41A9-AC03-CEBC88972337/Windows6.1-KB2871997-v2-x64.msu
Title: direct download

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/library/cc753092(v=ws.11).aspx
Title: https://technet.microsoft.com/en-us/library/cc753092(v=ws.11).aspx

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pth
Title: https://www.microsoft.com/pth

Search URL Search Domain Scan URL

URL: https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf
Title: https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft HTTP 301
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mitigating-mimikatz-wdigest-cleartext-credential-theft Show response
www.praetorian.com/blog/
Redirect Chain

http://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

40 KB
13 KB

15514ms
119ms

Document
text/html

13.248.141.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.248.141.96 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

52ba07698f02040af7c8c43de5d138626e62f2e944d50efca96093c4f77ba1e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.praetorian.com
:scheme: https
:path: /blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
server: openresty
date: Wed, 24 Jul 2019 13:39:34 GMT
content-type: text/html
content-length: 13188
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-lambda-id: 5eff5987-4ff3-4ed2-b7ce-7cb0e81f3c77
via: 1.1 varnish 1.1 varnish
age: 29474
x-served-by: cache-iad2145-IAD, cache-lhr6335-LHR
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1563975575.935059,VS0,VE1
vary: Accept-Encoding
x-cache-status: MISS
accept-ranges: bytes

Redirect headers

Server: openresty
Date: Wed, 24 Jul 2019 13:39:19 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

GET
H2 200 p17-staging.198d90888.min.css
assets.website-files.com/58866caeabc83d5e7c574c71/css/ 228 KB
42 KB 32ms
8ms Stylesheet
text/css 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b6739bf831bbe2aae188d241dca16a3bec3ba36bc05e01b5f5b765fcafe3b73

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: xAWDHlWpc4DSZpl0M_Zyz_9BwhcyQbRQ
content-encoding: gzip
age: 13595
x-cache: Hit from cloudfront
status: 200
date: Wed, 24 Jul 2019 11:07:13 GMT
content-length: 42249
last-modified: Sun, 14 Jul 2019 02:42:53 GMT
server: AmazonS3
etag: "1f9750dbf201d0a7405eadf7da483e3b"
content-type: text/css
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: xhSvfHYnF66cNj2fJWFpQCGi006XZfD3zRWJwboR-BYaCqKmL38vMA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3499726
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jun 2020 01:30:49 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 85 KB
32 KB 72ms
16ms Script
application/x-javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (ams/D1E9) / ASP.NET
Resource Hash: 8502155a9392b75296cfc1579baa7fe58a1be6c7483dd234bebde095723b0ebe

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: gzip
last-modified: Fri, 19 Jul 2019 00:40:11 GMT
server: ECS (ams/D1E9)
x-powered-by: ASP.NET
etag: "229b985ca3dd51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33060

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 16ms
12ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 8609517
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=4fb64d0fddcdd709
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4fb64d0fddcdd709-FRA
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 13 Jul 2020 13:39:35 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.013

GET
H2 200 prism.js Show response
p16.praetorian.com/js/prism/ 99 KB
34 KB 594ms
528ms Script
application/javascript 2606:4700:20::6819:df07
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://p16.praetorian.com/js/prism/prism.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:df07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

074da3346309b141dbd332865a61ecd9e6a187f59817494742b5ef0a1b47079a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.praetorian.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 18:37:12 GMT
server: cloudflare
etag: W/"18df5-58878bd0b34da-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://www.praetorian.com/
content-type: application/javascript
status: 200
strict-transport-security: max-age=15552000
cf-ray: 4fb64d1038bbbf05-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 prism.css
p16.praetorian.com/js/prism/ 10 KB
2 KB 629ms
564ms Stylesheet
text/css 2606:4700:20::6819:df07
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://p16.praetorian.com/js/prism/prism.css

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:df07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed469fbf6a20dbac2d45236b7767cfe4bddf180d774af559a46f15a5a39a44a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.praetorian.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 May 2019 17:57:56 GMT
server: cloudflare
etag: W/"26e8-58878309e1431-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://www.praetorian.com/
content-type: text/css
status: 200
strict-transport-security: max-age=15552000
cf-ray: 4fb64d1038b3bf05-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 showdown.min.js Show response
cdnjs.cloudflare.com/ajax/libs/showdown/1.9.0/ 74 KB
23 KB 17ms
14ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/showdown/1.9.0/showdown.min.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d25294d8d2491718abdc042f646e68226e6c7735556026f0047d365bb39d665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 8609217
cf-ray: 4fb64d0fddd2d709-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Sun, 11 Nov 2018 01:15:50 GMT
server: cloudflare
etag: W/"5be782c6-1274c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 13 Jul 2020 13:39:35 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.002

GET
H2 200 58866caeabc83d5e7c574df4_logo-white.svg
assets.website-files.com/58866caeabc83d5e7c574c71/ 20 KB
5 KB 29ms
8ms Image
image/svg+xml 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/58866caeabc83d5e7c574df4_logo-white.svg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922f114470d564fa0bf672ceed0924b3f0fcd7c6c45090e0e9da52bf66a5bd27

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 05 May 2019 01:01:07 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2017 20:51:05 GMT
server: AmazonS3
age: 6957508
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Zy9Hk8Yvpiy4dat9jK5lzUwS2OqC4oFG
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/svg+xml
x-amz-cf-id: V0PZeKBa0zzy1Kgcsji823WelR9kPQ7k1Mqaqo6co2E7CJ0MN0C0Lw==
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)

GET
H2 200 5cdc33972df070e1cb4fafc7_mitigating-mimikatz-lab-setup-01.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 12 KB
13 KB 14ms
12ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc33972df070e1cb4fafc7_mitigating-mimikatz-lab-setup-01.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e1c30e3a2a0f999cdcff060a8d29710ef659b2c9de660388592330897703b5

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:43:22 GMT
server: AmazonS3
age: 759963
etag: "dad80e978044e233df8666809ef03636"
x-cache: Hit from cloudfront
x-amz-version-id: Gv_jpkbVY0fb_DFpSDqaT8iHlRh.I.D2
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 12592
x-amz-cf-id: Wy8364gGoRVQ83iV9XOm0K0lxDxpAtufd457-tpZVDLZ-Y01gRDjDQ==

GET
H2 200 5cdc3206a4217f2425167266_image00.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 262 KB
263 KB 21ms
19ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc3206a4217f2425167266_image00.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e436563fc836e9b2786dfb164af909ec77364aec74ffc48e90058e07a2581944

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82021
etag: "75d15c2421ca3017151bb67c563c64de"
x-cache: Hit from cloudfront
x-amz-version-id: XudyOt0YmbGdJnLlvPp49njTRYI7Cr0k
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 268653
x-amz-cf-id: DwD7hbZ4jRnuhjQTKYuZGK6R-9xt_53isGaMv6svtsFIGAS3XvmTRQ==

GET
H2 200 5cdc3206f26ba4ff9f48fb3e_image06.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 50 KB
50 KB 16ms
14ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc3206f26ba4ff9f48fb3e_image06.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2af860df470d4ace9a6a0c10a48f62430f41965c413d4aae70f63c0fceb161fc

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82021
etag: "b6a0a36c512a9856e8ff387814fa83e2"
x-cache: Hit from cloudfront
x-amz-version-id: LFjJAHbHvfYn7VTcAu7m1pcIRKo17I3E
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 50952
x-amz-cf-id: t9GFca3cMHMbpGMWeqWLMGvvWEQlSX5Cg51hQP6gYlaOLj_Jz52tZA==

GET
H2 200 5cdc32064b4cafb30a5edcfc_image03.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 49 KB
50 KB 33ms
32ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc32064b4cafb30a5edcfc_image03.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a581cc6c8494fcf79f712e1b61a2da1a36710fb560e5b35cbbf329474987e08b

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82020
etag: "72cd6c8106e753c42ab8f3c85062edd4"
x-cache: Hit from cloudfront
x-amz-version-id: x4gfSVG2Y3TJcb9WMqTz.RRIqpNSIqXc
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 50475
x-amz-cf-id: hj_ABj9ar75P2N6oTlura_b5hZA9s5b5NFAW-PbZURZ2n4-RxOsWew==

GET
H2 200 5cdc3206bc4a3829217e4ec6_image04.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 18 KB
18 KB 14ms
13ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc3206bc4a3829217e4ec6_image04.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa7a2382402633f3c3b7245079bda8eefa5616d44dd63f29549cd50eae5912a3

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82020
etag: "4df6aa6e2e7c37e00520a26fe683fff3"
x-cache: Hit from cloudfront
x-amz-version-id: HO2tar6Q6wa9MRiQQCmx8wOVHguDFEdg
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 18185
x-amz-cf-id: 5wKfj83JbcZsYnbO-ZLZpx1w7Rv1G0dyLCYLsX0NBgXsm_6hUwxxGA==

GET
H2 200 5cdc32062df07064ea4f9cd2_image05.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 64 KB
65 KB 27ms
25ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc32062df07064ea4f9cd2_image05.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bffbeefbce5c07990968750dee738a3f57eef15d310d82d79c3474af35ba9b5

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82020
etag: "8e1768f83b8c2eb9ae1b9351adf1b5ad"
x-cache: Hit from cloudfront
x-amz-version-id: 9fkX12hpf1Ey0n5smNAfAHlu0b19D4Vw
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 65634
x-amz-cf-id: -821_Ndr4-TE6uD4CRGhZH0pEdFsE7_S7kC-WYLXVymH8j7vHN0ULA==

GET
H2 200 5cdc3207f26ba44ac648fb3f_image01.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 63 KB
64 KB 71ms
69ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc3207f26ba44ac648fb3f_image01.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 354aefb6824675fdcdb52ccc384a8b6c180f80850120dbe462a45af4eb4743eb

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:43 GMT
server: AmazonS3
age: 82021
etag: "d98bb06565245f22dc7e07972a775967"
x-cache: Hit from cloudfront
x-amz-version-id: gKn9sxtxi22ekcUZtHLHHzfx6EiQpbuj
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 64647
x-amz-cf-id: H0VOS51-0sDy7AfdplcBjJsiCYEGRRZgGrTspgdzSVd66m4dtJsFeQ==

GET
H2 200 5cdc3207f26ba4436548fb40_image02.png
assets.website-files.com/58866caeabc83d5e7c574c74/ 265 KB
265 KB 29ms
28ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5cdc3207f26ba4436548fb40_image02.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eb5a42264e67a575a92554a1d799c0e38422022867d2d8c3aa0cc25311002a8

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 15 Jul 2019 18:33:33 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 15 May 2019 15:41:44 GMT
server: AmazonS3
age: 82020
etag: "d0e594a2a52b9e70f96438207d81e82d"
x-cache: Hit from cloudfront
x-amz-version-id: bjRVHpSLUJh5p654Brho349qOvos7DiK
status: 200
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 271156
x-amz-cf-id: -uprsgiSI0JRV5zvqelWATvFLDYejLIjlek63O_NfI082ew3OJL8bQ==

GET
H2 200 5d092c52cb43f27906ff4597_20190618-nist-csf-thumb.jpg
assets.website-files.com/58866caeabc83d5e7c574c74/ 30 KB
30 KB 14ms
13ms Image
image/jpeg 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5d092c52cb43f27906ff4597_20190618-nist-csf-thumb.jpg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20062936cc6bde7c9d3d48faeb8acc5221e4a5ee69836bb20511d87b9f3d0690

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 18:35:27 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2019 18:24:19 GMT
server: AmazonS3
age: 3092649
etag: "ad460e5a13489a584cf0f14303305401"
x-cache: Hit from cloudfront
x-amz-version-id: E2M78ri1Q7TqWUsOawuEwol.MmcXsD3d
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/jpeg
content-length: 30228
x-amz-cf-id: h0wu2vx50Mj3Nh43QNbxFFrbUhP58NDusnP_xo6b1ajg_jSg8TNvbA==

GET
H2 200 5cddf15396d4139052df49be_x_blank.jpg
assets.website-files.com/58866caeabc83d5e7c574c71/ 10 KB
10 KB 13ms
12ms Image
image/jpeg 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cddf15396d4139052df49be_x_blank.jpg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10c3e72840e6da387b3d55ae2ca83dbbe80d4885cfa1dd0540afaafd30b22b14

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 19 May 2019 12:26:16 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Thu, 16 May 2019 23:25:08 GMT
server: AmazonS3
age: 5706800
etag: "b20f8b0c712fafe110ddb77ece9004a7"
x-cache: Hit from cloudfront
x-amz-version-id: YQIkwnCbWv5GHYGHAtlfBQVeN7B2hDei
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/jpeg
content-length: 9753
x-amz-cf-id: 7RW4l0nwqTes8oqCRxy9ijpNl67XKBq4VvT0ERyFuXFn03uSKcib3A==

GET
H2 200 5d012cf52bca933b627671bb_20190612-santa-bypass-2-thumb.jpg
assets.website-files.com/58866caeabc83d5e7c574c74/ 22 KB
22 KB 28ms
27ms Image
image/jpeg 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c74/5d012cf52bca933b627671bb_20190612-santa-bypass-2-thumb.jpg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9be53bb5eb595b818ccc5449a6db30ea5cdd80c8c141def29c3b9150216c037a

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 12 Jun 2019 18:40:11 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Wed, 12 Jun 2019 16:48:55 GMT
server: AmazonS3
age: 3610765
etag: "aabfaa927f45c6094d4baed9d1e359b0"
x-cache: Hit from cloudfront
x-amz-version-id: dwQAUjm_qCmVzEFNohjDqtprhU9Nw37f
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/jpeg
content-length: 22080
x-amz-cf-id: gi6hHFaWA_fWZfeR6cDG7E7aVaJ3axsjC9xDu2NY0-JPqR7uFwme_w==

GET
H2 200 5cdd77acdd5626f7d07d3623_Inc-best-workplaces-x2.png
assets.website-files.com/58866caeabc83d5e7c574c71/ 39 KB
40 KB 19ms
18ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cdd77acdd5626f7d07d3623_Inc-best-workplaces-x2.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68abf678017b855e4f9324d1c6ebd44973b69875bf41c30eef3e7c3ed44f3d44

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 17 May 2019 18:25:28 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Thu, 16 May 2019 14:46:07 GMT
server: AmazonS3
age: 5858048
etag: "6fd416d041066794757b2e1cdfe60c22"
x-cache: Hit from cloudfront
x-amz-version-id: kohnjIWkae0tQNsbO6f3l15Y_ZJ0ZiL3
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 40030
x-amz-cf-id: dgzPXMgCdZaCowPzs4ndl4jRBylJPCsKddEM1_Z2pXkn7nC3kU2H1g==

GET
H2 200 5cdeb6a632ac65f32e41b167_21CF---InMail-Graphic-300x250.jpg
assets.website-files.com/58866caeabc83d5e7c574c71/ 38 KB
39 KB 17ms
16ms Image
image/jpeg 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cdeb6a632ac65f32e41b167_21CF---InMail-Graphic-300x250.jpg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 971f04a462c8df4f75f6a9c661d2f000e3a4c5bf96e72c91609d33d4086092bb

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 19 May 2019 10:13:07 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2019 13:27:04 GMT
server: AmazonS3
age: 5714789
etag: "1cfc71124fd5b655e08805b3119149fb"
x-cache: Hit from cloudfront
x-amz-version-id: _HC4Z__eAIqziBOZBxJn9IipHjAlsVpX
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/jpeg
content-length: 39036
x-amz-cf-id: lshfa6oP7r6cc2MrorCPW8kMB1pr8BxvmCU-ySwu_w7-PYAuMDiG3Q==

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
87 KB 3147ms
63ms Script
application/javascript 13.32.222.3
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.222.3 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-3.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Origin: https://www.praetorian.com

Response headers

date: Tue, 09 Jul 2019 09:25:55 GMT
via: 1.1 7ff3248f5aef149847858a974cf62b00.cloudfront.net (CloudFront)
age: 19819
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 88145
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
etag: "220afd743d9e9643852e31a135a9f3ae"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: Jug-HQz4TnJAA8LWBSIPpolmiM9_GljUwifREqPgj4ZAhDzwDmTPeA==

GET
H2 200 p17-staging.d574de99a.js Show response
assets.website-files.com/58866caeabc83d5e7c574c71/js/ 290 KB
65 KB 11ms
11ms Script
text/javascript 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/js/p17-staging.d574de99a.js
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e410b6a0b89d24052e8eec15d736bd27ff25e766f11d108a601724a19e32a215

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: 7IXIUUCdD.sh05au8hRALM.MlNCjRo8t
content-encoding: gzip
age: 13595
x-cache: Hit from cloudfront
status: 200
date: Wed, 24 Jul 2019 11:07:13 GMT
content-length: 65565
last-modified: Sun, 14 Jul 2019 02:42:53 GMT
server: AmazonS3
etag: "e987b5b09ae704b9109cd527f9bc48ae"
content-type: text/javascript
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: _KR09KCQ9iZbQ7hN8c9x2hfsoEGsKpVKqQtDadqUd3Vt54CX5ai3Lg==

GET addthis_widget.js
s7.addthis.com/js/300/ 0
0

GET
H2 200 jquery.sticky.js Show response
p16.praetorian.com/js/plugins/ 10 KB
2 KB 462ms
461ms Script
application/javascript 2606:4700:20::6819:df07
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://p16.praetorian.com/js/plugins/jquery.sticky.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:df07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

939d8b031588c090acb14e2a0a5fe4648ba361422d85f2801f450f3dd5aa5756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.praetorian.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 27 Sep 2016 14:03:44 GMT
server: cloudflare
etag: W/"2705-53d7db6679000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://www.praetorian.com/
content-type: application/javascript
status: 200
strict-transport-security: max-age=15552000
cf-ray: 4fb64d14af5abf05-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 82 KB
3 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c7252e1fa132ac672a4254b8f8f560054b6027b083cc1fb3ae99c20175bf93ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 24 Jul 2019 13:39:35 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 24 Jul 2019 13:39:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 24 Jul 2019 13:39:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
38 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:81d::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFKJTW

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9bdda5bc13d6a495f7e13002637d65299ae8789632bdee74cc627fcfbd2ae76

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 38975
x-xss-protection: 0
expires: Wed, 24 Jul 2019 13:39:35 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:40:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 64738
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:40:37 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:56 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9744
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:39:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 64788
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:39:47 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:59 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9684
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:40:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 64738
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:40:37 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:15 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9416
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9192
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKW-U9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKW-U9hrIqOxjaPX.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9bab0b356d452a6ac7735a73f860787fd845742b9d1843bfb92fac2b75092073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 19:42:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 64617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9760
x-xss-protection: 0
expires: Wed, 22 Jul 2020 19:42:38 GMT

GET
H2 200 QldKNThLqRwH-OJ1UHjlKGlZ5qhExfHw.woff2
fonts.gstatic.com/s/inconsolata/v18/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v18/QldKNThLqRwH-OJ1UHjlKGlZ5qhExfHw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb56c567dccf82a71e73b7b3a36369abfd817bf9752466601413bf6475982bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Mon, 22 Jul 2019 19:55:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:49 GMT
server: sffe
age: 150261
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10964
x-xss-protection: 0
expires: Tue, 21 Jul 2020 19:55:14 GMT

GET
H2 200 QldXNThLqRwH-OJ1UHjlKGHiw71p5_zaDpwm.woff2
fonts.gstatic.com/s/inconsolata/v18/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v18/QldXNThLqRwH-OJ1UHjlKGHiw71p5_zaDpwm.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e23cebd0637155d0700c0272e7a1fef4b0ec9fa2a05ce111b62ff4bd989f083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Mon, 22 Jul 2019 19:47:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:11 GMT
server: sffe
age: 150720
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12536
x-xss-protection: 0
expires: Tue, 21 Jul 2020 19:47:35 GMT

GET
H2 200 0yb9GDoxxrvAnPhYGxkpaE0Urhg0.woff2
fonts.gstatic.com/s/vollkorn/v10/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb9GDoxxrvAnPhYGxkpaE0Urhg0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce60ef77071ba66127beeb4a2d449e8ff7350c9748c5e390188755ecbece1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Wed, 17 Jul 2019 01:01:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:00:36 GMT
server: sffe
age: 650269
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19984
x-xss-protection: 0
expires: Thu, 16 Jul 2020 01:01:46 GMT

GET
H2 200 0yb7GDoxxrvAnPhYGxksWE8eqTo29Tc.woff2
fonts.gstatic.com/s/vollkorn/v10/ 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb7GDoxxrvAnPhYGxksWE8eqTo29Tc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

48e0b33a51dae4c5767e30813f12082f7cb4f65a3ed46c4dcc90efdf2d74223b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Wed, 17 Jul 2019 00:16:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:58:00 GMT
server: sffe
age: 653004
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 21288
x-xss-protection: 0
expires: Thu, 16 Jul 2020 00:16:11 GMT

GET
H2 200 0yb6GDoxxrvAnPhYGxGSTVg5jBUe_z_2.woff2
fonts.gstatic.com/s/vollkorn/v10/ 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb6GDoxxrvAnPhYGxGSTVg5jBUe_z_2.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

48e30db573cfffb73f914a91994fe2afba4caae1fcb1efb69b4e0c98781fb0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Wed, 17 Jul 2019 01:33:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:59:57 GMT
server: sffe
age: 648371
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 21400
x-xss-protection: 0
expires: Thu, 16 Jul 2020 01:33:24 GMT

GET
H2 200 0yb4GDoxxrvAnPhYGxksUPQ7vBcU-B308DI.woff2
fonts.gstatic.com/s/vollkorn/v10/ 22 KB
22 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v10/0yb4GDoxxrvAnPhYGxksUPQ7vBcU-B308DI.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

798c496c345355559da1f687a1de40a3d1a83f5ca64fa68da4abbfc95e0d256d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Wed, 17 Jul 2019 05:14:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:04:03 GMT
server: sffe
age: 635103
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 22776
x-xss-protection: 0
expires: Thu, 16 Jul 2020 05:14:32 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm45_QpRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUQjIg1_i6t8kCHKm45_QpRyS7m0dR9pA.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7c5eb754c98dece70e0d331dd367f6105ff60436aa854c4815577e8f951b42ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:52 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12660
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUOjIg1_i6t8kCHKm459WxZqh7k29NfpiOj.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUOjIg1_i6t8kCHKm459WxZqh7k29NfpiOj.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ac28b8436b26a0226e8b3e8fa68f1410997cb405dc6fcad807bdf5aadc33d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:39 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13088
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_aZA3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:33 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13540
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZBg_z_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZBg_z_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ef78c9f1ff84bc1bf77758fc0cd8b04ff751afd74da354f8a1a6ff9d4b654520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:39 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13808
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:37 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13560
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZYgzz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

967f14653914225c8ecf82d70d4a0458e10db8254460d12b15903e0b6487f0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:36 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13980
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:00:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 121164
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:00:11 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:53 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14024
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13640
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZOg3z_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZOg3z_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a035f0162bc9e3d98eac0a242126860103682306a236f1cec114de42d477ca02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:08 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:00:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 121164
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:00:11 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZFgrz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZFgrz_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4c70dc28e66696cb4bf0bac4fcaf5f19b9456e07b7265be9a4452651530044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:53 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13880
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 03:57:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 121318
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Wed, 22 Jul 2020 03:57:37 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:00 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14028
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:00:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 121164
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13516
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:00:11 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZbgjz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZbgjz_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b7e13124cb6393c4e90d6be4f10bc5c925402e35cbfe3dc01719bc4df6eee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13912
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:58 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12504
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZSgnz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZSgnz_PZwjimrqw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

18bc5f5843d08acbd8118a8146ad41c98ed89435248a88b2035d5300efdf257c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 23 Jul 2019 04:01:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:03 GMT
server: sffe
age: 121071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13036
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:01:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 09 Jul 2019 05:49:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 1324200
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Wed, 08 Jul 2020 05:49:35 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v19/ 12 KB
13 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Sun, 02 Jun 2019 21:43:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:02 GMT
server: sffe
age: 4463769
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12680
x-xss-protection: 0
expires: Mon, 01 Jun 2020 21:43:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 09 Jul 2019 01:47:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:38 GMT
server: sffe
age: 1338750
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Wed, 08 Jul 2020 01:47:05 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ 12 KB
12 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Tue, 09 Jul 2019 04:49:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:07 GMT
server: sffe
age: 1327830
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12668
x-xss-protection: 0
expires: Wed, 08 Jul 2020 04:49:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Thu, 13 Jun 2019 22:52:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 3509224
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Fri, 12 Jun 2020 22:52:31 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ 12 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CInconsolata:400,700%7CVollkorn:400,400italic,700,700italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRoboto:regular,italic,500,500italic,700,700italic
Origin: https://www.praetorian.com

Response headers

date: Sat, 01 Jun 2019 04:49:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:43 GMT
server: sffe
age: 4611000
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12688
x-xss-protection: 0
expires: Sun, 31 May 2020 04:49:35 GMT

GET
H2 200 259vkUGNhLU
www.youtube.com/embed/ Frame 4B9A 0
0 168ms
156ms Document
text/html 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/259vkUGNhLU?start=4

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/259vkUGNhLU?start=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: no-cache
date: Wed, 24 Jul 2019 13:39:35 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=phL_ymm--ZE; path=/; domain=.youtube.com; expires=Mon, 20-Jan-2020 13:39:35 GMT; httponly VISITOR_INFO1_LIVE=phL_ymm--ZE; path=/; domain=.youtube.com; expires=Mon, 20-Jan-2020 13:39:35 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Tue, 24-Mar-2020 01:32:35 GMT YSC=cuwzy0wgPLI; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 24-Jul-2019 14:09:35 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 5a1b1e63f4308f0001d71962_logo-laurel2.svg
assets.website-files.com/58866caeabc83d5e7c574c71/ 6 KB
3 KB 25ms
25ms Image
image/svg+xml 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5a1b1e63f4308f0001d71962_logo-laurel2.svg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 757dfa0fd72d024e4ac9e550945d8379a7c297642b17d89a631c838964b240b7

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 11 May 2019 10:08:37 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2017 20:04:52 GMT
server: AmazonS3
age: 6406259
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9SMfhPiSYaGOguOfNMSTLvgbkZiGrVXQ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/svg+xml
x-amz-cf-id: wG2_W6g4Y6j1bWM6G5V7EHmPSi1Ly--fdsjkrF2XpoYC7KLNOzNGDQ==
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)

GET
H2 200 5b23fc4613f80ea566737d96_hero-careers.jpg
assets.website-files.com/58866caeabc83d5e7c574c71/ 201 KB
201 KB 27ms
27ms Image
image/jpeg 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5b23fc4613f80ea566737d96_hero-careers.jpg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6758dadc2cf8c3b5d6593ce6024823bbfc8d975371ba3f6603d38ce258bc8732

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 19 May 2019 10:13:07 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jun 2018 17:49:59 GMT
server: AmazonS3
age: 5714789
etag: "e76eee39ef010d4ce3061a8a6240d398"
x-cache: Hit from cloudfront
x-amz-version-id: s25yCGwpUpzCrwUd8j179AY7rWzAAnGU
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/jpeg
content-length: 205491
x-amz-cf-id: 7n4yJK_Z3ja11Kvscfch3D9P_TmaA8ws6Sl3x1Lp1fChe2oTJMrPkQ==

GET
H2 200 5cd5b57b6e27133c23edf61e_dot_grey.png
assets.website-files.com/58866caeabc83d5e7c574c71/ 1 KB
1 KB 24ms
24ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cd5b57b6e27133c23edf61e_dot_grey.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3cc78a4134b0799e11ada89f9a85ef1b2df57f5382ddf2c924e1db06920dfc8

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 18 May 2019 13:39:19 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2019 17:31:41 GMT
server: AmazonS3
age: 5788817
etag: "b8a89b21d98816982b0d7e8e0b30f39a"
x-cache: Hit from cloudfront
x-amz-version-id: Hatz9mTKgeONZgi0DftJLEZTcLjpTGLu
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 1049
x-amz-cf-id: gB4acGD5Fd5EHxndgPT17UBo63ApUapf4EjsZvZJFEYgsocG16G-WQ==

GET
H2 200 5cd5bcaf247e9d95811b78db_search_blue.svg
assets.website-files.com/58866caeabc83d5e7c574c71/ 789 B
1 KB 25ms
24ms Image
image/svg+xml 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cd5bcaf247e9d95811b78db_search_blue.svg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18f6513c7565e5fae97f5be43b42602cef40c74301542f96ae5baf0e85b4364e

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 19 May 2019 10:13:07 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2019 18:02:24 GMT
server: AmazonS3
age: 5714789
etag: "e52e6f714bc8528cabc069b957cd1ddb"
x-cache: Hit from cloudfront
x-amz-version-id: DD82t_3aZXeSPNsYW6x7bKJRx8SAXKn6
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/svg+xml
content-length: 789
x-amz-cf-id: Bp6pReVK_vpV6Sp8DeQPScTOcfKTeWJjDR2sY2ZRqqSnRZjbO7FDnQ==

GET
H2 200 5cd5c282f76b67aa150b944f_trending_red.svg
assets.website-files.com/58866caeabc83d5e7c574c71/ 361 B
766 B 24ms
24ms Image
image/svg+xml 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5cd5c282f76b67aa150b944f_trending_red.svg
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82c7026c174c5b733493c84be2ee66bd2b6113a289f43168e04d863bf9a5e0d4

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sat, 18 May 2019 15:02:13 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 10 May 2019 18:27:15 GMT
server: AmazonS3
age: 5783843
etag: "51d8a46bb29cac5950af510097a9ee12"
x-cache: Hit from cloudfront
x-amz-version-id: V45oGCYE7Wd7Y7qOSRTqKV7PIBwJg0Ws
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/svg+xml
content-length: 361
x-amz-cf-id: qzDem0h4JS5zRdZpuYzjvj8eflM4YMYuCllY_dWb05f8s7s52hPi4A==

GET
H2 200 5d040f8ef0a2fd833b940234_LI-In-Bug.png
assets.website-files.com/58866caeabc83d5e7c574c71/ 8 KB
9 KB 24ms
24ms Image
image/png 2600:9000:20bb:2800:11:3b84:d200:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/58866caeabc83d5e7c574c71/5d040f8ef0a2fd833b940234_LI-In-Bug.png
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:2800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c0149f26168b5fe0f43e68664abe40341a6443b3cd435d18a73e12f64f8b600

Request headers

Referer: https://assets.website-files.com/58866caeabc83d5e7c574c71/css/p17-staging.198d90888.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 22:04:31 GMT
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2019 21:20:15 GMT
server: AmazonS3
age: 3425705
etag: "1b18d461ce75c75fdb4d7b6ec08b3e65"
x-cache: Hit from cloudfront
x-amz-version-id: HAHoiBC_fp8dlWOrzR8T75MTAzSsRTws
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-type: image/png
content-length: 8375
x-amz-cf-id: 8RWOYQNnnAxSkn4M88mS2b7UTytyil1ix2_k0t1SYUO7byXVvz5c1w==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Origin: https://www.praetorian.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 85 KB
23 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 22680
x-xss-protection: 0
pragma: public
x-fb-debug: H73D+rZQRMoWnseWd+amSnceo0NXYxBm+U5C7yVZiklalG8Hw++gmBUG2ZHXDAJvPdavufY4YBe7/ZAxAc0ZLg==
x-fb-trip-id: 997090344
date: Wed, 24 Jul 2019 13:39:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 15 KB
5 KB 26ms
13ms Script
application/x-javascript 2a02:26f0:6c00:2bf::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFKJTW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Wed, 24 Jul 2019 13:39:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=10439
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET uwt.js
static.ads-twitter.com/ 0
0

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 75ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFKJTW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: gzip
last-modified: Tue, 28 May 2019 20:50:22 GMT
x-msedge-ref: Ref A: C9B04BECE17E48BCBE2E60BAED920690 Ref B: VIEEDGE1107 Ref C: 2019-07-24T13:39:35Z
access-control-allow-origin: *
etag: "03b90f79615d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7104

GET roundtrip.js
s.adroll.com/j/ 0
0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
93 KB 25ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFKJTW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash: 67e3b1265f2ecef2ba487372b5e420109ebf520e470ed9610fdd6b4dd1dbf89b

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Wed, 24 Jul 2019 13:39:35 GMT
Last-Modified: Wed, 17 Jul 2019 18:01:51 GMT
Server: ECS (fcn/418E)
Etag: "e09c732e5d56860e58c6f26d69b0861e"
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 95170

GET 45d2b1eb.min.js
scripts.demandbase.com/ 0
0

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

d102474025e2a05cf0c0ef40436a8842a7ba53ea8a43530c6d5e206a93c4925c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:35 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET qevents.js
a.quora.com/ 0
0

GET
H2 200 app.js Show response
sdk.getsitekit.com/static/js/ 187 KB
63 KB 62ms
15ms Script
application/javascript 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.getsitekit.com/static/js/app.js
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa3acdc994bae1633c60397f85e92dfc784cac1c377a1636532443a949ec698

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2019 13:39:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2019 03:02:13 GMT
server: cloudflare
age: 271
etag: W/"5d3678b5-2edaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fb64d159f45d6ed-FRA
expires: Wed, 24 Jul 2019 17:39:35 GMT

GET snoo.gif
alb.reddit.com/ 0
0

GET
H2 200 282191695466192 Show response
connect.facebook.net/signals/config/ 301 KB
72 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/282191695466192?v=2.9.1&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7e2d8d073c88afd31efb713b72f22f6d2a6fcdbbb295a193d0f667a211c32193

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: Gk+MVwqM3/rBaJjnqX54SQ/BLLwp/Jsaf6xcyHItzrwZrDTr1HMVf7yUBeEZFO2PvDbtgTAie2i0B642O20ksg==
x-fb-trip-id: 997090344
date: Wed, 24 Jul 2019 13:39:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflj5Qw1-/ 25 KB
10 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflj5Qw1-/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71c080e63d1e093ef43c99d304b325313f1dfe0c2520a947c700cc41c97b3a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 23 Jul 2019 23:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49993
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9741
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 23:41:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 31 Jul 2019 23:46:22 GMT

GET
H2 204 0
bat.bing.com/action/ 0
147 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4023756&Ver=2&mid=495ab71a-3e3b-be07-9a84-ba90cc009294&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20to%20Mitigate%20Mimikatz%20WDigest%20Cleartext%20Credential%20Theft&p=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fmitigating-mimikatz-wdigest-cleartext-credential-theft&r=&evt=pageLoad&msclkid=N&rn=413844
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 24 Jul 2019 13:39:35 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 624052D4446C465082B8228A287596AC Ref B: VIEEDGE1107 Ref C: 2019-07-24T13:39:35Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
1 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: FUdWxJx2WLxhm+IQ15nKRB98M761ZsM7d4NZo6ojBpdaKSgYce5Jt0x8+Hv3lYZgj1lwlkHLG4e9q9aecMA4lg==
x-fb-trip-id: 997090344
date: Wed, 24 Jul 2019 13:39:35 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 settings.json Show response
api.getsitekit.com/v1/sk-public/site/ 0
406 B 227ms
186ms XHR
text/plain 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/sk-public/site/settings.json
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://www.praetorian.com
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: x-sitekit-key

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
server: cloudflare
access-control-allow-origin: https://www.praetorian.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET
status: 200
access-control-allow-credentials: true
cf-ray: 4fb64d1639869778-FRA
access-control-allow-headers: X-Sitekit-Key
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
325 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282191695466192&ev=PageView&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fmitigating-mimikatz-wdigest-cleartext-credential-theft&rl=&if=false&ts=1563975576001&sw=1600&sh=1200&v=2.9.1&r=stable&ec=0&o=30&fbp=fb.1.1563975576000.669392063&it=1563975575889&coo=false&rqm=GET

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 24 Jul 2019 13:39:36 GMT

GET
H2 200 settings.json Show response
api.getsitekit.com/v1/sk-public/site/ 2 KB
850 B 182ms
181ms XHR
application/json 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/sk-public/site/settings.json
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1685af3edb53ad80cbd85b652934c4db973670c029209370e6551d45bfb8b00e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Origin: https://www.praetorian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
X-Sitekit-Key: a13d368d6ccbb23b68b652876851725d

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.praetorian.com
access-control-allow-credentials: true
cf-ray: 4fb64d176b179778-FRA

GET
H2 200 0.4514faad4c58821592a6.js Show response
sdk.getsitekit.com/static/js/ 22 KB
9 KB 24ms
23ms Script
application/javascript 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.getsitekit.com/static/js/0.4514faad4c58821592a6.js
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aed92ff6d653581d782f34c08f727d261c3268494ca508d1cdae018fe0690e3

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 04:08:13 GMT
server: cloudflare
age: 271976
etag: W/"5d2bfc2d-5989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=2592000
cf-ray: 4fb64d18996ed6ed-FRA
expires: Fri, 23 Aug 2019 13:39:36 GMT

GET
H2 200 3.efbc53ec59cb639685a1.css
sdk.getsitekit.com/static/css/ 7 KB
1 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.getsitekit.com/static/css/3.efbc53ec59cb639685a1.css
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e5a1d04c28c5a7f4e955975bd07f1d8cb7d4a84f3c3922a6cef71455055d56

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 04:08:13 GMT
server: cloudflare
age: 642122
etag: W/"5d2bfc2d-1a46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2592000
cf-ray: 4fb64d189971d6ed-FRA
expires: Fri, 23 Aug 2019 13:39:36 GMT

GET
H2 200 3.edcede9ffb9309d6bc1e.js Show response
sdk.getsitekit.com/static/js/ 231 KB
55 KB 28ms
27ms Script
application/javascript 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.getsitekit.com/static/js/3.edcede9ffb9309d6bc1e.js
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7902b080c588b1116c00079c10fe5db7ea0cb7cdf6c958d1e9c360f94b7b0528

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2019 03:02:13 GMT
server: cloudflare
age: 124298
etag: W/"5d3678b5-39d18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=2592000
cf-ray: 4fb64d189973d6ed-FRA
expires: Fri, 23 Aug 2019 13:39:36 GMT

OPTIONS
H2 200 12016 Show response
api.getsitekit.com/v1/feature-switch/get-data/frontend/ 0
40 B 177ms
177ms XHR
text/plain 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/feature-switch/get-data/frontend/12016
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://www.praetorian.com
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: x-sitekit-key

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
server: cloudflare
access-control-allow-origin: https://www.praetorian.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET
status: 200
access-control-allow-credentials: true
cf-ray: 4fb64d189c8c9778-FRA
access-control-allow-headers: X-Sitekit-Key
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282191695466192&ev=Microdata&dl=https%3A%2F%2Fwww.praetorian.com%2Fblog%2Fmitigating-mimikatz-wdigest-cleartext-credential-theft&rl=&if=false&ts=1563975576511&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22How%20to%20Mitigate%20Mimikatz%20WDigest%20Cleartext%20Credential%20Theft%22%2C%22meta%3Adescription%22%3A%22Penetration%20testers%20and%20malicious%20adversaries%20often%20focus%20on%20using%20the%20easiest%20attack%20vector%20to%20achieve%20their%20objectives.%20One%20common%20attack%20vector%20that%20has%20been%20around%20for%20several%20years%20is%20to%20use%20a%20tool%20called%20Mimikatz%20and%20steal%20cleartext%20credentials%20from%20memory%20of%20compromised%20Windows%20systems.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22How%20to%20Mitigate%20Mimikatz%20WDigest%20Cleartext%20Credential%20Theft%22%2C%22og%3Adescription%22%3A%22Penetration%20testers%20and%20malicious%20adversaries%20often%20focus%20on%20using%20the%20easiest%20attack%20vector%20to%20achieve%20their%20objectives.%20One%20common%20attack%20vector%20that%20has%20been%20around%20for%20several%20years%20is%20to%20use%20a%20tool%20called%20Mimikatz%20and%20steal%20cleartext%20credentials%20from%20memory%20of%20compromised%20Windows%20systems.%22%2C%22og%3Aimage%22%3A%22%22%2C%22twitter%3Aaccount_id%22%3A%22228835232%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.1&r=stable&ec=1&o=30&fbp=fb.1.1563975576000.669392063&it=1563975575889&coo=false&es=automatic&rqm=GET

Requested by

Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 24 Jul 2019 13:39:36 GMT

GET
H2 200 12016 Show response
api.getsitekit.com/v1/feature-switch/get-data/frontend/ 2 KB
417 B 177ms
176ms XHR
application/json 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/feature-switch/get-data/frontend/12016
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ac604eaab8c55c51b19a1e0397bf17f1438fd1c1ca8711f507d0b3d31b1c025

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Origin: https://www.praetorian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
X-Sitekit-Key: a13d368d6ccbb23b68b652876851725d

Response headers

date: Wed, 24 Jul 2019 13:39:36 GMT
content-encoding: br
server: cloudflare
status: 200
etag: W/"BIVWGGPHRAAASJCFNJWF"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.praetorian.com
cache-control: public, max-age=300, stale-while-revalidate=60, stale-if-error=60
access-control-allow-credentials: true
cf-ray: 4fb64d19be119778-FRA
x-proto-cache: HIT

GET
H2 200 app.css
sdk.getsitekit.com/static/iframe/css/smart_bar/ Frame 6543 18 KB
3 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.getsitekit.com/static/iframe/css/smart_bar/app.css?v=1563850779460
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/3.edcede9ffb9309d6bc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacdf746e2967bc691519bba8c7c5d7b4985257493e04b9e5f65bf4f2af27d8c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: public
date: Wed, 24 Jul 2019 13:39:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2019 03:02:21 GMT
server: cloudflare
age: 124108
etag: W/"5d3678bd-4701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=2592000
cf-ray: 4fb64d1c5e13d6ed-FRA
expires: Fri, 23 Aug 2019 13:39:37 GMT

GET
H2 200 pattern1.png
sdk.getsitekit.com/static/iframe/images/campaigns/patterns/ Frame 6543 17 KB
18 KB 31ms
31ms Image
image/png 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdk.getsitekit.com/static/iframe/images/campaigns/patterns/pattern1.png?v=1563850939646
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65a63514c7414f8f9c9e2da902f60d0e8db622d06c02ba78e7f4b456b568682

Request headers

Referer: https://sdk.getsitekit.com/static/iframe/css/smart_bar/app.css?v=1563850779460
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:37 GMT
cf-cache-status: HIT
age: 124095
status: 200
content-length: 17864
pragma: public
last-modified: Tue, 23 Jul 2019 03:02:20 GMT
server: cloudflare
etag: "5d3678bc-45c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4fb64d1cbf39d6ed-FRA
expires: Fri, 23 Aug 2019 13:39:37 GMT

GET
H2 200 icon-send-light.svg
sdk.getsitekit.com/static/iframe/images/campaigns/icons/ Frame 6543 3 KB
1 KB 29ms
29ms Image
image/svg+xml 2606:4700:20::6819:920
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdk.getsitekit.com/static/iframe/images/campaigns/icons/icon-send-light.svg?v=1563850939646
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:920 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e13c89d955fc1b1d6b1c4f6247c4a908af1280c7bcfe5662bda3e4ee31bfe1c

Request headers

Referer: https://sdk.getsitekit.com/static/iframe/css/smart_bar/app.css?v=1563850779460
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 24 Jul 2019 13:39:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 103362
status: 200
pragma: public
last-modified: Tue, 23 Jul 2019 03:02:20 GMT
server: cloudflare
etag: W/"5d3678bc-ab2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 4fb64d1cbf3dd6ed-FRA
expires: Fri, 23 Aug 2019 13:39:37 GMT

OPTIONS
H2 200 track Show response
api.getsitekit.com/v1/sk-public/ 0
191 B 686ms
686ms XHR
text/plain 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/sk-public/track
Requested by: Host: sdk.getsitekit.com
URL: https://sdk.getsitekit.com/static/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.praetorian.com
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Access-Control-Request-Headers: content-type,x-sitekit-key

Response headers

date: Wed, 24 Jul 2019 13:39:37 GMT
server: cloudflare
access-control-allow-origin: https://www.praetorian.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
status: 200
access-control-allow-credentials: true
cf-ray: 4fb64d1d5b509778-FRA
access-control-allow-headers: Content-Type, X-Sitekit-Key
content-length: 0

POST
H2 200 track Show response
api.getsitekit.com/v1/sk-public/ 16 B
98 B 180ms
179ms XHR
application/json 2606:4700:20::6819:820
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsitekit.com/v1/sk-public/track
Requested by: Host: www.praetorian.com
URL: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:820 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.praetorian.com/blog/mitigating-mimikatz-wdigest-cleartext-credential-theft
Origin: https://www.praetorian.com
X-Sitekit-Key: a13d368d6ccbb23b68b652876851725d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 24 Jul 2019 13:39:38 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.praetorian.com
access-control-allow-credentials: true
cf-ray: 4fb64d21a8be9778-FRA
content-length: 16

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Domain: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js

Domain: scripts.demandbase.com
URL: https://scripts.demandbase.com/45d2b1eb.min.js

Domain: a.quora.com
URL: https://a.quora.com/qevents.js

Domain: alb.reddit.com
URL: https://alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAAAAB0-B0AA==&s=oMrV_zpTeWaN08zH8DoZPHqhcbBz1kV-zeT3D0d1QKI=&ts=1563975575867

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
ajax.googleapis.com
alb.reddit.com
api.getsitekit.com
assets.website-files.com
bat.bing.com
cdn.bizible.com
cdnjs.cloudflare.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
p16.praetorian.com
platform.twitter.com
s.adroll.com
s.ytimg.com
s7.addthis.com
scripts.demandbase.com
sdk.getsitekit.com
sjs.bizographics.com
static.ads-twitter.com
www.facebook.com
www.googleadservices.com
www.googletagmanager.com
www.praetorian.com
www.youtube.com
a.quora.com
alb.reddit.com
s.adroll.com
s7.addthis.com
scripts.demandbase.com
static.ads-twitter.com
www.googleadservices.com
13.248.141.96
13.32.222.3
2600:9000:20bb:2800:11:3b84:d200:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:820
2606:4700:20::6819:920
2606:4700:20::6819:df07
2606:4700::6813:c697
2620:1ec:c11::200
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:821::200e
2a00:1450:4001:824::200e
2a00:1450:4001:825::2003
2a00:1450:4001:825::200a
2a02:26f0:6c00:2bf::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
93.184.220.178
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a
074da3346309b141dbd332865a61ecd9e6a187f59817494742b5ef0a1b47079a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aed92ff6d653581d782f34c08f727d261c3268494ca508d1cdae018fe0690e3
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0eb5a42264e67a575a92554a1d799c0e38422022867d2d8c3aa0cc25311002a8
101309796941cb9b2ada88c7219a0ba69d37bb42b6aa8843f1068664c3aca401
10c3e72840e6da387b3d55ae2ca83dbbe80d4885cfa1dd0540afaafd30b22b14
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
1685af3edb53ad80cbd85b652934c4db973670c029209370e6551d45bfb8b00e
18bc5f5843d08acbd8118a8146ad41c98ed89435248a88b2035d5300efdf257c
18f6513c7565e5fae97f5be43b42602cef40c74301542f96ae5baf0e85b4364e
1ac604eaab8c55c51b19a1e0397bf17f1438fd1c1ca8711f507d0b3d31b1c025
20062936cc6bde7c9d3d48faeb8acc5221e4a5ee69836bb20511d87b9f3d0690
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2af860df470d4ace9a6a0c10a48f62430f41965c413d4aae70f63c0fceb161fc
2d25294d8d2491718abdc042f646e68226e6c7735556026f0047d365bb39d665
2e13c89d955fc1b1d6b1c4f6247c4a908af1280c7bcfe5662bda3e4ee31bfe1c
354aefb6824675fdcdb52ccc384a8b6c180f80850120dbe462a45af4eb4743eb
35e5a1d04c28c5a7f4e955975bd07f1d8cb7d4a84f3c3922a6cef71455055d56
3b6739bf831bbe2aae188d241dca16a3bec3ba36bc05e01b5f5b765fcafe3b73
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3c0149f26168b5fe0f43e68664abe40341a6443b3cd435d18a73e12f64f8b600
3ce60ef77071ba66127beeb4a2d449e8ff7350c9748c5e390188755ecbece1c4
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
48e0b33a51dae4c5767e30813f12082f7cb4f65a3ed46c4dcc90efdf2d74223b
48e30db573cfffb73f914a91994fe2afba4caae1fcb1efb69b4e0c98781fb0ec
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e23cebd0637155d0700c0272e7a1fef4b0ec9fa2a05ce111b62ff4bd989f083
52ba07698f02040af7c8c43de5d138626e62f2e944d50efca96093c4f77ba1e6
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58e1c30e3a2a0f999cdcff060a8d29710ef659b2c9de660388592330897703b5
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6758dadc2cf8c3b5d6593ce6024823bbfc8d975371ba3f6603d38ce258bc8732
67e3b1265f2ecef2ba487372b5e420109ebf520e470ed9610fdd6b4dd1dbf89b
68abf678017b855e4f9324d1c6ebd44973b69875bf41c30eef3e7c3ed44f3d44
6aa3acdc994bae1633c60397f85e92dfc784cac1c377a1636532443a949ec698
71c080e63d1e093ef43c99d304b325313f1dfe0c2520a947c700cc41c97b3a04
757dfa0fd72d024e4ac9e550945d8379a7c297642b17d89a631c838964b240b7
7902b080c588b1116c00079c10fe5db7ea0cb7cdf6c958d1e9c360f94b7b0528
798c496c345355559da1f687a1de40a3d1a83f5ca64fa68da4abbfc95e0d256d
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
7c5eb754c98dece70e0d331dd367f6105ff60436aa854c4815577e8f951b42ed
7e2d8d073c88afd31efb713b72f22f6d2a6fcdbbb295a193d0f667a211c32193
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82c7026c174c5b733493c84be2ee66bd2b6113a289f43168e04d863bf9a5e0d4
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
8502155a9392b75296cfc1579baa7fe58a1be6c7483dd234bebde095723b0ebe
922f114470d564fa0bf672ceed0924b3f0fcd7c6c45090e0e9da52bf66a5bd27
939d8b031588c090acb14e2a0a5fe4648ba361422d85f2801f450f3dd5aa5756
967f14653914225c8ecf82d70d4a0458e10db8254460d12b15903e0b6487f0d6
971f04a462c8df4f75f6a9c661d2f000e3a4c5bf96e72c91609d33d4086092bb
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9bab0b356d452a6ac7735a73f860787fd845742b9d1843bfb92fac2b75092073
9be53bb5eb595b818ccc5449a6db30ea5cdd80c8c141def29c3b9150216c037a
9bffbeefbce5c07990968750dee738a3f57eef15d310d82d79c3474af35ba9b5
a035f0162bc9e3d98eac0a242126860103682306a236f1cec114de42d477ca02
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a581cc6c8494fcf79f712e1b61a2da1a36710fb560e5b35cbbf329474987e08b
a65a63514c7414f8f9c9e2da902f60d0e8db622d06c02ba78e7f4b456b568682
a6b7e13124cb6393c4e90d6be4f10bc5c925402e35cbfe3dc01719bc4df6eee4
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aacdf746e2967bc691519bba8c7c5d7b4985257493e04b9e5f65bf4f2af27d8c
b3cc78a4134b0799e11ada89f9a85ef1b2df57f5382ddf2c924e1db06920dfc8
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9bdda5bc13d6a495f7e13002637d65299ae8789632bdee74cc627fcfbd2ae76
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bf4c70dc28e66696cb4bf0bac4fcaf5f19b9456e07b7265be9a4452651530044
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c7252e1fa132ac672a4254b8f8f560054b6027b083cc1fb3ae99c20175bf93ee
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb56c567dccf82a71e73b7b3a36369abfd817bf9752466601413bf6475982bb2
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d102474025e2a05cf0c0ef40436a8842a7ba53ea8a43530c6d5e206a93c4925c
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410b6a0b89d24052e8eec15d736bd27ff25e766f11d108a601724a19e32a215
e436563fc836e9b2786dfb164af909ec77364aec74ffc48e90058e07a2581944
ed469fbf6a20dbac2d45236b7767cfe4bddf180d774af559a46f15a5a39a44a1
ef78c9f1ff84bc1bf77758fc0cd8b04ff751afd74da354f8a1a6ff9d4b654520
f1ac28b8436b26a0226e8b3e8fa68f1410997cb405dc6fcad807bdf5aadc33d3
fa7a2382402633f3c3b7245079bda8eefa5616d44dd63f29549cd50eae5912a3
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.praetorian.com Open in urlscan Pro 13.248.141.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

93 %HTTPS

84 %IPv6

23 Domains

26 Subdomains

20 IPs

5 Countries

2377 kBTransfer

3850 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.praetorian.com Open in urlscan Pro
13.248.141.96 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

93 %
HTTPS

84 %
IPv6

23
Domains

26
Subdomains

20
IPs

5
Countries

2377 kB
Transfer

3850 kB
Size

0
Cookies

105 HTTP transactions
1 data transactions