Submitted URL: https://ci.security.admin-eu2.cas.ms/
Effective URL: https://ci.security/
Submission: On April 07 via automatic, source certstream-suspicious

Summary

This website contacted 25 IPs in 7 countries across 28 domains to perform 51 HTTP transactions. The main IP is 207.38.86.153, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is ci.security.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 10th 2020. Valid for: 3 months.
This is the only time ci.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.40.134.79 8075 (MICROSOFT...)
15 207.38.86.153 30083 (AS-30083-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 13.225.73.42 16509 (AMAZON-02)
1 163.171.132.119 54994 (QUANTILNE...)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 206.19.49.24 7018 (ATT-INTER...)
1 143.204.97.30 16509 (AMAZON-02)
2 2 52.214.123.193 16509 (AMAZON-02)
1 2 13.225.73.16 16509 (AMAZON-02)
3 35.174.151.106 14618 (AMAZON-AES)
1 6 23.213.164.149 16625 (AKAMAI-AS)
14 16 52.30.46.216 16509 (AMAZON-02)
2 2 3.123.244.246 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
1 2 23.213.165.44 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 70.42.32.127 22075 (AS-OUTBRAIN)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 151.101.113.44 54113 (FASTLY)
1 2 52.57.79.171 16509 (AMAZON-02)
1 2 52.59.91.136 16509 (AMAZON-02)
1 2 185.33.223.203 29990 (ASN-APPNEX)
1 35.190.72.21 15169 (GOOGLE)
1 2 34.95.120.147 15169 (GOOGLE)
51 25
Apex Domain
Subdomains
Transfer
21 adroll.com
s.adroll.com
d.adroll.com
26 KB
16 ci.security
ci.security
cybersecurity.ci.security
7 MB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
2 KB
3 company-target.com
api.company-target.com
segments.company-target.com
2 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
2 openx.net
us-u.openx.net
497 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
913 B
2 3lift.com
eb2.3lift.com
738 B
2 outbrain.com
sync.outbrain.com
804 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
818 B
2 pardot.com
pi.pardot.com
4 KB
2 bidr.io
match.prod.bidr.io
1019 B
2 techtarget.com
trk.techtarget.com
apt.techtarget.com
3 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 rlcdn.com
idsync.rlcdn.com
62 B
1 taboola.com
trc.taboola.com
282 B
1 pubmatic.com
simage2.pubmatic.com
1010 B
1 rubiconproject.com
pixel.rubiconproject.com
797 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 demandbase.com
tag.demandbase.com
15 KB
1 licdn.com
snap.licdn.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
28 KB
1 cas.ms
ci.security.admin-eu2.cas.ms
251 B
0 facebook.net Failed
connect.facebook.net Failed
0 google.com Failed
www.google.com Failed
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
cm.g.doubleclick.net Failed
51 28
Domain Requested by
15 d.adroll.com 13 redirects
15 ci.security ci.security
www.google-analytics.com
6 s.adroll.com 1 redirects ci.security
s.adroll.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 pi.pardot.com ci.security
pi.pardot.com
2 segments.company-target.com 1 redirects ci.security
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com 1 redirects ci.security
2 www.google-analytics.com www.googletagmanager.com
ci.security
1 cybersecurity.ci.security pi.pardot.com
1 idsync.rlcdn.com
1 trc.taboola.com
1 ads.yahoo.com 1 redirects
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 d.adroll.mgr.consensu.org 1 redirects
1 api.company-target.com tag.demandbase.com
1 apt.techtarget.com ci.security
1 www.linkedin.com 1 redirects
1 trk.techtarget.com ci.security
1 tag.demandbase.com ci.security
1 snap.licdn.com ci.security
1 www.googletagmanager.com ci.security
1 ci.security.admin-eu2.cas.ms 1 redirects
0 cm.g.doubleclick.net Failed
0 connect.facebook.net Failed s.adroll.com
0 www.google.com Failed ci.security
0 stats.g.doubleclick.net Failed ci.security
51 35

This site contains links to these domains. Also see Links.

Domain
results.ci.security
www.twitter.com
www.linkedin.com
www.youtube.com
Subject Issuer Validity Valid
ci.security
Let's Encrypt Authority X3
2020-03-10 -
2020-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
*.demandbase.com
Go Daddy Secure Certificate Authority - G2
2018-09-20 -
2020-11-19
2 years crt.sh
trk.techtarget.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-17 -
2022-05-17
2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2020-03-04 -
2020-09-04
6 months crt.sh
*.techtarget.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-25 -
2021-10-24
2 years crt.sh
*.company-target.com
Go Daddy Secure Certificate Authority - G2
2019-06-19 -
2021-08-18
2 years crt.sh
*.pardot.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2021-01-17
a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2020-01-29 -
2021-04-29
a year crt.sh
adroll.mgr.consensu.org
Amazon
2019-11-06 -
2020-12-06
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-02-13 -
2020-08-11
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA
2020-02-19 -
2020-09-10
7 months crt.sh
*.3lift.com
Amazon
2019-07-17 -
2020-08-17
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-17 -
2020-05-04
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-04-24 -
2020-04-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
cybersecurity.ci.security
Let's Encrypt Authority X3
2020-03-02 -
2020-05-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ci.security/
Frame ID: 1A4637583E48F727B8227E4978829C5A
Requests: 53 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ci.security.admin-eu2.cas.ms/ HTTP 307
    https://ci.security/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

51
Requests

90 %
HTTPS

21 %
IPv6

28
Domains

35
Subdomains

25
IPs

7
Countries

7129 kB
Transfer

7283 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ci.security.admin-eu2.cas.ms/ HTTP 307
    https://ci.security/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2139517419&t=pageview&_s=1&dl=https%3A%2F%2Fci.security%2F&ul=en-us&de=UTF-8&dt=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=268667083&gjid=810689983&cid=240509649.1586249647&tid=UA-72734021-3&_gid=68507398.1586249647&_r=1&gtm=2ou3p1&z=494820579 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=240509649.1586249647&jid=268667083&_gid=68507398.1586249647&gjid=810689983&_v=j81&z=494820579
Request Chain 23
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569164%26url%3Dhttps%253A%252F%252Fci.security%252F%26time%3D1586249647623%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623&liSync=true
Request Chain 26
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg&verifyHash=adbb815e0c81d57387e458065e7b8cd3fac155aa
Request Chain 30
  • https://s.adroll.com/j/exp/PVQ657GQDFFXLFGCNQJYZN/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 32
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/PVQ657GQDFFXLFGCNQJYZN?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2
Request Chain 33
  • https://d.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&pv=13079504754.69566&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/536ODFE4MFHZHICGAUOOMU.js
Request Chain 37
  • https://d.adroll.com/cm/aol/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-063e30d52302 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-063e30d52302&verify=true
Request Chain 38
  • https://d.adroll.com/cm/index/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649&C=1
Request Chain 39
  • https://d.adroll.com/cm/n/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expires=365
Request Chain 40
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&rdrctExp=true
Request Chain 41
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 42
  • https://d.adroll.com/cm/r/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 43
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Request Chain 44
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 45
  • https://d.adroll.com/cm/b/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Request Chain 46
  • https://d.adroll.com/cm/x/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Request Chain 47
  • https://d.adroll.com/cm/l/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=bcde533571474224d3eb42d871e126ee
Request Chain 48
  • https://d.adroll.com/cm/o/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=bcde533571474224d3eb42d871e126ee HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bcde533571474224d3eb42d871e126ee

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ci.security/
Redirect Chain
  • https://ci.security.admin-eu2.cas.ms/
  • https://ci.security/
25 KB
10 KB
Document
General
Full URL
https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
1af8e1af229dc12ad3ed3c2789723eb06cdf85ff695eaad000707dad8dde48e9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; font-src 'self' data: *.googleusercontent.com; media-src 'self' *.thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-11349245358781299867480078246945' *.google-analytics.com 'nonce-5483687168' s.ytimg.com *.ci.security *.bamboohr.com *.adroll.com *.adroll.mgr.consensu.org *.linkedin.com *.licdn.com *.demandbase.com *.techtarget.com static.doubleclick.net *.googletagmanager.com googleads.g.doubleclick.net *.pardot.com; style-src 'self' 'unsafe-inline' *.bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz *.company-target.com *.linkedin.com *.adroll.com *.casalemedia.com www.google-analytics.com *.twitter.com *.bidr.io *.techtarget.com stats.g.doubleclick.net *.advertising.com *.casalemedia.com *.rubiconproject.com *.outbrain.com *.pubmatic.com *.yahoo.com *.taboola.com/sg/adroll-network *.3lift.com *.bidswitch.net *.adnxs.com *.rlcdn.com *.openx.net *.bamboohr.com *.pardot.com s.ytimg.com; connect-src 'self' *.google-analytics.com *.ci.security *.google.com *.bamboohr.com *.twitter.com *.demandbase.com *.company-target.com *.youtube.com; frame-src 'self' *.youtube.com *.ci.security *.pardot.com *.bamboohr.com *.twitter.com *.google.com *.google-analytics.com; frame-ancestors 'self' *.driftt.com *.bamboohr.com *.youtube.com; form-action 'self' *.ci.security ci.security *.pardot.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Host
ci.security
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Tue, 07 Apr 2020 08:55:18 GMT
Content-Type
text/html; charset=utf-8
Content-Length
7909
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'none'; base-uri 'self'; font-src 'self' data: *.googleusercontent.com; media-src 'self' *.thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-11349245358781299867480078246945' *.google-analytics.com 'nonce-5483687168' s.ytimg.com *.ci.security *.bamboohr.com *.adroll.com *.adroll.mgr.consensu.org *.linkedin.com *.licdn.com *.demandbase.com *.techtarget.com static.doubleclick.net *.googletagmanager.com googleads.g.doubleclick.net *.pardot.com; style-src 'self' 'unsafe-inline' *.bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz *.company-target.com *.linkedin.com *.adroll.com *.casalemedia.com www.google-analytics.com *.twitter.com *.bidr.io *.techtarget.com stats.g.doubleclick.net *.advertising.com *.casalemedia.com *.rubiconproject.com *.outbrain.com *.pubmatic.com *.yahoo.com *.taboola.com/sg/adroll-network *.3lift.com *.bidswitch.net *.adnxs.com *.rlcdn.com *.openx.net *.bamboohr.com *.pardot.com s.ytimg.com; connect-src 'self' *.google-analytics.com *.ci.security *.google.com *.bamboohr.com *.twitter.com *.demandbase.com *.company-target.com *.youtube.com; frame-src 'self' *.youtube.com *.ci.security *.pardot.com *.bamboohr.com *.twitter.com *.google.com *.google-analytics.com; frame-ancestors 'self' *.driftt.com *.bamboohr.com *.youtube.com; form-action 'self' *.ci.security ci.security *.pardot.com;
Content-Encoding
gzip
Vary
Accept-Encoding
Cache-Control
max-age=2628000, public
Expires
Thu, 07 May 2020 08:55:18 GMT
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin

Redirect headers

Date
Tue, 07 Apr 2020 08:54:06 GMT
Connection
keep-alive
Location
https://ci.security/
Strict-Transport-Security
max-age=31536000
Content-Length
134
X-MCAS-Request-Id
12116b31-b715-4442-8cda-28fc5d19c26c
js
www.googletagmanager.com/gtag/
76 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72734021-3
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14665baaaaa488802ebe0045addfbbf4f0ad23ac394f8dbda1ad4f4abc810030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 08:54:07 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29062
x-xss-protection
0
last-modified
Tue, 07 Apr 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Apr 2020 08:54:07 GMT
kraken.min.css
ci.security/static/
105 KB
105 KB
Stylesheet
General
Full URL
https://ci.security/static/kraken.min.css?v11349245358781299867480078246945
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
fa054d5164ed9515b85fe4680e8cb9f5bb0b7752ea1be6920cdbaf412f3aed67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Tue, 10 Mar 2020 22:42:57 GMT
Server
nginx
ETag
"1a313-5a087d75f789c"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107283
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
AICPA-SOC-Level2-Badge.png
ci.security/static/img/
19 KB
20 KB
Image
General
Full URL
https://ci.security/static/img/AICPA-SOC-Level2-Badge.png
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
45780f9004f49b43678a975c549852684bd5b480319aa077e70d795da9099def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"4dfe-58f8c39917c8b"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19966
X-Content-Type-Options
nosniff
Expires
Wed, 07 Apr 2021 08:55:18 GMT
kraken.babel.min.js
ci.security/static/
10 KB
10 KB
Script
General
Full URL
https://ci.security/static/kraken.babel.min.js?v202002
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
1422b530e11686be18d89bcd9f619a20317443f1dba344d8ffd860360c204e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Tue, 22 Oct 2019 14:52:28 GMT
Server
nginx
ETag
"2799-59580f30002e8"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10137
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
footage_480_color.mp4
ci.security/static/
6 MB
6 MB
Media
General
Full URL
https://ci.security/static/footage_480_color.mp4
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
9d9355326120ed7eff93bae35896afd0c6c0d3fe5644c1ea1ac0b1eff99d6c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Thu, 29 Aug 2019 20:27:24 GMT
Server
nginx
ETag
"6698c2-59147555b9604"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
video/mp4
Content-Range
bytes 0-6723777/6723778
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6723778
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72734021-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
932
date
Tue, 07 Apr 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 07 Apr 2020 10:38:35 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
consulting_background_@768.jpg
ci.security/static/img/backgrounds/
43 KB
43 KB
Image
General
Full URL
https://ci.security/static/img/backgrounds/consulting_background_@768.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
3d3da79e30106d0881131e8aea414939db009feab9eaa18a7c7c3e8534ac61aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"ab96-58f8c399197e3"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43926
X-Content-Type-Options
nosniff
Expires
Wed, 07 Apr 2021 08:55:18 GMT
medical_tech_doctor_stethoscope_background-100_@1200.jpg
ci.security/static/img/backgrounds/
87 KB
87 KB
Image
General
Full URL
https://ci.security/static/img/backgrounds/medical_tech_doctor_stethoscope_background-100_@1200.jpg
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
689e0fa64d98bb75fbce794c71e8678839090e60304c51123e8351bcd8a31f46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"15c0b-58f8c39923421"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89099
X-Content-Type-Options
nosniff
Expires
Wed, 07 Apr 2021 08:55:18 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2139517419&t=pageview&_s=1&dl=https%3A%2F%2Fci.security%2F&ul=en-us&de=UTF-8&dt=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Respon...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=240509649.1586249647&jid=268667083&_gid=68507398.1586249647&gjid=810689983&_v=j81&z=494820579
0
0

ga-audiences
www.google.com/ads/
0
0

Roboto-Bold-webfont.woff
ci.security/static/fonts/
21 KB
21 KB
Font
General
Full URL
https://ci.security/static/fonts/Roboto-Bold-webfont.woff
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"5348-58f8c399174bb"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21320
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
Roboto-Regular-webfont.woff
ci.security/static/fonts/
20 KB
21 KB
Font
General
Full URL
https://ci.security/static/fonts/Roboto-Regular-webfont.woff
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"51bc-58f8c399174bb"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20924
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
RobotoSlab-Regular-webfont.woff
ci.security/static/fonts/
23 KB
24 KB
Font
General
Full URL
https://ci.security/static/fonts/RobotoSlab-Regular-webfont.woff
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"5d40-58f8c399178a3"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23872
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
Roboto-Light-webfont.woff
ci.security/static/fonts/
20 KB
21 KB
Font
General
Full URL
https://ci.security/static/fonts/Roboto-Light-webfont.woff
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"51a8-58f8c399174bb"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20904
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
FontAwesomeBrands-Regular-webfont.woff2
ci.security/static/fonts/
20 KB
20 KB
Font
General
Full URL
https://ci.security/static/fonts/FontAwesomeBrands-Regular-webfont.woff2?v=1.0.0
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
4a7acdea55252ab19b8c6e010eb38e2c11e87fee77e390798ce207b13b883d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:18 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"4e04-58f8c399170d3"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff2
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19972
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:18 GMT
RobotoSlab-Bold-webfont.woff
ci.security/static/fonts/
23 KB
24 KB
Font
General
Full URL
https://ci.security/static/fonts/RobotoSlab-Bold-webfont.woff
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
de2ab805d9a0d28cbc9bcb5a4adf47ba419db64e21b94330cc97eb57fe9467c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:19 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"5dfc-58f8c399178a3"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24060
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:19 GMT
BlackTie-Regular-webfont.woff2
ci.security/static/fonts/
13 KB
13 KB
Font
General
Full URL
https://ci.security/static/fonts/BlackTie-Regular-webfont.woff2?v=1.0.0
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
15c730c302225ad29a32a1852a683e1c02f45e4e8a018bef6c7901a51458e62d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:19 GMT
Referrer-Policy
strict-origin
Last-Modified
Wed, 07 Aug 2019 19:48:27 GMT
Server
nginx
ETag
"3280-58f8c3991651b"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff2
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12928
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:19 GMT
line-awesome.woff2
ci.security/static/fonts/
44 KB
45 KB
Font
General
Full URL
https://ci.security/static/fonts/line-awesome.woff2?v=1.1.
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
web594.webfaction.com
Software
nginx /
Resource Hash
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:55:19 GMT
Referrer-Policy
strict-origin
Last-Modified
Tue, 13 Aug 2019 23:30:13 GMT
Server
nginx
ETag
"b034-5900805b59a2a"
X-Frame-Options
ALLOW-FROM https://www.youtube.com/
Content-Type
font/woff2
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2628000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45108
X-Content-Type-Options
nosniff
Expires
Thu, 07 May 2020 08:55:19 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
3 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:2b0::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 08:54:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36445
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
97379541.min.js
tag.demandbase.com/
57 KB
15 KB
Script
General
Full URL
https://tag.demandbase.com/97379541.min.js
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.42 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e0c11bc716611c019190874ecf1cc32986016eb45a525e592d7401052d9024b

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 07 Apr 2020 08:54:08 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 22:40:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
E3C5T5tXwka.4FnrQ5cy5WFEXOwwn73b
status
200
cache-control
public, max-age=3600
content-type
application/javascript; charset=utf-8
x-amz-cf-id
E-y3KGI_C7SWPpH9RsWvV2rFk-N6uvQeN_np-d4HdZ7DkKvw188c4g==
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
tracking.js
trk.techtarget.com/
4 KB
2 KB
Script
General
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 08:54:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jun 2019 20:11:17 GMT
Server
PWS/8.3.1.0.8
Age
357
X-Ws-Request-Id
5e8c3faf_PSdgflkfFRA2po7_50219-3132
Content-Type
text/javascript
Via
1.1 VMmgnyNY2gh45:1 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2gb73:3 (W)
Cache-Control
max-age=600
X-Px
ht PSdgflkfFRA2gb73FRA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1711
Expires
Tue, 07 Apr 2020 08:58:10 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569164%26url%3Dhttps%253A%252F%252Fci.security%252F%26time%3D1586249647623%26liSy...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623&liSync=true
0
80 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623&liSync=true
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 08:54:08 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
uPtcjaZ9AxYwRWMgASsAAA==

Redirect headers

date
Tue, 07 Apr 2020 08:54:07 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
gG6lgaZ9AxbArCDL/ioAAA==
server
Play
pragma
no-cache
x-li-pop
prod-efr5
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2F&time=1586249647623&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
activity.gif
apt.techtarget.com/activity/
43 B
450 B
Image
General
Full URL
https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=20406435&version=2.0&ref=https%3A%2F%2Fci.security%2F&r=1586249647697
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 07 Apr 2020 08:54:08 GMT
Last-Modified
Tue, 26 Mar 2019 18:30:29 GMT
ETag
"2b-5850384023492"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=28
Content-Length
43
ip.json
api.company-target.com/api/v2/
419 B
921 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fci.security%2F&page_title=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&key=ef6f04d2df1cbefc03f9dae82644e767&src=tag
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/97379541.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-30.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d6aa0a3fb59311452b5c6f0d1bc9310e2c24ad96d6fab5f9dbc45c6fe561b22a

Request headers

Referer
https://ci.security/
Origin
https://ci.security
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 08:54:08 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
status
200
request-id
d4318ba1-4c24-4dba-a0cd-cb343bda6133
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://ci.security
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XdG_tV6lzzuMsyG57uKEEIfz0FLL7blleEbb-HgfVmQGFAD2gWiBYg==
expires
Mon, 06 Apr 2020 08:54:08 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg&verifyHash=adbb815e0c81d57387e458065e7b8cd3fac155aa
26 B
408 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg&verifyHash=adbb815e0c81d57387e458065e7b8cd3fac155aa
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-16.fra2.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:54:08 GMT
Via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
5cbc0b621f4a12ae
X-Amz-Cf-Id
xyFoiJr5AqRy_BGt5vj_oDYfbz3vu3PRbS871q_h2oKit5W6Z3JtkA==

Redirect headers

Date
Tue, 07 Apr 2020 08:54:08 GMT
Via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AACxXk69GH8AAA_wyz9gKg&verifyHash=adbb815e0c81d57387e458065e7b8cd3fac155aa
Connection
keep-alive
trace-id
56017b5ef3b84439
Content-Length
0
X-Amz-Cf-Id
y6uf5SwIBCegypi2ZUxxTYA3hKT148nU8GtWv7Fqc1E_qFAIStsb3Q==
collect
www.google-analytics.com/
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=2139517419&t=event&ni=1&_s=2&dl=https%3A%2F%2Fci.security%2F&ul=en-us&de=UTF-8&dt=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAUAB~&jid=&gjid=&cid=240509649.1586249647&tid=UA-72734021-3&_gid=68507398.1586249647&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Switzerland&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&z=943984770
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 05:47:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
270425
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 07 Apr 2020 08:54:09 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
Last-Modified
Fri, 13 Mar 2020 17:27:39 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Thu, 07 Apr 2022 08:54:09 GMT
roundtrip.js
s.adroll.com/j/
34 KB
11 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: ci.security
URL: https://ci.security/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
EEryoP57M4BXSHtGt9JFNoNG_YhGzXxp
Content-Encoding
gzip
x-amz-request-id
5B64FB7E0A29A18E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 08:54:08 GMT
Connection
keep-alive
Content-Length
10905
x-amz-id-2
cyhtZzUMRRH+3azNobhgA/owi1TOIrHigGwio+Vd/0CCKLcw4WcCHJh++0vWdWKuZdO/e9F4VUU=
Last-Modified
Wed, 01 Apr 2020 18:03:06 GMT
Server
AmazonS3
ETag
"9884704eb3fc99427eb5b90c4bbab62c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/PVQ657GQDFFXLFGCNQJYZN/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
oJIzvk_mmLAXF5iekxvT5NnrQtQSmq7M
Content-Encoding
gzip
x-amz-request-id
CC0F73FCFF952524
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 08:54:09 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
l2SuY/Zqhw+xyJkj7InfvqoJzNpqh9IGnRBj0DT2XibyJ/lFEH5SE9WbzHsCVnMaz+lknVzoYg8=
Last-Modified
Thu, 02 Apr 2020 22:43:50 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 07 Apr 2020 08:54:09 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/
0
773 B
Script
General
Full URL
https://s.adroll.com/j/pre/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
KyPErJKknYY29dYFt8cGovvE9QZThmi8
Content-Encoding
gzip
x-amz-request-id
A99B087014E6C085
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 08:54:09 GMT
Connection
keep-alive
Content-Length
20
x-amz-id-2
1MLaNYOkr/9GQBTr0Gs9avHQYNnKvtObLZ7PAUqnHwynnUf7XAN2mAVZGLuGBs15UzBcLNCQQFE=
Last-Modified
Mon, 06 Apr 2020 14:17:56 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/PVQ657GQDFFXLFGCNQJYZN?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2
  • https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2
116 B
584 B
Script
General
Full URL
https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.46.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-46-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
d8e4f903f6f957463b6b17228acbd4a35b1e233d7841097d2053599d843c84e3

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
116

Redirect headers

status
302
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=91b0c9ac1cfbf7f486b5817c4ddd03a9&_b=2
536ODFE4MFHZHICGAUOOMU.js
s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/
Redirect Chain
  • https://d.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&pv=13079504754.69566&...
  • https://s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/536ODFE4MFHZHICGAUOOMU.js
5 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/536ODFE4MFHZHICGAUOOMU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
128feaf8cc76780acc6ee067cf49047a223a58adfb0e70b8c310d5f2f8c9135b

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
SI6FrrqIszDC3g2liGduMDtFVkQty2Ey
Content-Encoding
gzip
x-amz-request-id
AA723875026C7ED5
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 08:54:09 GMT
Connection
keep-alive
Content-Length
1777
x-amz-id-2
2yo2qJju45pZ/4i6uaQ2MncvyHe2FNs0LnOewzPcwitQdBjpq9UKeXtN7/dzk6BiGLzL+nTuSV8=
Last-Modified
Wed, 12 Feb 2020 01:15:34 GMT
Server
AmazonS3
ETag
"6bfbb1c93897f512bad3b6b622f98999"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Tue, 07 Apr 2020 08:54:09 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.16.1
x-rule
*
x-segment-eid
536ODFE4MFHZHICGAUOOMU
location
https://s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/536ODFE4MFHZHICGAUOOMU.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
TSOEJUVR2RDQTK7UULEUDW
x-segment-name
*
x-advertisable-eid
PVQ657GQDFFXLFGCNQJYZN
x-conversion-currency
analytics
pi.pardot.com/
2 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=20750&account_id=415142&title=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
0154b4aef0d16f095e7f7fe64f780ac7429088ebcba6123337c90f9e10221f61

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:09 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp
17/1/180
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
845
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
fbevents.js
connect.facebook.net/en_US/
0
0

sendrolling.js
s.adroll.com/j/
9 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/536ODFE4MFHZHICGAUOOMU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-149.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding
gzip
x-amz-request-id
E2F067B4E9F95C64
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Tue, 07 Apr 2020 08:54:09 GMT
Connection
keep-alive
Content-Length
2039
x-amz-id-2
zahNXUrZcHvPMHZ5OZzeA/pmU+ThIaY+/c27IjCJ/f8DH693VdK16PYXiwNkUgRleJPaNozozcA=
Last-Modified
Mon, 03 Feb 2020 20:32:06 GMT
Server
AmazonS3
ETag
"15441b08d0c4f93b1dd5f533cd361cd8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://pixel.advertising.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-06...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-06...
0
977 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-063e30d52302&verify=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.106 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 07 Apr 2020 08:54:09 GMT
Server
ATS/7.1.2.106
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Tue, 07 Apr 2020 08:54:09 GMT
Server
ATS/7.1.2.106
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP585f7e91-78ad-11ea-a537-063e30d52302&verify=true
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649&C=1
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:09 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 07 Apr 2020 08:54:09 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:09 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expiration=1617785649&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Tue, 07 Apr 2020 08:54:09 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expires=365
42 B
797 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&expires=365
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
124
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&rdrctExp=true
0
450 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId
cfb3ee17b89e6a0bbfd0a9aec9265889
Date
Tue, 07 Apr 2020 08:54:09 GMT
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&rdrctExp=true
Date
Tue, 07 Apr 2020 08:54:09 GMT
X-TraceId
f55568c0bf3c7662002a48cfecfd2848
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
1010 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:09 GMT
X-lat
Pug23027:0:323
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
220
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
500 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.46.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-46-216.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

date
Tue, 07 Apr 2020 08:54:09 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status
302
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
0
282 B
Image
General
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 07 Apr 2020 08:54:09 GMT
via
1.1 varnish
server
nginx
x-timer
S1586249650.682762,VS0,VE8
x-served-by
cache-hhn4049-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
111
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 08:54:09 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
37
content-type
image/gif

Redirect headers

status
302
date
Tue, 07 Apr 2020 08:54:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
43 B
380 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.91.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-91-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 07 Apr 2020 08:54:09 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Tue, 07 Apr 2020 08:54:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://ib.adnxs.com/setuid?entity=172&code=YmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.203 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:11 GMT
AN-X-Request-Uuid
c55988fc-15c4-4e87-a485-d9d6843d62fb
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
195.242.213.148; 195.242.213.148; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:11 GMT
AN-X-Request-Uuid
41936ae1-d17a-4b01-9b66-1e9995ee43ae
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYmNkZTUzMzU3MTQ3NDIyNGQzZWI0MmQ4NzFlMTI2ZWU
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
195.242.213.148; 195.242.213.148; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.21:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://idsync.rlcdn.com/377928.gif?partner_uid=bcde533571474224d3eb42d871e126ee
0
62 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=bcde533571474224d3eb42d871e126ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 07 Apr 2020 08:54:09 GMT
via
1.1 google
alt-svc
clear

Redirect headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
server
nginx/1.16.1
location
https://idsync.rlcdn.com/377928.gif?partner_uid=bcde533571474224d3eb42d871e126ee
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=bcde533571474224d3eb42d871e126ee
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bcde533571474224d3eb42d871e126ee
43 B
183 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bcde533571474224d3eb42d871e126ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.182.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Apr 2020 08:54:09 GMT
via
1.1 google
server
OXGW/16.182.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 07 Apr 2020 08:54:09 GMT
via
1.1 google
server
OXGW/16.182.1
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=bcde533571474224d3eb42d871e126ee
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
out
d.adroll.com/cm/g/
0
0

analytics
cybersecurity.ci.security/
53 B
1 KB
Script
General
Full URL
https://cybersecurity.ci.security/analytics?conly=true&visitor_id=738589755&visitor_id_sign=31a33db109ca32371faf2d15144187471e77943d7e89b886f14d96c95a64cef642cdaa5f039ab6c6a159fc56147a74637e63e46b&pi_opt_in=&campaign_id=20750&account_id=415142&title=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=20750&account_id=415142&title=Threat%20Detection.%20Human%20Investigation.%20Rapid%20Response.%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698

Request headers

Referer
https://ci.security/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Tue, 07 Apr 2020 08:54:10 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp
16/90/70
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
53
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
pixel
cm.g.doubleclick.net/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=240509649.1586249647&jid=268667083&_gid=68507398.1586249647&gjid=810689983&_v=j81&z=494820579
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72734021-3&cid=240509649.1586249647&jid=268667083&_v=j81&z=494820579
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
d.adroll.com
URL
https://d.adroll.com/cm/g/out?adroll_fpc=d7131f02c0f082784a2aa739437be649-1586249649135&arrfrr=https%3A%2F%2Fci.security%2F&xid_ch=f&advertisable=PVQ657GQDFFXLFGCNQJYZN&google_nid=adroll5
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=vN5TNXFHQiTT60LYceEm7g

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _classCallCheck function| _defineProperties function| _createClass function| debug function| ButtonTabs function| ListTabs function| InfieldLabel function| Tweets function| EmailMe function| PhoneMe function| CookieOpt function| Notification function| NotificationWindow function| cookieMonster function| ActionTag function| ScrollDepth object| tests undefined| topnav undefined| navlauncher undefined| container undefined| list string| piAId string| piCId string| _linkedin_partner_id object| _linkedin_data_partner_ids string| adroll_adv_id string| adroll_pix_id object| techtargetic function| lintrk boolean| _already_called_lintrk function| __extends object| Demandbase object| __db function| DBSegment boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| fbq function| _fbq boolean| adroll_sendrolling_hashed_only function| piResponse

3 Cookies

Domain/Path Name / Value
.ci.security/ Name: _gat_gtag_UA_72734021_3
Value: 1
.ci.security/ Name: _gid
Value: GA1.2.68507398.1586249647
.ci.security/ Name: _ga
Value: GA1.2.240509649.1586249647

1 Console Messages

Source Level URL
Text
console-api log URL: https://ci.security/(Line 5)
Message:
Production GA Script

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; font-src 'self' data: *.googleusercontent.com; media-src 'self' *.thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-11349245358781299867480078246945' *.google-analytics.com 'nonce-5483687168' s.ytimg.com *.ci.security *.bamboohr.com *.adroll.com *.adroll.mgr.consensu.org *.linkedin.com *.licdn.com *.demandbase.com *.techtarget.com static.doubleclick.net *.googletagmanager.com googleads.g.doubleclick.net *.pardot.com; style-src 'self' 'unsafe-inline' *.bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz *.company-target.com *.linkedin.com *.adroll.com *.casalemedia.com www.google-analytics.com *.twitter.com *.bidr.io *.techtarget.com stats.g.doubleclick.net *.advertising.com *.casalemedia.com *.rubiconproject.com *.outbrain.com *.pubmatic.com *.yahoo.com *.taboola.com/sg/adroll-network *.3lift.com *.bidswitch.net *.adnxs.com *.rlcdn.com *.openx.net *.bamboohr.com *.pardot.com s.ytimg.com; connect-src 'self' *.google-analytics.com *.ci.security *.google.com *.bamboohr.com *.twitter.com *.demandbase.com *.company-target.com *.youtube.com; frame-src 'self' *.youtube.com *.ci.security *.pardot.com *.bamboohr.com *.twitter.com *.google.com *.google-analytics.com; frame-ancestors 'self' *.driftt.com *.bamboohr.com *.youtube.com; form-action 'self' *.ci.security ci.security *.pardot.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.youtube.com/
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.company-target.com
apt.techtarget.com
ci.security
ci.security.admin-eu2.cas.ms
cm.g.doubleclick.net
connect.facebook.net
cybersecurity.ci.security
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
match.prod.bidr.io
pi.pardot.com
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
segments.company-target.com
simage2.pubmatic.com
snap.licdn.com
stats.g.doubleclick.net
sync.outbrain.com
tag.demandbase.com
trc.taboola.com
trk.techtarget.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
stats.g.doubleclick.net
www.google.com
13.225.73.16
13.225.73.42
143.204.97.30
151.101.113.44
163.171.132.119
185.33.223.203
185.64.190.80
20.40.134.79
206.19.49.24
207.38.86.153
23.213.164.149
23.213.165.44
2a00:1288:f03d:1fa::4000
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a02:26f0:3100:2b0::25ea
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
3.123.244.246
3.126.56.137
34.95.120.147
35.174.151.106
35.190.72.21
52.214.123.193
52.30.46.216
52.57.79.171
52.59.91.136
69.173.144.165
70.42.32.127
0154b4aef0d16f095e7f7fe64f780ac7429088ebcba6123337c90f9e10221f61
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
128feaf8cc76780acc6ee067cf49047a223a58adfb0e70b8c310d5f2f8c9135b
1422b530e11686be18d89bcd9f619a20317443f1dba344d8ffd860360c204e75
14665baaaaa488802ebe0045addfbbf4f0ad23ac394f8dbda1ad4f4abc810030
15c730c302225ad29a32a1852a683e1c02f45e4e8a018bef6c7901a51458e62d
19c904aaa555d91d75c5b3682e3f358ba5af4c302339d63c9e464f53d8708ff8
1af8e1af229dc12ad3ed3c2789723eb06cdf85ff695eaad000707dad8dde48e9
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1e0c11bc716611c019190874ecf1cc32986016eb45a525e592d7401052d9024b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d3da79e30106d0881131e8aea414939db009feab9eaa18a7c7c3e8534ac61aa
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45780f9004f49b43678a975c549852684bd5b480319aa077e70d795da9099def
4a7acdea55252ab19b8c6e010eb38e2c11e87fee77e390798ce207b13b883d2d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
689e0fa64d98bb75fbce794c71e8678839090e60304c51123e8351bcd8a31f46
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d9355326120ed7eff93bae35896afd0c6c0d3fe5644c1ea1ac0b1eff99d6c48
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d6aa0a3fb59311452b5c6f0d1bc9310e2c24ad96d6fab5f9dbc45c6fe561b22a
d8e4f903f6f957463b6b17228acbd4a35b1e233d7841097d2053599d843c84e3
de2ab805d9a0d28cbc9bcb5a4adf47ba419db64e21b94330cc97eb57fe9467c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa054d5164ed9515b85fe4680e8cb9f5bb0b7752ea1be6920cdbaf412f3aed67
faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed