www.dnsfilter.com Open in urlscan Pro
199.60.103.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.de.m.mimecastprotect.com/s/01V9CK8gJ1sPO49rhvhJtmR6gy?domain=dnsfilter.ordavida.com
Effective URL:
https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Submission: On July 23 via api (July 23rd 2024, 3:13:05 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 47 domains to perform 174 HTTP transactions. The main IP is 199.60.103.254, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.dnsfilter.com.
TLS certificate: Issued by GTS CA 1P5 on May 26th 2024. Valid for: 3 months.

This is the only time www.dnsfilter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	51.163.159.16 51.163.159.16	39588 (MIMECAST-DE) (MIMECAST-DE)
1 1	3.208.127.243 3.208.127.243	14618 (AMAZON-AES) (AMAZON-AES)
42	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	104.18.88.62 104.18.88.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
11	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.214.24 52.222.214.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ae5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.76.21.164 76.76.21.164	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.7.72 108.138.7.72	16509 (AMAZON-02) (AMAZON-02)
10	104.26.2.59 104.26.2.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a02:26f0:710... 2a02:26f0:7100::1720:ee18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:1eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2.16.6.6 2.16.6.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:8cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.208.90.167 54.208.90.167	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.215.34.116 3.215.34.116	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:22::1726:62ed	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:f46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
4	23.53.42.242 23.53.42.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
174	58

2 51.163.159.16 (United Kingdom) 2 redirects

ASN39588 (MIMECAST-DE, GB)

url.de.m.mimecastprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.127.243 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-127-243.compute-1.amazonaws.com

dnsfilter.ordavida.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.dnsfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.88.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

39666904.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
23609470.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-24.fra56.r.cloudfront.net

cdn.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.164 (Walnut, United States)

ASN16509 (AMAZON-02, US)

assets.dnsfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-72.fra56.r.cloudfront.net

pp1lkj6mpx59.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.2.59 (None, )

ASN13335 (CLOUDFLARENET, US)

s-site-cdn.dnsfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-site-api.dnsfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::1720:ee18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.6.6 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-6-6.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.90.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-90-167.compute-1.amazonaws.com

a.burly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ls-af0i3f9l.a.burly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.34.116 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-34-116.compute-1.amazonaws.com

chat-application.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:22::1726:62ed (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f46c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.53.42.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-242.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	dnsfilter.com www.dnsfilter.com assets.dnsfilter.com s-site-cdn.dnsfilter.com s-site-api.dnsfilter.com	585 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 12402 c.6sc.co — Cisco Umbrella Rank: 16017 ipv6.6sc.co — Cisco Umbrella Rank: 12823 b.6sc.co — Cisco Umbrella Rank: 6896	21 KB
11	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 34139 app.hubspot.com — Cisco Umbrella Rank: 10634 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074 js.hubspot.com — Cisco Umbrella Rank: 8139 track.hubspot.com — Cisco Umbrella Rank: 5359	36 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 p.clarity.ms — Cisco Umbrella Rank: 8701 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 34577 ws.zoominfo.com — Cisco Umbrella Rank: 10891	30 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	22 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5874 api.livechatinc.com — Cisco Umbrella Rank: 5307 secure.livechatinc.com — Cisco Umbrella Rank: 6900	37 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	481 KB
5	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 7061 px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	163 KB
4	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 36274 perf-na1.hsforms.com — Cisco Umbrella Rank: 8524	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	161 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 15834	4 KB
3	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3241 alb.reddit.com — Cisco Umbrella Rank: 1969	836 B
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	28 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 17231	26 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1868 analytics.twitter.com — Cisco Umbrella Rank: 1356	28 KB
3	hubspotusercontent-na1.net 39666904.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 204552 23609470.fs1.hubspotusercontent-na1.net	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	404 B
2	chat-application.com 1 redirects chat-application.com	969 B
2	burly.io a.burly.io — Cisco Umbrella Rank: 622614 ls-af0i3f9l.a.burly.io	19 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 19182	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1561	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	gstatic.com fonts.gstatic.com	56 KB
2	statuspage.io cdn.statuspage.io — Cisco Umbrella Rank: 35355 pp1lkj6mpx59.statuspage.io	3 KB
2	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 20878	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	mimecastprotect.com 2 redirects url.de.m.mimecastprotect.com — Cisco Umbrella Rank: 286795	3 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 8721	19 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716	231 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 26454	205 B
1	t.co t.co — Cisco Umbrella Rank: 979	378 B
1	google.gr www.google.gr — Cisco Umbrella Rank: 16627	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	24 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 12087	5 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	4 KB
1	ordavida.com 1 redirects dnsfilter.ordavida.com	255 B
0	mixpanel.com Failed api-js.mixpanel.com Failed
174	47

	Domain	Requested by
42	www.dnsfilter.com	www.dnsfilter.com
9	b.6sc.co	www.dnsfilter.com
7	s-site-cdn.dnsfilter.com	www.dnsfilter.com s-site-cdn.dnsfilter.com
5	www.google-analytics.com	s-site-cdn.dnsfilter.com www.google-analytics.com cdn.bizible.com www.dnsfilter.com
5	www.googletagmanager.com	www.dnsfilter.com www.googletagmanager.com js.hsadspixel.net
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	connect.facebook.net	www.dnsfilter.com connect.facebook.net
4	no-cache.hubspot.com	www.dnsfilter.com
3	track.hubspot.com
3	js.zi-scripts.com	www.dnsfilter.com js.zi-scripts.com
3	p.clarity.ms	cdn.bizible.com
3	api.livechatinc.com	cdn.livechatinc.com
3	s-site-api.dnsfilter.com	s-site-cdn.dnsfilter.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	perf.hsforms.com	www.dnsfilter.com
3	js.hs-banner.com	www.dnsfilter.com js.hs-banner.com
3	cdn.bizible.com	www.googletagmanager.com www.dnsfilter.com cdn.bizible.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.dnsfilter.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	www.dnsfilter.com
2	alb.reddit.com	www.dnsfilter.com
2	stats.g.doubleclick.net	www.googletagmanager.com cdn.bizible.com
2	chat-application.com	1 redirects www.dnsfilter.com
2	tracking.g2crowd.com	www.dnsfilter.com tracking.g2crowd.com
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	cta-service-cms2.hubspot.com	www.dnsfilter.com js.hubspot.com
2	platform.twitter.com	www.dnsfilter.com platform.twitter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	39666904.fs1.hubspotusercontent-na1.net	www.dnsfilter.com
2	cdn2.hubspot.net	www.dnsfilter.com
2	fonts.googleapis.com	www.dnsfilter.com js.hs-banner.com
2	url.de.m.mimecastprotect.com	2 redirects
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	c.bing.com	1 redirects
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.mxpnl.com	s-site-cdn.dnsfilter.com
1	cdn.livechatinc.com	chat-application.com
1	vc.hotjar.io	cdn.bizible.com
1	perf-na1.hsforms.com	www.dnsfilter.com
1	ls-af0i3f9l.a.burly.io	a.burly.io
1	api.hubapi.com	cdn.bizible.com
1	cdn.bizibly.com	www.dnsfilter.com
1	px4.ads.linkedin.com	www.dnsfilter.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.dnsfilter.com
1	t.co	www.dnsfilter.com
1	pixel-config.reddit.com	www.redditstatic.com
1	www.google.gr	www.dnsfilter.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hsadspixel.net	www.dnsfilter.com
1	js.hubspot.com	www.dnsfilter.com
1	js.hs-analytics.net	www.dnsfilter.com
1	a.burly.io	www.dnsfilter.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.dnsfilter.com
1	j.6sc.co	www.dnsfilter.com
1	static.hotjar.com	www.googletagmanager.com
1	app.hubspot.com	www.dnsfilter.com
1	pp1lkj6mpx59.statuspage.io	cdn.statuspage.io
1	23609470.fs1.hubspotusercontent-na1.net	www.dnsfilter.com
1	assets.dnsfilter.com	www.dnsfilter.com
1	static.hsappstatic.net	www.dnsfilter.com
1	cdn.statuspage.io	www.dnsfilter.com
1	platform.linkedin.com	www.dnsfilter.com
1	maxcdn.bootstrapcdn.com	www.dnsfilter.com
1	cdnjs.cloudflare.com	www.dnsfilter.com
1	dnsfilter.ordavida.com	1 redirects
0	api-js.mixpanel.com Failed	cdn.bizible.com
174	72

This site contains links to these domains. Also see Links.

Domain
help.dnsfilter.com
app.dnsfilter.com
apidocs.dnsfilter.com
share.hsforms.com
twitter.com
www.facebook.com
www.linkedin.com
www.npr.org
feedback.dnsfilter.com
status.dnsfilter.com
g.page
www.g2.com
reviews.capterra.com
www.gartner.com
www.youtube.com
www.reddit.com

Subject Issuer	Validity	Valid
www.dnsfilter.com GTS CA 1P5	`2024-05-26` - `2024-08-24`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
hubspot.com E5	`2024-07-21` - `2024-10-19`	3 months	crt.sh
*.statuspage.io Amazon RSA 2048 M02	`2024-01-06` - `2025-02-02`	a year	crt.sh
hsappstatic.net E5	`2024-07-06` - `2024-10-04`	3 months	crt.sh
assets.dnsfilter.com R11	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
dnsfilter.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-08` - `2025-07-07`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
g2crowd.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.a.burly.io R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.gr WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
zoominfo.com E5	`2024-07-18` - `2024-10-16`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Frame ID: C0F5213C6F613F2321DB8BDE24E31083
Requests: 168 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.dnsfilter.com
Frame ID: 1BC8A744EFBA766EFBA547812AA31947
Requests: 1 HTTP requests in this frame

Frame: https://ls-af0i3f9l.a.burly.io/
Frame ID: 7BABAF7F1369D95D34D9A4C683D4F006
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=6354551&group=421&embedded=1&widget_version=3&unique_groups=1
Frame ID: 3419DD0724D16F60C70280EBE594667F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lookalike Crowdstrike Domains Discovered by DNSFilter to Date

Page URL History Show full URLs

https://url.de.m.mimecastprotect.com/s/01V9CK8gJ1sPO49rhvhJtmR6gy?domain=dnsfilter.ordavida.com HTTP 307
https://url.de.m.mimecastprotect.com/r/zCKn6iNOnaG14GVo4G7hTQGUJt6bLX64CP2MdL0hqSa8LnQWqsu4M4B1-qXJKlRiYX-sl-s2Bw... HTTP 307
https://dnsfilter.ordavida.com/api/mailings/click/PMRGSZBCHIZDKNJYGAYCYITVOJWCEORCNB2HI4DTHIXS653XO4XGI3TTM... HTTP 302
https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Lightbox (JavaScript Libraries) Expand

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

97 %
HTTPS

46 %
IPv6

47
Domains

72
Subdomains

58
IPs

7
Countries

1936 kB
Transfer

5058 kB
Size

54
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://help.dnsfilter.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://app.dnsfilter.com/login?_gl=1*1lzz0rb*_ga*NzE4NjcwMjc5LjE2ODI5NDg4Njk.*_ga_MMR27NNV7M*MTY4MzA4MjYyOS43LjAuMTY4MzA4MjYzMy4wLjAuMA..
Title: Login

Search URL Search Domain Scan URL

URL: http://apidocs.dnsfilter.com/
Title: API Documentation

Search URL Search Domain Scan URL

URL: https://help.dnsfilter.com/hc/en-us?_gl=1*1g8fbu4*_ga*ODA5MDI4OTU3LjE2ODAyMzcyNTA.*_ga_MMR27NNV7M*MTY4MDQ5MjEyMy42LjEuMTY4MDUwMDE2OC4wLjAuMA..
Title: Help Center

Search URL Search Domain Scan URL

URL: https://share.hsforms.com/1J7wMgBdYTpmU-DV7ZA9Upwe216m
Title: Register a Deal

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains&text=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains&t=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains&t=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.npr.org/2024/07/19/g-s1-12222/microsoft-outage-banks-airlines-broadcasters
Title: a global IT outage occurred

Search URL Search Domain Scan URL

URL: https://help.dnsfilter.com/hc/en-us?_gl=1*1pk3qda*_ga*ODA5MDI4OTU3LjE2ODAyMzcyNTA.*_ga_MMR27NNV7M*MTY4MDg2Nzc0OS4yMi4xLjE2ODA4Njg2MzMuMC4wLjA.
Title: Knowledgebase

Search URL Search Domain Scan URL

URL: https://apidocs.dnsfilter.com/
Title: API Docs

Search URL Search Domain Scan URL

URL: https://feedback.dnsfilter.com/changelog
Title: Changelog

Search URL Search Domain Scan URL

URL: https://app.dnsfilter.com/login?_gl=1*1c2d4x7*_ga*ODA5MDI4OTU3LjE2ODAyMzcyNTA.*_ga_MMR27NNV7M*MTY4MDg2Nzc0OS4yMi4xLjE2ODA4Njg2MzMuMC4wLjA.
Title: Login

Search URL Search Domain Scan URL

URL: https://status.dnsfilter.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://g.page/r/CWYqY6gPdEchEB0/review

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/dnsfilter/reviews/start

Search URL Search Domain Scan URL

URL: https://reviews.capterra.com/new/156036

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/endpoint-protection-platforms/vendor/dnsfilter/product/dnsfilter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DNSFilter/

Search URL Search Domain Scan URL

URL: https://twitter.com/dnsfilter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dnsfilter/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Dnsfiltercom

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/dnsfilter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.de.m.mimecastprotect.com/s/01V9CK8gJ1sPO49rhvhJtmR6gy?domain=dnsfilter.ordavida.com HTTP 307
https://url.de.m.mimecastprotect.com/r/zCKn6iNOnaG14GVo4G7hTQGUJt6bLX64CP2MdL0hqSa8LnQWqsu4M4B1-qXJKlRiYX-sl-s2Bw8thHGJmi9GXqIshCrfi675S9oHm5sjvqeSUtq3h2R2-57HV-JvS_u6b3p9qgvNIlnCJnSp6rfVdzYmBjV1FNNUVEmeP8O2A8smuRWCBCZBbFoCxIeyskCNm0rWh_CoPYyMufM4y7jpLaXupb-IGzePi_vbu2l6adSErtq_Sn0pcj-TuBzs-HRpi430_day26sMbhjn9bNJEGzXur88TJXLtMg7HIdw28yQDJCuJTptiUd_BsmNM54uxnToB7rbzqG6Flm9MZcAmMo1h2puAZYfKLola39psvU0qbnhFWHtBPrOXgSt8_7j9NyAJOGgkzjLmGcHoly18lTW2IojFw0I-fmZYxLWPaIuyJ0Q2GQ2xhXTFItj5QDHL1MH2YDrvPnY_JrXLKjnkuOHvf-IrcNUecJ5VmfoHvr0iPkeY5YQhwQHh22s4yUV675eEO5-4D1ZTfiPRkzNuO3P2b9oszunoZfBG5bZRq2yZBQfWLdFByk1Ta1pK1C5i52YpSiD5mg5nJxh3CpeKwAlBI7qwzqoFKjSZXexWA9vBkAVx18roatKk5nApiLTNL85qGiP0TS5znR4VXrezOp6b15kiTvEwwJ3szuvk2Tb1lR-DEwpTn_dBhSDQfEWOLAi39WWe2-33mW1TKNDKw6S45YHCs8Syv0YtJcY9_D-jLOvCD3K4qTu-b33XwJUA5SZve_E3SFvfIyg9v4TUXjw8zYjMXH6MasNO5die_e3ttSGC0aqsIDycYJHZLV4SypIOPjSC8ugIu-h5t7sijfXVrpMd5fv9NXohOHd9aR8SwVoCjuxZsa0QAbvOlCxC8F9MTYZVBOiBu9CpoBy3b778pwfF89Fl1bU4Ok2jIvhRx3qNkyf4ZgrPZagpniSO12OVSm_N8aOYStLYQq0clgF3HkJTuBvCzH9rrzzmNiJCQ4hWI6cX6mX0tt9Ia9JpVu2y34AECFc2X3rz2T1acUipuphKB5MltwgNZlqHJpL5m-wlyqvr5NSvJ8lMHVB8EJWpp57ha1kq2QnhT8djwXZFNvN5UP49dwC4hMP3W42UT9RIT9I76yQP6Q-ovBSmsmfI_S2S3FgXMxalA3fQBu5BTumfQ3yc02JZ3R-FAvvjLzMNBB-pDyssXGlf7LkDk8a-bJsNzzT3s_nmyJ3lHAIySOYbJ7L8cPEGQWoq2Vc_PFRtZr9GYA9M9NlcftHw6MMsouI4A2qLM31OtRvLnpzytzCGSp8-zVYc3GwcBxtrvXPWvA4QWhBlIcyoprm7Fy_dqT1ULZMN8a0ba4KVpl6CgM01mJMLWc0O45HxU_IFoWj3kmMGthE4VIA5gbHeG_bhkdz7CEKcbdIAmJ0MQv7gQ09KtyNbi_SKPwI3IzuIglMisnNP67NGGgGbD88uvcsuR7cKqDY2FYeMFFXXL-SvuwzV9-a4miqY4KY-ETrYn04JhrAdc-dUoYXsUAPP91urSIS3JYKixBSyTN47ETrcRhGEuH4H2aMjn_40yBwGJu31KaX8VDPmpnaI2IGPeQjDCwraNxJMccqojOogZePM2ghacsDscPKjLMcOTxxKnYk3WW51sppQ0Es_rtW_KgZrFeVtdtuybQh5eXBzchsYK4_65bo6oVTXUjptXBGLU6Qb3s_uiq_1YwVB16pxWZG2ySQ4C4N57RdYSj5MMsDz7xVzBhyVf3LQVTN3Q_Z-L8zT0ExNF1RMm1inBwSyN2QBYAq_oOuORTgt19MVyjuuawJarUDFY3DQ0ns9rvX8wvE0bHc85R796ZoFNvuIxsBgJG9mNI0NSnWpef_QtS67QejgNuZzTC0fqTc7pGBc446GGHJ_g7KM1kzaC2JVCIeASkd12z455i8uPldj5fFINGeWSSI-qoX8qqX9bhKtBt-ZoiJEhOehLAmzCUwhdcUNCNWLedW6SJaWdPqFBc24U3uYepyWuLO_w0xYbekkTUgh8QyL2bUmnt2tu9C7Z1erRI4SK09fXm-EFgvDaeyeMQVUPnrLB5p-xamcZ4B1stAYl_DO2KLQdzqtxJPpxiRLlcoV-Dr5OnHDyxWAW7g6w8Vx_FOUVIaBg8ZcReixMCu6bX2OPnoI7C8abp60I9WYPFRKPIRbja_BJ5roQcncsqwFPnhkT3y5bZMTkOcpMBf-2wNdmOMTDQmBWt-DfxQM3mFxqzPYQJid7XFPBQ8rVm-rgmqfKOCY195ZcgBzCUs3vz0gyuVkMx0HK9dFOo5QfdwCNkNpqbBOCCiXs4R1Paa-Vf5U7tT-oQHHNb4_nMsLjbK_z-lbUeep9febQCqf5srZTsGOa6Kcr84f7xTHQl-cuDzaDxff8rAX1pJ7A-1NENSCUzoDdb8_cdiNuwDxH-LA3jT5JECtFbVJA HTTP 307
https://dnsfilter.ordavida.com/api/mailings/click/PMRGSZBCHIZDKNJYGAYCYITVOJWCEORCNB2HI4DTHIXS653XO4XGI3TTMZUWY5DFOIXGG33NF5RGY33HF5RXE33XMRZXI4TJNNSS23DPN5VWC3DJNNSS2ZDPNVQWS3TTEIWCE33SM4RDUIRQMMZDEZBSGAYC2OBTMY4S2NBTHAYS2YRXMI3C2Y3EMJTGIZBRGMZDEMLDEIWCE5TFOJZWS33OEI5CENBCFQRHG2LHEI5CEY3NJJBU63COJB2EYTDXGR3XIODHO55EIWDLM5VWW2KLJFTEENSJHEWXIVTFMJWVOZKTKU6SE7I= HTTP 302
https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://chat-application.com/embed/index.php?tracker_id=21938257 HTTP 302
https://chat-application.com/frontend/web/index.php?r=api%2Fload-js&tracker_id=21938257

Request Chain 106

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2&e_ipv6=AQJUyG5mhC9GKAAAAZDgJyLQmJ_7niZ2kHcql17wZPpEw0wKCNIqq0oqF2gXupb6s-QubE-L

Request Chain 158

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&RedC=c.clarity.ms&MXFR=03FAF81534446BD313D0ECD030446536 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&MUID=15E81976D29A6FD216A80DB3D3116E30

174 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request crowdstrike-lookalike-domains Show response
www.dnsfilter.com/blog/
Redirect Chain

https://url.de.m.mimecastprotect.com/s/01V9CK8gJ1sPO49rhvhJtmR6gy?domain=dnsfilter.ordavida.com
https://url.de.m.mimecastprotect.com/r/zCKn6iNOnaG14GVo4G7hTQGUJt6bLX64CP2MdL0hqSa8LnQWqsu4M4B1-qXJKlRiYX-sl-s2Bw8thHGJmi9GXqIshCrfi675S9oHm5sjvqeSUtq3h2R2-57HV-JvS_u6b3p9qgvNIlnCJnSp6rfVdzYmBjV1FN...
https://dnsfilter.ordavida.com/api/mailings/click/PMRGSZBCHIZDKNJYGAYCYITVOJWCEORCNB2HI4DTHIXS653XO4XGI3TTMZUWY5DFOIXGG33NF5RGY33HF5RXE33XMRZXI4TJNNSS23DPN5VWC3DJNNSS2ZDPNVQWS3TTEIWCE33SM4RDUIRQMMZ...
https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

95 KB
18 KB

434ms
341ms

Document
text/html

199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

635d3206ba746749382915cebadbf1e0bb469b17e01173d75d0a99ebee567180

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=7200,max-age=5
cache-tag: CT-173633154213,CG-107420098604,CG-23609470,P-23609470,W-108982790827,W-109613840700,W-109614150012,W-109615241040,W-109615241091,W-109631202169,CW-100826903560,CW-100828020353,CW-100828550681,CW-109612526638,CW-109630796426,CW-114227658645,CW-114348176732,CW-118740173314,E-100826686891,E-100826724947,E-100826764614,E-100826902030,E-100826902676,E-100827159866,E-100827279535,E-100827479396,E-100828019554,E-100828042105,E-100828317761,E-100828317768,E-100828317769,E-108979418393,E-108979612589,E-108980336810,E-109592631156,E-109612080211,E-114202815103,MENU-109613840700,MENU-109614150012,MENU-109615241040,MENU-109615241091,MENU-109631202169,MENU-166714196397,RA-109613818956,RA-109613819022,PGS-ALL,SW-2,B-107420098604,GC-108982704386,GC-109310286984,GC-109615023795,GC-109631050932,GC-114223716610,GC-114347247953,TS-108980347002
cf-cache-status: HIT
cf-ray: 8a7c9c957f334516-TXL
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 23 Jul 2024 15:12:57 GMT
edge-cache-tag: CT-173633154213,CG-107420098604,CG-23609470,P-23609470,W-108982790827,W-109613840700,W-109614150012,W-109615241040,W-109615241091,W-109631202169,CW-100826903560,CW-100828020353,CW-100828550681,CW-109612526638,CW-109630796426,CW-114227658645,CW-114348176732,CW-118740173314,E-100826686891,E-100826724947,E-100826764614,E-100826902030,E-100826902676,E-100827159866,E-100827279535,E-100827479396,E-100828019554,E-100828042105,E-100828317761,E-100828317768,E-100828317769,E-108979418393,E-108979612589,E-108980336810,E-109592631156,E-109612080211,E-114202815103,MENU-109613840700,MENU-109614150012,MENU-109615241040,MENU-109615241091,MENU-109631202169,MENU-166714196397,RA-109613818956,RA-109613819022,PGS-ALL,SW-2,B-107420098604,GC-108982704386,GC-109310286984,GC-109615023795,GC-109631050932,GC-114223716610,GC-114347247953,TS-108980347002
last-modified: Tue, 23 Jul 2024 13:43:17 GMT
link: </hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAzABo2PWTdcJ9Xid4YRGZ%2F%2FqR9T6%2F%2FFaYGAnevv1Wy1cExTL7GtU55LtYy9iUv%2Buc5PQtyH%2FxOSlbw3WEY1p2cZK1KOzrLZRWJQ7qiDYBjNFjGsYmj7jL4TNhiFUI3Hk7RJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation-rules?url=www.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains"
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 584
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-js-rendering-td/envoy-proxy-5bfc5fdd88-zfpjl
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-id: 173633154213
x-hs-hub-id: 23609470
x-hubspot-correlation-id: bae2a042-e0c0-412d-a016-d55c09537cc9
x-request-id: bae2a042-e0c0-412d-a016-d55c09537cc9

Redirect headers

content-length: 83
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 15:12:57 GMT
location: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 404 speculation-rules
www.dnsfilter.com/cdn-cgi/ 0
0 139ms
138ms Other
application/speculationrules+json 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dnsfilter.com/cdn-cgi/speculation-rules?url=www.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ah27GRbL3rqRnwEMXIZOOrbUyOvRodg7Fg1%2FP%2BTyPQM326ALMMlW%2BwVw%2Brojja9v7FXPiiTA%2Fnv%2B7QLie7ipv%2Bhv7aHWbdj2bxKwDj45KInEOM1q0y3Zszvab5CNKzzI66MS"}],"group":"cf-nel","max_age":604800}
content-type: application/speculationrules+json
cf-ray: 8a7c9c97ccd44516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 15

GET
H3 200 jquery-1.11.2.js Show response
www.dnsfilter.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
33 KB 112ms
111ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: gzip
via: 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 21042722
x-amz-cf-pop: TXL50-P4
content-security-policy: upgrade-insecure-requests
x-cache: RefreshHit from cloudfront
x-amz-version-id: null
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAnusiYL4KMUM6IC5ysj26rPnh9Cwj3RtNHZ0nB3fUE5GW5ZqCBua3gBVcEkVAWpHeF%2BdiHbKXJih7Z18urA9Rzik8fcjRZYM4dTM6sT0y5Z6z%2FwUtI2YG6Gyx2QY9KV1ujm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a7c9c97ccd64516-TXL
x-amz-cf-id: O_5hEe5tH1TbmdsFBs2adAfaGuVRQ00VGDlObtptUqeYtG31BCrPGg==
expires: Wed, 23 Jul 2025 15:12:57 GMT

GET
H3 200 project.js Show response
www.dnsfilter.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 112ms
112ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: gzip
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 7079578
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3Gfvo9o%2FtJFk%2F1FM5vkTpTELK4xmOglJcN9wpe1nuGLsgZqejoQeoB45eljjIGXunZ0UuaceqULj61wgboKnTKM0%2F%2B%2BmrEJlTI6H8yqrhkIRL2Kh3ecGZcxw48C9pTbBEs9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a7c9c97ccda4516-TXL
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Wed, 23 Jul 2025 15:12:57 GMT

GET
H3 200 jquery-migrate-1.2.1.js Show response
www.dnsfilter.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 7 KB
4 KB 97ms
96ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: gzip
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 7079540
x-amz-cf-pop: FRA60-P6
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: null
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EAtOHDEKloET4eA%2FlmFVaB0rbr9iioJkFO7pBc56UhojqMt1nermGdT0zKc%2B9DaWPqlc8g9x8664MD59CtT1jZ0bB2zPjdRtpaA2wOw1e%2BYFV%2FueqKMz50gzoIzWzURX1aJI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a7c9c97cce04516-TXL
x-amz-cf-id: WTdO6FiL3OZ3rtwIbEiGcz4aMUsvpBugEaQ29RZFReLNM8oCxiPVog==
expires: Wed, 23 Jul 2025 15:12:57 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.1.0/css/ 20 KB
4 KB 112ms
58ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 559549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3768
last-modified: Sat, 06 Jan 2024 12:15:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6599366c-eb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0uKEwTdTmIW7ra%2BpB9uxfUBXpPNuzZFoeM8b37lpvf7qAFG5z16xokHQ%2Fo1%2Bvf1XHUyJ8vcVx86Lq0BvLZO25d8cOtMOnkudvq8i%2BCKnnVCASgh7qEQG%2F6%2FHbmzo7j1du7aFYjq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7c9c98285e3681-FRA
expires: Sun, 13 Jul 2025 15:12:57 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 141ms
74ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4017373
cdn-cachedat: 03/18/2024 13:06:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"bbfef9385083d307ad2692c0cf99f611"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8865ee910644b9a134862e38181d89c1
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a7c9c984dcebf1b-WAW
cdn-requestpullsuccess: True

GET
H3 200 main.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317769/1718911249072/Dnsfilter_March2023/css/ 38 KB
11 KB 139ms
136ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317769/1718911249072/Dnsfilter_March2023/css/main.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7878d98566a4f25da90a9d14140de7df967d4dd20d443b75c22dc6fd3e60e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: EA45R2SM4JZ7QJ4R
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c794939befb510ec3944a5e460b4b302"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911250979
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: z6oxWbbHR1V1Cril_fPTDqGRB5JG1rj.
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 740209ee-3f40-4e6b-aee7-ff240c9b837e
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 156
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SwHU0l+7sefuRuR6gXQBVNzaRJ/FDwDu11KS9otQvmSFG3Jq9PjWvYhuS+TKX52va9tYzjEnjiPx5ny/w+xMOfPfajP1Bciw4D7XT0AV/ww=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 740209ee-3f40-4e6b-aee7-ff240c9b837e
last-modified: Thu, 20 Jun 2024 19:20:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZUbausr1yA48ouSSZREU7zU6ViockvO%2Bo2X%2FAsKVtPjJu6IdK3AyBDVfytRPJTBqdmvwgdDTXvmwxqAUBc28nWDpbq9chKeQfHx75jOZ40xrQTBqtipQS1VUX8eIREMc74G"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8a7c9c97dce54516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: hbjY2aWf9Gi7yLKvIZkLBeAWRhX9My0BlS8KU3zyZtnhwjRDv2zlxw==

GET
H3 200 child.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/108980336810/1720462611730/Dnsfilter_March2023/ 36 KB
9 KB 139ms
131ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/108980336810/1720462611730/Dnsfilter_March2023/child.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c7bef4bb16cda4afacad5de8a7277bedf3bed36bbb581760064fd58dc3080a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: F95E9F2GNWM9GDEQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"4f7fbf67e21abf21ba325d3c2068f785"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1720462612529
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-amz-version-id: dV7fb3HeIwKAmBVuJsUYP7CDgNGHqsKJ
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: 4f8dc180-dc22-4267-891b-34bef2997658
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 190
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CC1SygrwrLzny7opfwJnfDW4Fx8bc05y/6DO038VgiK8kmt2touMijJbm6jif6Tposw84mzWqhw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4f8dc180-dc22-4267-891b-34bef2997658
last-modified: Mon, 08 Jul 2024 18:16:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwectjQbsfcXZdo7AQ5%2BSmQ3j96deqXZ2mjz8c5dRkJSj3X79uDb07ENTjjgHFzxs4hYUPTdy%2F7RnriMKHSR2omu4OEYtm%2B3HddXzHoGCAKxF1dQhhbljpfKpymm4V%2Fq8Akz"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54bddf99d6-4fh2w
access-control-allow-credentials: false
cf-ray: 8a7c9c97dcf74516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: wqQNmpgqoe10T4zrcnLbyQ7kmx0U6hGZo7Ca1dnVXwtUDeVoWc_BFw==

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 155ms
52ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

428f2358d040249ed9fb549ebd5e75b2836b4c5df593b8a306b96338317af810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 15:12:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 15:12:57 GMT

GET
H3 200 module_109630796426_header-announcement-bar.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/109630796426/1685876805413/ 894 B
2 KB 190ms
183ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/109630796426/1685876805413/module_109630796426_header-announcement-bar.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b05828192ba2091faeb318ede9749b5c0abb6ac3926c67bce068e7a176c2b61

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FKNQVJGQCVZT8VSJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"f91115101496cb6e6e073b47dd4bf6aa"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1685876805413
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: e6YTRlgFcCAcblswGpiKTvzaB_8v0VZJ
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 5b596deb-e2aa-480f-be16-aaad29b2cd41
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 126
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0N5AJTLOmLOp7/57TSMrtKsD1p9VRFdHJuC1mtjhRmL9Nk81Ogz0g7JnA5h6IO2+pPPa+oFl4xE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5b596deb-e2aa-480f-be16-aaad29b2cd41
last-modified: Sun, 04 Jun 2023 11:06:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKeRVteEjVLG0kDB05vMP%2FCz5FnYzuDAfDXmgpv3%2FMgLq1VrMPLBcKcs4Dxv6PnWCtBZMCqmb1WtVV2N06NC5Lj1xja%2F9APresOPywv8LLOZRHwYeDJ1vM8ugsLEZ%2B9MORMx"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54bddf99d6-5zvjq
access-control-allow-credentials: false
cf-ray: 8a7c9c97dcfd4516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: ONhULYxVnVVIIjJmEjxdGGscEEfCt2N3uiB_7Xy8hsLYUT8cjK6BoA==

GET
H3 200 module_118740173314_header-butons.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/118740173314/1686011009973/ 545 B
2 KB 190ms
183ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/118740173314/1686011009973/module_118740173314_header-butons.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5240247f57cb397d37604bcfd2dfe09d5a87362979d48848259917447c88b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: VMBZFKDM9YXEJXTC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"817eeab05ed84b4a9d9c7685b0ad1760"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1686011009973
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lTWlh1.MeMPOWKh5VXnCEkJaotCJzEFc
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 216e4939-dec5-4cd6-aa5b-7d9187061e48
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1SpaXquogHLCEIXjEW5eQA3psd0JL7+10JXDRW1/PVVdu570XWqJu8Qb30trARAYboxUJ0zhaNI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 216e4939-dec5-4cd6-aa5b-7d9187061e48
last-modified: Tue, 06 Jun 2023 00:23:30 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67DC6De85Vp%2BxB1Znaonp5eqLfSZOILNI3POBhCZjug0Y1VCbOURgynUluL2edorJNXHPiZmWhcxJxLy2gD9QNat%2FIOv9R4EYNDYbg0OK3lBFOaNH7AJvXLu%2FCU%2BJRx40K05"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd024516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: N8Tgj1FULgGj2vXzmfLkalGZxYGFKFXUMwo89KZvfCHKhuLSGt9cBA==

GET
H3 200 search-box.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826724947/1718911245981/Dnsfilter_March2023/css/components/ 1 KB
2 KB 191ms
184ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826724947/1718911245981/Dnsfilter_March2023/css/components/search-box.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdb24dceeef015c90d840be5b5ad5e00fcbe19012960489b869f7a77316a6d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: XBRZQQ2N4K42EJ3Z
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"2819227836fc55089bdb4c2f84d1cdba"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911247779
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 85fc1201a1918facbeb30836e7391660.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: vPTEoO7NsWkpdf33UrAl88hBLaPTa75W
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 0c669ec0-c04d-4c6f-9c5d-666734fed81f
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 259
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8CoZq6DCt08EwtDqMU8Zq6CH1hkJWOaPNhz/xx0QVMy652TOh/diCcutbMApK3Epb+h2ZSxIVkc=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0c669ec0-c04d-4c6f-9c5d-666734fed81f
last-modified: Thu, 20 Jun 2024 19:20:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXgEBs9JWQO4BxxsBOco6PtXA841qtMR%2FyDIxjIrnSgvOn9p%2BW4KC52FJyFuPST27iEi9coAiqO2NEM9w%2F8cthQBexJuUdbq13pKlmN3%2BDuFPy8FZMDEtiTEclikZM4PjPIo"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd034516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: 14lnkNjMeQ6uVedhnvcIf1-KK58FiP8pUXhBuxiksBPKY_XWXrU5gw==

GET
H3 200 blog-search.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828042105/1718911260153/Dnsfilter_March2023/css/components/ 2 KB
2 KB 191ms
184ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828042105/1718911260153/Dnsfilter_March2023/css/components/blog-search.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c1941f9dead21f493e49e123352b693a977446584f864bd780488c07d27c4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: XBRV41C7NV2S9DZG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ed51f2dc60527f407b6390669198f675"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911260918
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: EPDMqlIwUcIGvhTzMg4..t8b8pku7fio
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 2226997c-9ea2-499d-8f83-5ea1df7f21eb
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 142
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gr56eBnaTTZRaIeUbgieqL8eNcvtFtC8ttrl2fhJ+v/HfEz6RiqSjoC3XSn4l9vasUCmsj+mxlA/ygGNsCodhg==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2226997c-9ea2-499d-8f83-5ea1df7f21eb
last-modified: Thu, 20 Jun 2024 19:21:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMJLHwF9XiNYXlT4EMonz%2F0PbRWLMSMZl8BZx%2FvtjFzbGbymPYNwL9vNfgiSmt52aDlHXr8RtE%2FcunJGtmUTRf9mm3Lkt2RMydCPEb91z1hOznbWpzOIMOUyq%2BFPixWmqWeN"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd074516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: haoYcxq_cp1G8kP12EsMco7rFdTvEpJdcaZUyelsyLuC2-MLO1KTOQ==

GET
H3 200 blog-toolbar-1.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317768/1718911221049/Dnsfilter_March2023/css/components/ 659 B
2 KB 191ms
184ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317768/1718911221049/Dnsfilter_March2023/css/components/blog-toolbar-1.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

83335661d0e89f65bdbbaa8ffe19be499c425c2574a6f6793a0e5c01d8c0d30c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: XBRH8BQBNE4NH3W5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"e17211e376484f11e1bf732f3d58552f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911222852
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 5e6930ff15cb9ece8bd1c3b20d8103c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: V8JGpJn9b6i8n8uGfxfhVrE7IyQDXwS4
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 7ca4ffba-48c1-4190-9ebb-73b6fb57ea79
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 151
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XNMatbtJz9LyL8BW1CeXoZzVk10eiHQ4s69a1Uw3lmUYBfMVxE5IMVGF2RPkpfK9t9wKDkbFolY=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7ca4ffba-48c1-4190-9ebb-73b6fb57ea79
last-modified: Thu, 20 Jun 2024 19:20:23 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuQtClxY8yUcn1ghrS1g2Sm%2BhTADE81x5z2pf2qhrmPnDjBEXiQhEdTKbPgMsxxwyp1oQeG0rWuRutq5kihTZotxq1XWKLFAH8S0lKmXm1ojwwcgGpi%2BW5WQR3S06YuVynsG"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54bddf99d6-dlv5r
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd084516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: yYMaHqgzhRLeREqTV1-fFTEKhFxoOp117a0GZBVC68M4ojzfvm6Cdg==

GET
H3 200 tabs.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826902030/1718911233054/Dnsfilter_March2023/css/components/ 1 KB
2 KB 191ms
184ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826902030/1718911233054/Dnsfilter_March2023/css/components/tabs.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41c913da058a0eafd0d0534388cd06f9a5fbd51fedf6d487336e519e9651ce0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: MPV47G5JDPN789RT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"aa3b2b41689cb4b1a2e88484ff1b0a42"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911234338
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: TVnZgLRZBFF4dmP6prerO.Hn0lhbCZ6s
x-cache: Miss from cloudfront
x-hubspot-correlation-id: bad917ab-363e-4684-9aa7-41574c6bcd5d
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0znOWtHsPV4St+dAoCnGqzBfsAo3larzgXP3z1To+EGi2KauMtj5yjF551E23IRep30Kdh49mrqFg5SeUq2xxtrEFdRkLEC0
x-evy-trace-route-configuration: listener_https/all
x-request-id: bad917ab-363e-4684-9aa7-41574c6bcd5d
last-modified: Thu, 20 Jun 2024 19:20:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Et%2Bhar2NHcdP12tltrb88i3xq1LQ1yHQtcUelP7CXj2Bnx%2FKSf%2BGiqqXdMKLDcu%2Fewp2fnPyeW3g%2BkTcyTSOy5iLOEvhtmN88KNovSAN0pSKiG8eX70%2BCFtmeAdD68uasoyR"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-tjdnr
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd0a4516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: VbyO_104UpjsFZ5kjNUDzE7dndaI1SfJlWNjO2fS_Wy_zBYbdYyh7Q==

GET
H3 200 module_-2712622_Site_search_input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1721740817009/ 2 KB
2 KB 164ms
96ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1721740817009/module_-2712622_Site_search_input.min.css
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5756d7ea181754d88819c7defee76ab068788d777a0de74227f6d33214be4698

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 6153
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d7fec485aa77a65f6cb8731b725ce15a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721740817009
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 51526050-6328-470a-a7ae-8361f2307b44
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 377
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 51526050-6328-470a-a7ae-8361f2307b44
last-modified: Tue, 23 Jul 2024 13:20:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgpglWaWbHqt5mAGpDe3u5F6tos6QT3UzoXRQMg6qBhNb45TdDxnYgv8v0dI6jdLFygW%2FLOEtKSIp5%2BBdTqmIceVAoj2jCxL6w8E7CCcJXm6aRGqg8PYgVPLVqqRTtf36B0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-g67cx
cf-ray: 8a7c9c98484bbbc4-WAW

GET
H3 200 module_114227658645_explore-more-content.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/114227658645/1711570965120/ 2 KB
2 KB 191ms
184ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/114227658645/1711570965120/module_114227658645_explore-more-content.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e8780efe53d44ce45cc299f603a5d0805cc64356dc0371a6a8a79aba1b4c65f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: Z5B1B36MEDVP24TZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b7a0278b5fe6dc3e6f669aa765b48f85"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1711570965120
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 99baebf4b5bb631267dcfa82456151cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: c9Z3HH9Hky.JftZs77pgef4wJx01hYMm
x-cache: Miss from cloudfront
x-hubspot-correlation-id: d6ae950c-d4bb-4940-84db-7cb349d4191a
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 229
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LyjelSmPppVzb2HalMYE8w2Dhu4Lu29z7vRp9xUVPIMu8hNeFTXz79SIgBwJtphGfkST1rNMPjE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d6ae950c-d4bb-4940-84db-7cb349d4191a
last-modified: Wed, 27 Mar 2024 20:22:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAV8IdlygZALikrZYfnAXU14pJEZviidI1KE2qWxtKWrtwMye%2BzVIsBqaP6hlAUaGBYQ%2B5pIdSJWrrOJccCU7d4n9asYyHStwfzk0feVZD%2FYbj8cgvWfSrbnvhgP6%2BYoWAVP"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd0f4516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: UPDLAXtx-02evpgf-ByDfdCGctA40OHQcmhsK0tomkYOk07KOzM10w==

GET
H3 200 blog-4.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100827159866/1718911210585/Dnsfilter_March2023/css/templates/ 3 KB
2 KB 191ms
185ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100827159866/1718911210585/Dnsfilter_March2023/css/templates/blog-4.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af330b1c1eb95f325193f5f4bdd55e903ebb4e74c18d614dfa0bd76708a6abb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: MPV0XXKM5X5AAHHK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"916d5b6205bb28dac0705306b456c00d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911212580
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: 9Jeqf2pMhzMyy2ombN9u6rEheaPjfcwy
x-cache: RefreshHit from cloudfront
x-hubspot-correlation-id: fde3f9c1-608b-4721-8c06-e83856653986
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 471
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WABMktWbtizxowD6WLQqXJMwD1Ft1WVnoAhlbfpa7NyJezZVVtZJr7ySgyqkWIakIJ6xsej5BSZDN+Vl2QJbDm/utdxELyFLXp9PW0IEh84=
x-evy-trace-route-configuration: listener_https/all
x-request-id: fde3f9c1-608b-4721-8c06-e83856653986
last-modified: Thu, 20 Jun 2024 19:20:13 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObXHcx6VJs7YhA3Pixh3IU%2Bb6LKoY4DT%2B32VQI8ZWqw1BtIDE%2B8OTnUC59JL9O%2FuUrOud65%2F8mwnIWqNS%2BRB2ZpxcLFLruNVAqLPQ2dahPHGhenINk4XWX3oPkDkB7FBS5Lm"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd134516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: MQmftHovguB8C3huNIQS6a5coqlhw3a-HbzU9si0sUbbbjplwdBTcA==

GET
H3 200 module_114348176732_bottom-pane.min.css
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/114348176732/1715893451184/ 3 KB
2 KB 453ms
447ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/module_assets/114348176732/1715893451184/module_114348176732_bottom-pane.min.css

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1121176bbb028464b9fd6ad24b5c9b717abce2a7bae00ac67822d6ffd37dbf89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: 8CKA8P1TRSPJDVJ0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"468b6803af643a831356bba07d790277"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1715893451184
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: XR.OgN5oLctV_wLlu6vivoo0mBKXynz.
x-cache: Miss from cloudfront
x-hubspot-correlation-id: c90733ea-5a95-4475-b236-54ab8a1187cf
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 205
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +N1au8yz2zcEc+YrEtdV+Mi+z5bhJdEYToZLUIqrhYAaT1PRJ7JwdF1l8C5VJBA6xtVfwqYk3TM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c90733ea-5a95-4475-b236-54ab8a1187cf
last-modified: Thu, 16 May 2024 21:04:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwFgw%2By30Ge0ulbqCNv8cszqAN3eznDuQZ2v5yO6DxJsBfA01B0bx2QNKnImqrhaUHlcvwHarG4SJGMGqCj1YTjMmAB%2F7OnkJMNjaPD4vlA3quJRT5aq6ALEINnTSzVF2m8R"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a7c9c97dd174516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: 1TTjhs6lSLxxuyG15xpARl4oDiGBNtI9AKZgjRM1JdDVjLa92RB79g==

GET
H2 200 AudioPlayer-b0403829.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/288/js_client_assets/assets/ 6 KB
3 KB 203ms
105ms Stylesheet
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/288/js_client_assets/assets/AudioPlayer-b0403829.css
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0403829bc66fd1f26c7ad7f42a2560787fe44f34417d357ed83d107ab32d983

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-173658684038,FD-173659050366,P-39666904,FLS-ALL
age: 62219
x-amz-request-id: YFVWPTFBRASQANKY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173658684038,FD-173659050366,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"65806cc0ba70516e6b234221657321ef"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721684809875
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ED7W38YaaDwCiFjIwpSpXSAJiriZAWph
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-173658684038,FD-173659050366,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: ssBDl+nln/H3RwwRcRl+SDiSG/2wir6eMHvUD4ZQOQg3WTcIVtCKxcoqxt5Jug8E1lb/352Q5fjxHj1igpJm9cmn6ryTLlqW3S1576vxvj8=
last-modified: Mon, 22 Jul 2024 21:46:50 GMT
server: cloudflare
cf-ray: 8a7c9c987b8d9220-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: HhSP4BT7_s1UUnnNn6UacknPHv70vcgEShWU886VMzPEw-HjBNZabQ==

GET
H2 200 Tooltip-4a948cad.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/288/js_client_assets/assets/ 3 KB
1 KB 207ms
109ms Stylesheet
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/288/js_client_assets/assets/Tooltip-4a948cad.css
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a948cad1525b333f4615fb0203e3dcf4a5fdef9409adb657fceeab1dcb37f7d

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-173651762864,FD-173659050366,P-39666904,FLS-ALL
age: 62220
x-amz-request-id: YFVRQV5PCS0SB4R7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173651762864,FD-173659050366,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"983d8d84588e7c3f88e069694360be07"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721684810308
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:57 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: UHFgYQavm4BVXW_EY.Y5l7mOmwkR.ktT
x-amz-cf-pop: AMS1-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-173651762864,FD-173659050366,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: tHkEcVRyl3NBAcMzt0KCq4Qan8ImHOqLHrmv5I+3h5j+cfo6KRIV7nP93XUPsNG1EUuq7KgcbI8=
last-modified: Mon, 22 Jul 2024 21:46:51 GMT
server: cloudflare
cf-ray: 8a7c9c987b8f9220-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: 4ND_l_SODJ5gFje3_cUUSv6WX67hEVgT5iwstBBUtAwK25ajOH1yiQ==

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 212ms
47ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3220
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163630
x-li-uuid: AAYd6tjMAQtzhxIruRhBdA==
last-modified: Tue, 23 Jul 2024 14:19:17 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Tue, 23 Jul 2024 15:19:17 GMT

GET
H3 200 Horizontal%20Logo%20-%20Dark%20-%20Blue%20Swoosh%202.png
www.dnsfilter.com/hs-fs/hubfs/ 7 KB
8 KB 188ms
185ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hs-fs/hubfs/Horizontal%20Logo%20-%20Dark%20-%20Blue%20Swoosh%202.png?width=500&height=117&name=Horizontal%20Logo%20-%20Dark%20-%20Blue%20Swoosh%202.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

73ba7b2ae82b23b68f871972183efd860b900c827f13ac7ddc6b9e86f09e31ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 084f866feba2345e668d9a32662696ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-118157911070,P-23609470,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 7576
cf-resized: internal=ok/m q=0 n=818+0 c=0+25 v=2024.6.0 l=7576
last-modified: Wed, 31 May 2023 16:15:09 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfywgzzuJctEgphSwpEHX560DTOdv-Gz3wD-gHHSPSDQ:335916f708f01a337f6a55f6d3427613"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN9vWVQGvhtolbXFvKWFH%2B5cnSEb2gDRNUW8%2F7qwCh2MSInG3XrbVPAXldHWaOn9rYOQlmqRqXK0ekGoz%2F4ZN40PtdyqmPIUiASAby%2Fj73R%2BzKdPJ0XUYxrc0Nj5%2BiIkMMT3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8a7c9c97dd194516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 ae32186b-4163-48fb-9e26-ae62701eb72c.png
no-cache.hubspot.com/cta/default/23609470/ 813 B
2 KB 284ms
178ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/23609470/ae32186b-4163-48fb-9e26-ae62701eb72c.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcaa9984b576d9dc419934c60554a069e50e124c589824ebd700d652863f4ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
x-amz-version-id: S.yIe.NbkwDMqTYkfWmMuVXmpPi.WS7t
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: C0KE0N6WGZKHDM85
x-amz-server-side-encryption: AES256
content-length: 813
x-amz-id-2: KJtUiK2MpTVcyDzpg0poztdbRGW881X6ure1uXuBKrEuBfXiLLzhJKtcEzoapzq6I8Gu4/KW137M4QaHQ4TVdw==
last-modified: Tue, 26 Mar 2024 20:55:57 GMT
server: cloudflare
etag: "dd80e758130923e3af2988bc020d50ed"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrNMOvUYLXzBB707tN4slz85ZQFaxKGI29Tq8dOQMV8Mg2aZ3SnD%2BVAHhnaLceF4jgwA4g5qltQQMfBRK87JGq2IAq6FpCv%2Fj5JfwBamIHo8yv9pc%2BI4SKjL%2FmWZWL%2BDVV18egwZTQfEI0nk3u9uj1il"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c988e4c3832-FRA

GET
H3 200 current.js Show response
www.dnsfilter.com/hs/cta/cta/ 18 KB
8 KB 70ms
70ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/cta/cta/current.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2b8b34b8e5c1f4feb8a7c35193c96ec52727dd918751def0e764b8abfb4182

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 575
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.302/bundles/current.js&cfRay=8a39f49c85a84504-WAW
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2b8b0fdd5605ef5991d212803946c40e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.302/bundles/current.js
date: Tue, 23 Jul 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: ri_IjUIhUsqIzBG3WGIBZRLvLnHeLPpf
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6c8504df-13b7-4485-a21b-c2f9c4f40c91
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6c8504df-13b7-4485-a21b-c2f9c4f40c91
last-modified: Mon, 15 Jul 2024 12:53:47 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgshq%2Bl9nq7URdR1CvqiNMxtL%2FwkWQi7DbChHmHLdTrpKrysb8bn2v6oDMArqaaLga5ibcJLUJb1A%2FR5pyuXy5A3svPdEQc7tvazWOvcqD5eDNpRfovM%2B2nCXcpSaWXdUX8V"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-fvpqg
cf-ray: 8a7c9c9918034516-TXL
x-amz-cf-id: ipdhw4qagZIIJKOQzk6bjPCxhrSS9w1Eg91pdv_ERjWYAZpiSGiKzA==

GET
H2 200 d1cf6edb-b5f7-488f-bbcc-ca0507322f6f.png
no-cache.hubspot.com/cta/default/23609470/ 1 KB
2 KB 179ms
179ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/23609470/d1cf6edb-b5f7-488f-bbcc-ca0507322f6f.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac342580356415a11227ffbf5fbe63d840680b35a0f8aa88ff9ea1099b0c03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:57 GMT
x-amz-version-id: 6Y95.J4cZn9SAjKXwISXQ5KJ7f47LbwP
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: C0K64ND8V33KXBFC
x-amz-server-side-encryption: AES256
content-length: 1168
x-amz-id-2: BTP/RBujoTIr9bsVc9izKm0doaybIJZTkRa6J5jlmhZ9oa24NYAePw5641BKbTHKI61PCI0V8+M=
last-modified: Mon, 05 Jun 2023 09:29:32 GMT
server: cloudflare
etag: "4245e08b2c1b120bd030ad93f07f0b5f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ukv7wrcous1qptEe1lgAga7cViK7mxsTfsFvzjXRW6yp43boJnGOdXeTtzbh4QBuODcRZ9TL4hPuEXCp9%2FsaGNiOrFpn49vL%2FdD%2FAV8zNUs0JmQ3hZgwTVxZ%2FFL4PtlaKEcvjONQVt4fd6g8wsLzYj6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c998fd23832-FRA

GET
H3 200 newsroom_lookalikecrowdstrikedomainsdiscoveredbydnsfiltertodate1.webp
www.dnsfilter.com/hubfs/ 21 KB
22 KB 129ms
126ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/newsroom_lookalikecrowdstrikedomainsdiscoveredbydnsfiltertodate1.webp

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6ef2b5e6a0f1f77787cfc78bf8a60632731e20c36fac2368cf0301423c2158

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-173637013570,P-23609470,FLS-ALL
x-amz-request-id: MZ3EFSCTMN3VS34Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173637013570,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: "5a61fc349efea43d809281269c651d2d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721672486558
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: LgL2S5yq66HsDlnvYPIcp3_ae09YCRzf
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-173637013570,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 21090
x-amz-id-2: HE5nmQfjPbgYR/gWAP1YdbJfBjo7nrtHr1IRSJsmN1uQgcMZwxjTcA6kPd4uStQSNr0Cy8RkHOg=
last-modified: Mon, 22 Jul 2024 18:21:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8jN7SJEY6LE5Y3sqgN534wZ1bwcx2crKnTg6c2OXV2QFVVyj0%2B2SdDl36kJGurAJ24vCtFQGZekbwlHbBpQW2NFFrSxgM3vPkGuKkUx31HylGO7nT%2BE2M78tUsyOt0C0CtI"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9c9adcba4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: kjzYcSrjMcMsXD1vNXXYrfOwOmBxRa4uBzM54YX0M_UzrVQWcBKHLg==

GET
H3 200 revvingupthefundnsfiltersindycarexperiencerecaptorontoedition1.webp
www.dnsfilter.com/hubfs/ 23 KB
24 KB 158ms
154ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/revvingupthefundnsfiltersindycarexperiencerecaptorontoedition1.webp

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22c2fd9d148329bbd3fca7d00f7fb3f4b5c61a6738bdd708efba2ae07c767925

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-173627177244,P-23609470,FLS-ALL
x-amz-request-id: YEQ4NC447CWRJQM6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173627177244,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: "2c66f4e1fec81688f2780746969846a0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721668763943
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f9a94e9be2a827a3f2e1cdb64a8fa6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: TdOOh3uDuoXw5tB8_UUdzLL1KkwK0nnC
x-amz-cf-pop: BCN50-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-173627177244,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23612
x-amz-id-2: iX5avcjlaBLyB/RKzrwu4Wup2/hOdxE98mJUabS9EGKjpDSH++csG5b+AlEpMwigWfBdhdBhXeg=
last-modified: Mon, 22 Jul 2024 17:19:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7XScoYSArMO2K5h5v%2FjtPFOmnrAW0Q8oExpVzI5XUIA2bWM6k2qJUMbmi9CZYE9MuS2up3YTXyao4cYsVCPBm%2BadsFjavBoKQJfvIs0CnMYwEi135jC52HGKhv%2FJqzUy1rn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9c9adcbf4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: KS7kY7X0fDZYgSiDdpmI23pBgyZ5ABeM6_IYs6bU_5M-xiJ3_vR_Xw==

GET
H3 200 blog_traversingtheworldofaiwithjudysecurity%281%291-1.webp
www.dnsfilter.com/hubfs/ 21 KB
23 KB 150ms
147ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/blog_traversingtheworldofaiwithjudysecurity%281%291-1.webp

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f1bba6df92bf70e05decf0d6dfd221220ddd1a357c15b6aefcdf715a76ebc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-171600197659,P-23609470,FLS-ALL
x-amz-request-id: XBKRTW0H7GSWZN4P
x-amz-server-side-encryption: AES256
edge-cache-tag: F-171600197659,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: "f62ae8c57105be8c8bc4c72da80dcdb0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1719600914990
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 38eb62cecee463a32bb912440e440938.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lhBP0YVGqUOsKtCtmC8XcCAadDyLw.BH
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-171600197659,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 21944
x-amz-id-2: llZrsxMgd0/lxLeWJUzMZ/pHCrzoEcL0Hd2YCl/c3u8h+eXPJmiH0iZ30RmpZjIOpT3GDxMFXFcleyw/sSqfzjBbb3uWFch3EFigwKBakeM=
last-modified: Fri, 28 Jun 2024 18:55:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEzfxozJc0HEOpWWccQRiIcR6SalvIAyJGiLMdJZcq5EZV%2FdAw6ac7fLkotg1zEGMYTZZGQHLOHtLoO5P9pjpY4fO1jeK8HhHrH8oBfqLmkhNDz%2BV5SrfZfCkKZBL2YSWAq0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9c9adcc24516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 5WSMeaZoUVau27TiHCUh2c9hTf4kJJxvskxP8nQMGtShwUH9AT7VYw==

GET
H3 200 whitepaper-icon.svg
www.dnsfilter.com/hubfs/ 8 KB
3 KB 113ms
110ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/whitepaper-icon.svg

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e34b27d33f1027faefb23cdae4ac8e448654c795cbcd93947a9b4d52368dba3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-114215653034,P-23609470,FLS-ALL
x-amz-request-id: 096PPYQF9N61C4E3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-114215653034,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"ab971a0258f30d11b2b2bac9eee567b7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683196239807
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: g25Ndp7W26j5zBF.YvGrslgvTPQ.B8k7
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-114215653034,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2F/9NBJ72akw+JB8xLEw4FTE16/FufxCqUkfXtN4QgCfUObtdDUrJMZrjQtMNcRYcLaNWfcMOa/8v5Q8YDw/yUgvUnz9F6L7KVASI60yiDw=
last-modified: Thu, 04 May 2023 10:30:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1PulTqE3oFjyXwApgADpQrYQ1O512EUV6M%2Fya%2F2WxbO%2FcjiRZonPDjpNfPDN4l5hEpBoeV6FkIq6uwrJfFQc58qvnPm7KX0rh%2F%2F68wmcX5KPbWYqLW%2BJ%2FEeBkDc%2F3UrVgw2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9c9adcc54516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: Sni58jR4oOsJO8Erjz4sPhshEqqV22vP5O3_0nk3A8hzvP4INpxN-A==

GET
H3 200 webinars-icon.svg
www.dnsfilter.com/hubfs/ 3 KB
3 KB 125ms
122ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/webinars-icon.svg

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a75a0217c66257fb236e32cb43328f460da269cca4c18538cade5756a4fb19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-114215780370,P-23609470,FLS-ALL
x-amz-request-id: CPCE7G5F7J42EGNE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-114215780370,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"bd976097051253d1f8f8963cc22187e9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683197035751
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 e11502649b2fdd9cb3960f027c8c1ea2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 6qGM4_QjyBgqo2Y4Eih2ycjz3xt7en5T
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-114215780370,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RF7CPVOpfpXFR/FqQw3bO8f5yz0EKq+EicgfGB1yKBnd38KfOmEeqUYQba6XuM2lGPxN4C0knFM=
last-modified: Thu, 04 May 2023 10:43:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eim7Bx4Tnxt2Nf5kVql90qKq51XwJUuFpTCIOqqUgh1RUKX%2BEY8JhNxqZTDfZ1gixST%2FRCayItwDxd9JKC6FS93YTGgkEAZXEz9x4g0JA00VuCjyoy2Tlwehd2%2BZENOW%2FHtv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9c9adcc74516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: _t7XsTpU7qHABuV7bxFA8suIwLtpN-yqW3xVP4XHmQ_J5GNCI0IaQg==

GET
H3 200 _casestudy-icon.svg
www.dnsfilter.com/hubfs/ 5 KB
3 KB 131ms
128ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/_casestudy-icon.svg

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a94733a0dc71c0d80f5ba3a6914d54d2a5f00681d47ac7fa231db70c4cbb7f35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-114215653795,P-23609470,FLS-ALL
x-amz-request-id: FB75YFF8M77SZMPS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-114215653795,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"b4a7e800e95a4ed66ea5a47208f91413"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683197083361
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 088d44ec4eda0e71767b9c47eab0d6bc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4UfzgcP6UgT_A0HkrUYkQdPBclhiI7aQ
x-amz-cf-pop: BCN50-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-114215653795,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fXvulf2ctKISzU41Roe1mqylc8ATsqAWs0GkpdM9cCMxtqXnaIXSkXiLEtr1mvUCP2O/PvFLZNo=
last-modified: Thu, 04 May 2023 10:44:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ygs6IQkxUqfWtyh5UsUeJXAKS7nSenImDh9Gl98zxgDmjDu38WsNuwUpVDBXTCFwt0rMXMMpUHt3qQt1La0lTMBnagX%2FgDK1O%2FIGvTq6Q2HiVtUvTfhtUm7h4%2BIgQCoSwsf7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9c9adcca4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: avgYSO8wwN-Gw7zYuHoAJboemEiEMCUfU-6tba1ep4eR2zDH2utw_Q==

GET
H3 200 product-literature-icon.svg
www.dnsfilter.com/hubfs/ 5 KB
3 KB 161ms
158ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/product-literature-icon.svg

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

54582718101f4575e0323771cfaee34c8ab7c23223ae6a4ca7fc203d4248ec3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-114214507344,P-23609470,FLS-ALL
x-amz-request-id: 096WJF5W05ZJF3FK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-114214507344,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"7eb9eb5cea273ee1f740509ad4b191e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683197117618
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 b433bae8efc972ce008786192dd6db82.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: L2wWrwnPpbEQhU.QMut.Y1D64LjVoAa7
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-114214507344,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CrFsvphN0Ikvk+tQlaGBQbEMjZ+f+rCrZ24Opz56C4GtYsz8HfdqKDHIYaNlN16hCavYD1ahFU8=
last-modified: Thu, 04 May 2023 10:45:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7gkpPkYr1pkekhfW9HecMkOOXRX0u7xif%2FDKR0CPxj9K%2BZIH69s5rwy%2F4oIslE28IqPKbZKKN%2FL5V6ml1NJmXMmvycsgudV%2FRVc9syoaDJbjEoAJYL%2FxniVI1CU%2B9%2FbSesv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9c9adccd4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: v7PUMZnYjG0l3Nt_oVcQVol-nzk12hAlT0E4aemEBFqcQOrX0kvX1g==

GET
H3 200 5fda16a63a8939e688d5cc59_Layer%201.svg
www.dnsfilter.com/hubfs/raw_assets/public/Dnsfilter_March2023/images/ 9 KB
5 KB 121ms
118ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/raw_assets/public/Dnsfilter_March2023/images/5fda16a63a8939e688d5cc59_Layer%201.svg

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eeae45bed0dbde85bf405393f3edc7f8b2d53f1d5c7814a3a199930f98bbeb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-109614107737,FD-109613750664,P-23609470,FLS-ALL
age: 235924
x-amz-request-id: 7Y2DEFEMRG7YV391
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109614107737,FD-109613750664,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"adb4b9424411072645bc00af0b11f8e5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680685337459
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 1abca94086cdca4a9210267903e2c1b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: xhePGtrTYS4s10Asnqky1nDYfmmCfs.H
x-amz-cf-pop: ATH50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-109614107737,FD-109613750664,P-23609470,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tNy35IumHMUP5CXuyMtfAu/DBnx2hpfD44ceKvvh2KaIZHLIYJZoMkIs3xmkbCF3c7TDKVIHO73WwRA8l88GsM4hx6D0lYQr1T1F6OHJRNA=
last-modified: Wed, 05 Apr 2023 09:02:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FJNUY5jcO8a7MpFr4hYBFIP9j9qLYrCbZGAf0Z7fsKbtIu%2FcrKhUFyspTknFJOs0xwgNAYbW07uGgnxcIBZ1mmaz%2FWFcta1ov9XBrpdEH3yByaP2mBrWLMUTe8ZeQVxutZC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9c9adccf4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: L8ez12lmvDRzizqDHyguwFfApn32ZXq0-dY451GQN7C5G3iAZCQ01g==

GET
H2 200 se-v2.js Show response
cdn.statuspage.io/ 4 KB
2 KB 137ms
41ms Script
text/javascript 52.222.214.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.statuspage.io/se-v2.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2de85007c28d01d2a973cbd4efd90bda8f52771727ea5db199bd425f0720a37

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:02:13 GMT
x-amz-version-id: MjLFyr7Nk3Q30BzTztuUjCXMfNdGeK9j
content-encoding: gzip
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 20891445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Nov 2023 04:38:33 GMT
server: AmazonS3
etag: W/"adbf776062a00ee2ec709124400db9d7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=315360000, public, immutable
x-amz-cf-id: ZOsARHOitWLCmr5aXj4Q3CJPcV8RAnxBMs0HO0UihY4KTbFoLicMtQ==

GET
H3 200 main.min.js Show response
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100827479396/1718911257988/Dnsfilter_March2023/js/ 25 KB
11 KB 131ms
131ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100827479396/1718911257988/Dnsfilter_March2023/js/main.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f512372c512f14db3753c95c9b8c3bf30b6f32a43bdca4f71279b4824e21164e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 60TPX0E5ETSQ9K7M
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ab6a8bd5e76eac5594a81a82cdfae619"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911259206
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: DnQCS5ZODnh_fMgM5dle92xTIBWIy5oP
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d1513dd7-4b41-4775-adaa-fa5599ad1d10
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 184
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bKRGOz7MNrxlEK0Mgt+sjstPTtx0fo1qZuNwI0KgXZC3o+UFwUnjmPRC5NI3TddXM4VncTk7T1F0mMl6Gnyp5kM3Q5H1at0AvoWisIn+HhY=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d1513dd7-4b41-4775-adaa-fa5599ad1d10
last-modified: Thu, 20 Jun 2024 19:21:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RlgDvUt2jEbvWRPa3KYFd579hAYRGn9l%2BhRclv1Tu%2BTvDXN%2BsJeS6htzKetO%2Fbj04EeMQbB3yINSc4F%2BaUtUMS907uIXtVWnmtZTAgT3BBZCjlR%2B81xLwnxnwiESOK9021E"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-lrfms
access-control-allow-credentials: false
cf-ray: 8a7c9c9a8beb4516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: WdXyQXh--Wn5Q3RLBvZeZMc1z_Tf8C790fJuTyvupVHiPOpe5e1Z-Q==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 184ms
69ms Script
application/javascript 2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1719740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0SR6uCXn%2Bm8VL8yQi5OVfu0nnkxjym0pSVgFYU9vQ7M57mmPh6%2BLZTZR1NGcUf4OJ%2F8WB3Zflm3yfdDVttK3okqk3QIPBfrBc9IY5e84pMIDKv1muN7NSZzcql3pB%2BNSqWZXTLs0oe3nl6Prtj6G2mrS38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a7c9c9b9c074db7-FRA
x-amz-cf-id: 4KGI5t64pXc0VBpiZlqrGzYDMFRUiAtNY-kZWNgC73HhfnStC05rHQ==
expires: Wed, 23 Jul 2025 15:12:58 GMT

GET
H3 200 child.min.js Show response
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/108979612589/1709937167030/Dnsfilter_March2023/ 1 KB
2 KB 124ms
123ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/108979612589/1709937167030/Dnsfilter_March2023/child.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7306cba988267141cd430335ff9fd7f46e56b4005c5f268b4f44573be1d91d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 49NVF2MEFMY257TX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a6c3fb54804c353bb78b23af35ae830a"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1709937167217
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9K92oeQ36LLU3NHiha41LiyMB9hk9Bys
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: fd74dbd8-86cb-4552-a6e9-18f1c991fb08
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 147
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ng0MYo8n0fUR1R5+djWPuPlHgLchhWIA3w8JwHKp3CI/4QmJ16Gh2cLXYIcGcwbTIElWHP0hOsSKDsahY2oAtrtJ4IxDgi0t
x-evy-trace-route-configuration: listener_https/all
x-request-id: fd74dbd8-86cb-4552-a6e9-18f1c991fb08
last-modified: Fri, 08 Mar 2024 22:32:48 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBQrYaQahUJkrjEqu5w2Kubed6S0NKkTUQI0gO5D0pGHKYM%2BBEC8gJPXl3LGB4m19FN7NGEfhtgrCV15ClCquHyf81DvNj%2BGvIwdRZ3T7u8qtHaO03B0MdO1NALT4HD0H8pT"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8a7c9c9aac494516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: IaXMiJmM7XtkiTCzVHtdomK2V3B1sOiS9A1grmXFNeUfV-JJY8UC0Q==

GET
H3 200 lightbox.min.js Show response
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826902676/1718911258947/Dnsfilter_March2023/js/components/ 14 KB
6 KB 251ms
248ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826902676/1718911258947/Dnsfilter_March2023/js/components/lightbox.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ea005df4ad1dbcf388d374dfc7a160bc7dc49fa93f90f24248a456021f3cb7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 3ZV3BMTD7B5ZZSQ0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"894203e79091a4dfbc28915d1ee9d3c6"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911259358
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2YbUBEllvbjSfb4Er_tHvAqFdlJTKWQ5
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e40b99a8-a948-4d36-8745-190da693f8cd
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 190
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZoDvv6FkUUdbIcURI9tQw6sLcyt8i5/hIK197rZc8OvtzzEuQNe5U5rvuBUue8sM3AyfRryMpoyE7kB1/aZ5KxFTnrcfBvs9eQPovHTThew=
x-evy-trace-route-configuration: listener_https/all
x-request-id: e40b99a8-a948-4d36-8745-190da693f8cd
last-modified: Thu, 20 Jun 2024 19:21:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icQV6c9K3%2BwPHFq33NX%2BZz9woaZ3W9UTHWKpYh8p7Ap1TrjDijgobCLTBJZZnApsbYl%2By0GOfUE6NA6NPqs5ccgilfCRQeTqYX9tBlHQmaQ%2Fyg0UzPp2iOYO4JdlQl0RblKa"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-jn7vt
access-control-allow-credentials: false
cf-ray: 8a7c9c9adcd24516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: a6Isz3cs5UfwkZVKKKSZoB4abW27NQbYshUIxAEVGIw7YmV6mynyRg==

GET
H3 200 blog-search.min.js Show response
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317761/1718911254595/Dnsfilter_March2023/js/components/ 2 KB
2 KB 161ms
159ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100828317761/1718911254595/Dnsfilter_March2023/js/components/blog-search.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67c7701c1d42529acc97d9890d23f6d16f1a0b0e7aa2b137b85914f4f6e05db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: E0F22D9MWN8JGB70
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"239ac39341300ae9ac85e0534d2f76e0"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911255104
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: azDAh970eWFeuWOQ1e65zbNldEW2UNfb
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6ffc69a8-ff1c-43d4-a917-de96f741d708
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 228
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Mb+h2xCoOjoYdzRITJ1ntXcP5vUML0CKavRzeeh01Ly5qythIB7lQxY8NnLBqj6sLR8/x9E4YB8=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6ffc69a8-ff1c-43d4-a917-de96f741d708
last-modified: Thu, 20 Jun 2024 19:20:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72he%2FTDq6EWYWYD4rN%2ByBQmtYSOCHtTLCk0otVNUeNMb8LT6LJqxYxzhmg8tEdsjtaFKBld0zPfnTAQrjJx8QxF0ngqB9oWNhma0YDyJXrmk28sPxdk6VgVoZ%2BrY3KTBQdFn"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a7c9c9adcd54516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: 3vEnVQkJBCDH-Fz3uDkH01b_36Vu6-94Oe5pcoTG6EA5zb3AuR8X4Q==

GET
H3 200 tabs.min.js Show response
www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826686891/1718911239995/Dnsfilter_March2023/js/components/ 2 KB
2 KB 171ms
168ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/100826686891/1718911239995/Dnsfilter_March2023/js/components/tabs.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9fd71726b2d787d74bb05435e29268f5dc7fd4957cd89c621233a4ab4182c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 00DE03TKCG8B0Q22
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b747b1f3db16c63b2fb174c92e014a50"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1718911240404
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dQK6cHoNIJkUJm9z.hQI9ACwFO4_fmKK
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 60bb5991-0a04-4faa-b7e2-f98c39df2822
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jAB/Vun5QuMHTeU71VQWKfVi97v55BCfMcAbY8Jma7AyD9xe409Wc4ujt5Po4IwAE2ZMeRC2L0w=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 60bb5991-0a04-4faa-b7e2-f98c39df2822
last-modified: Thu, 20 Jun 2024 19:20:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR2Bofz%2BfbVriKtkpobHvjo1VLXJnFQUOQ45kVH%2BoUiufjCy3V6T2XGzbB2UeUiJjyEZ94Z7GobfMkXc79GDO4MTDtmc2bhiuZfm3RtGn1MCiIrgord2GF%2Bvo5FnRpYuspnX"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-x5qbk
access-control-allow-credentials: false
cf-ray: 8a7c9c9adcd64516-TXL
timing-allow-origin: www.dnsfilter.com
x-amz-cf-id: nLeRov2vkJxqEy9xDkEXbmxsFVAjqkHzUl00HNcaQyEW1_lqZHE4eg==

GET
H3 200 module_-2712622_Site_search_input.min.js Show response
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1721740816360/ 6 KB
3 KB 94ms
92ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1721740816360/module_-2712622_Site_search_input.min.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718d472477201493d1be31e5b01e10998272aa0cd6b98191e043ccbc1787b037

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
age: 6153
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"da0124a883faaacc72fa39714b4eae4a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721740816360
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 85121c69-4d48-49ca-9f07-13a3d1255fdc
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 155
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 85121c69-4d48-49ca-9f07-13a3d1255fdc
last-modified: Tue, 23 Jul 2024 13:20:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2az4lWxYhkt99C1Px6wyYgW%2BqaQB6dQgcGXcAV9fKTG8%2FW5AS%2Bl93bJZlen1y9NV8Srb0e2grUs9z4hmFVcaNCDgbOhWFH7IGuWIJdiyJbVgJ4pT9W5VCqfoCrsPNKCuxwo%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-7bc58b7fb6-9fg76
cf-ray: 8a7c9c9adc37bbc4-WAW

GET
H3 200 23609470.js Show response
www.dnsfilter.com/hs/scriptloader/ 2 KB
1 KB 450ms
448ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/scriptloader/23609470.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b88cf48f08a5576f922d6234e5416c1a7463f92b813a7e9e9f2870242fdf90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c3424c34-6e74-4190-a5ce-5849b419c167
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
content-length: 638
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c3424c34-6e74-4190-a5ce-5849b419c167
last-modified: Tue, 23 Jul 2024 14:52:01 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-l4ql2
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppnoRFVvFFH%2Fl2j3GAnhlOEL2nDPUw5RgDdLT%2FTNy6UGXj0NK8iZIK%2FOu2ZRjNGExrpt3%2BqtmY1pePHHbzTbg%2B%2FfqUyS3sPEnhdKzaS5QtAzIo5yAqmKV4CjbXo2NlXge0v3"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9c9adcd84516-TXL
expires: Tue, 23 Jul 2024 15:14:28 GMT

GET
H3 200 index.js Show response
www.dnsfilter.com/hs/hsstatic/HubspotToolsMenu/static-1.349/js/ 12 KB
5 KB 114ms
111ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/hsstatic/HubspotToolsMenu/static-1.349/js/index.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b987245cc5d802ec15d04b1797d14a16f002aca05348c13f79d31ecedecad8ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
via: 1.1 4748849bf812e60af8dbe8eb8fb00316.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 584285
x-amz-cf-pop: WAW51-P3
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: xQGlP28JK8czygjYT3ac5MmMcZh4SwPp
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jul 2024 20:51:48 GMT
server: cloudflare
etag: W/"804371e77c152132301ab9a09be49f93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SV7v%2FOtRbKgG10cLpGQ0Wb8OtRGWh5HHs6By3egIR8mJjyvr3F8Jn6E%2BZT0uMJ%2FT%2FZ%2BWG8XT9mNDnXbHsDuEpGJbvyra4beJd%2BFIqe8g82ZkReHk%2FhccOvVs%2BkYN8QkPcLbm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a7c9c9adcd94516-TXL
x-amz-cf-id: vMdSIxw-KU95xRPa9AdLwgIm0XELbB1XhqzBrdTkJwL2m3wRTtkNVg==
expires: Wed, 23 Jul 2025 15:12:58 GMT

GET
H2 200 attr.js Show response
assets.dnsfilter.com/ 6 KB
2 KB 178ms
62ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.dnsfilter.com/attr.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

193bf9556b022b174e3fab576cd1bd471e1e1f1d1ad247c987cf917b3a213283

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::czsb7-1721747578173-89963dc89052
age: 2762752
etag: W/"b302b8882e531af613d06830b6eee864"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="attr.js"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
101 KB 176ms
70ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a745ef600df6e1bc6e078b5e5797cb81f54eda6da4fdfe07370553cac6b1fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 15:12:58 GMT

GET
H2 200 ae32186b-4163-48fb-9e26-ae62701eb72c.png
no-cache.hubspot.com/cta/default/23609470/ 813 B
1 KB 265ms
263ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/23609470/ae32186b-4163-48fb-9e26-ae62701eb72c.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcaa9984b576d9dc419934c60554a069e50e124c589824ebd700d652863f4ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: S.yIe.NbkwDMqTYkfWmMuVXmpPi.WS7t
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: AMDBD7EGY1GHXSV4
x-amz-server-side-encryption: AES256
content-length: 813
x-amz-id-2: kzzoVH7WvdbUoPJjD5xJzEe+FNhQri7kmYCStj1vv9HGP8XUG0sdfVjeuJCn76cNpHp1gLEA8A7IPsR21Gko0Q==
last-modified: Tue, 26 Mar 2024 20:55:57 GMT
server: cloudflare
etag: "dd80e758130923e3af2988bc020d50ed"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEY5Us0dsoKjY1Voy%2FmoXhX7GR10H8jZL3uBYMKlRr%2BADcvob6MSdIiy5kJ%2F38hmX3VJS94yVViMITT2g%2Bhd2gvFlSGMfOA0Cjk%2F1l9J%2BJWPNOhRhwAITAMvOISgSqzqA1KV70UnkS5yM3e8D1gbKwGy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c9aea1a3832-FRA

GET
H2 200 d1cf6edb-b5f7-488f-bbcc-ca0507322f6f.png
no-cache.hubspot.com/cta/default/23609470/ 1 KB
2 KB 202ms
201ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/23609470/d1cf6edb-b5f7-488f-bbcc-ca0507322f6f.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac342580356415a11227ffbf5fbe63d840680b35a0f8aa88ff9ea1099b0c03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: 6Y95.J4cZn9SAjKXwISXQ5KJ7f47LbwP
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: AMDC8RPYJH0JR6EH
x-amz-server-side-encryption: AES256
content-length: 1168
x-amz-id-2: 343BRUREC6xQmlMQz20xTkMhWXYGaad3wXYhbDL39/dJJ0EqD5jZ0kyFR8VhMma88T7oDCNI1HiTvCyemW4Q7g==
last-modified: Mon, 05 Jun 2023 09:29:32 GMT
server: cloudflare
etag: "4245e08b2c1b120bd030ad93f07f0b5f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqdGm6YtUfXhlnFnc%2F8igRHblaklmSHmZw1a81L8WSyEEYeiplkjSt45DxJ9yV7Evpc1MEglFIh1A6AkxSN5NfkRcYXQQUcePOhU8C0v%2BOma8J%2Ba14LJI5G52VBcK6Bcu3OzL70OPTU2a3U7URqaOblQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c9aea213832-FRA

GET
H2 200 5ff9fcfdd78642f7515072cd_search-icon.svg
23609470.fs1.hubspotusercontent-na1.net/hubfs/23609470/raw_assets/public/Dnsfilter_March2023/images/ 786 B
911 B 276ms
260ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://23609470.fs1.hubspotusercontent-na1.net/hubfs/23609470/raw_assets/public/Dnsfilter_March2023/images/5ff9fcfdd78642f7515072cd_search-icon.svg
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs-fs/hub/23609470/hub_generated/template_assets/108980336810/1720462611730/Dnsfilter_March2023/child.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1eeb954035fe11ac9acfd7f30815bd26130711bf54cdf4823b93182673279b

Request headers

Referer: https://www.dnsfilter.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-114214304380,FD-109613750664,P-23609470,FLS-ALL
age: 1370475
x-amz-request-id: Q7WHNZGPSTN9S6F8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-114214304380,FD-109613750664,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"4c852103d1495ce4e30638c535bb4ec4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683194828154
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: seKtD0zJ2OiaNWudmtnKde60drdwoXFi
x-amz-cf-pop: AMS1-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-114214304380,FD-109613750664,P-23609470,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: OjvhPJaf2v8w2rTev49I1asguuZtqSlNfH5NwnGWuoqOnlNN7veeRmDo7r2i3u7wYYBZtFqnURc=
last-modified: Thu, 04 May 2023 10:07:09 GMT
server: cloudflare
cf-ray: 8a7c9c9b0efb9220-FRA
timing-allow-origin: 23609470.fs1.hubspotusercontent-na1.net
x-amz-cf-id: GDkGIr_lYAF_fEXi73EBVNfsnMNm03lBLJe6rdj0BdZDdf7wfv5P2g==

GET
H3 200 634fed5757515cc52f0e15c7_white_gray%20bg.png
www.dnsfilter.com/hubfs/ 4 KB
5 KB 97ms
96ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsfilter.com/hubfs/634fed5757515cc52f0e15c7_white_gray%20bg.png

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4012639a4d08ea2431b81a1464d1a3f5695d204f9e7c794adee3291252166b52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109616921415,P-23609470,FLS-ALL
age: 235923
x-amz-request-id: 67JPQFKD9X4ED7X6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109616921415,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="634fed5757515cc52f0e15c7_white_gray%20bg.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "472b6ec1b92c291daa6c53cb3ddef4e5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680689106946
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SqW3HZoleyuzLiEJkKPX3rDrc9vjadTI
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=38212
x-cache: RefreshHit from cloudfront
cache-tag: F-109616921415,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 3798
x-amz-id-2: StCc17ozxjsI2OAqV7gE2wOt9WXdvIEVQ3Mw9HxywR+8HlSvkCI37kLkGdJ9J+0VE/qpbObzHsU=
last-modified: Wed, 05 Apr 2023 10:05:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzCzL7cxfdzxxJJIM7iz%2F01bdr%2Fy7kfpuSjOmsGpHpn%2F4am2WSrIchAldrjb3tEL91oQaIpVOyJCI88OQi4pF3PCPYJRjueq2lTLdqp5W1NGgiQCz9rW37mJu7PteP%2BltxnR"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9c9aed024516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 3z-xH1BLVQpwl-QgpiuYj7ctjmtbGy_Ivfl5agzsnmSur-nba5g45w==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 230ms
37ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:09:13 GMT
x-content-type-options: nosniff
age: 65025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jul 2025 21:09:13 GMT

GET
H3 200 700.woff2
www.dnsfilter.com/_hcms/googlefonts/Montserrat/ 39 KB
40 KB 924ms
923ms Font
font/woff2 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/_hcms/googlefonts/Montserrat/700.woff2

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

386b2dc12c3d1183b4e665d5e90b94e5fd839c21ddbc93c30f44cbeb4b043bf5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 06 Aug 2024 15:12:58 GMT
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 f1e707a645d1b585e3b6fc5ef39d2e56.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: RD5Y8JYES4W49FVF
x-amz-server-side-encryption: AES256
x-amz-version-id: IL4ePcMpxqgDS80lpsgS0ovMkM43vXQH
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 40208
x-amz-id-2: ZgQ7eR95AK6jpAfHBKWMijQF3d8vGStw2VPmi4rtIwuaF8MHpttTiQmFUmCmoiogru+VG3e5WQ0=
last-modified: Wed, 29 Nov 2023 19:40:49 GMT
server: cloudflare
etag: "dd1fe235dae5276b6cf4d3b2abb5ccb7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9mBw7c7HdyzaoXq2ZrxiSh8pKNtPiA6kZWwh7jYfbxDu1%2FYyJC8PjL4iBEBGX5XNtpx55O9Xszs4QT0AtKThChvu282qRFMLcB5CSBPsC2aJ38nUKssAA1bRzgqAuX3DWcu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a7c9c9b0d5f4516-TXL
x-amz-cf-id: HlgVF3QTVyJ_z_PiTRfNv_0bp12ypfoa635FCDg5e2WH7Q_kW-0VnQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 regular.woff2
www.dnsfilter.com/_hcms/googlefonts/Inter/ 95 KB
96 KB 127ms
126ms Font
font/woff2 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/_hcms/googlefonts/Inter/regular.woff2

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79ab82e5909071c56baad1b43348ca00a1a53970967f812638c10a449e73bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 06 Aug 2024 15:12:58 GMT
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 88fd4dc311317996718ed4ed98e5cbda.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA60-P7
x-amz-request-id: SY71Q2MG4RBSMS3P
x-amz-server-side-encryption: AES256
x-amz-version-id: qrsMrhnoTlde3usLIZ.UY8HFA4LcA41Z
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 97324
x-amz-id-2: Bb/NjSFnUFJUQl3xesNb25iMMl7JwRXV4uUxb0CzCXnHS49SrtAcMvnP8P8oltisMUMYthHeQUQYyOhghOTQR/+3z9JFrNN7
last-modified: Sat, 06 Jul 2024 14:03:03 GMT
server: cloudflare
etag: "707b265a9518d559e199cc66c84ae791"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6i5OoAOCIK0wetQRZoGaiqO2ZQOKeoc2k1ln6PMKKcVEQxp95Z7PUdBb6nsMMdtMEH3bag26rys85QHhEUftNtn0I0xosKY491FV7peivDrkUC7Wio2cQ7%2FJUiXl68PvdfNf"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a7c9c9b0d644516-TXL
x-amz-cf-id: YTQa0n4IT0Ywv4pj6R1qaYnA2RvDbtscZoQFyT-aI5WRgOw7lRGHRg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 regular.woff2
www.dnsfilter.com/_hcms/googlefonts/Montserrat/ 39 KB
40 KB 888ms
887ms Font
font/woff2 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/_hcms/googlefonts/Montserrat/regular.woff2

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca725ff5868dd217cbeddea844518a637e23559ca5a3f57287a20e8a34d76b8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 06 Aug 2024 15:12:58 GMT
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 e464e3198927238582342df50c58a9a6.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: 8Q69NXSV0D1B2K3A
x-amz-server-side-encryption: AES256
x-amz-version-id: Ju9HhmgWsxdqzo2ei9AioIS5RPk8bTSv
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 39628
x-amz-id-2: KCfT/h7rXQXBFpXm8LIIbYrH3jKWlfccsrc944skkdI+VUZlJc5RATCo/oa7Tg4KEXZWLXb8mOLbYdz799Jubxlm7gc3vWYD
last-modified: Wed, 29 Nov 2023 19:40:41 GMT
server: cloudflare
etag: "da5f91039dafa3ef845164c1a163a26f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79F8BdAQl01T9EpRvu0D8ebf3Zv1xZVYd%2BIdZMT5gYS9KUhh%2FIkyg0%2FosKI3BbM5NzpkAKBTBOSLcpqv15%2FXsu02fKx7a2psFe8IvDLJ%2BLJ8DcwJzQrVJ3EKirO7yt6UR1og"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a7c9c9b0d674516-TXL
x-amz-cf-id: WI6t-g7MnqJRekZZwyA0BcsNGdAH_L4332J900T-AjYDiIWNvE5lEw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 700.woff2
www.dnsfilter.com/_hcms/googlefonts/Inter/ 104 KB
105 KB 185ms
184ms Font
font/woff2 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/_hcms/googlefonts/Inter/700.woff2

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e11c5e343207d11c5d88db4a5e6ed9d1bec922ff9a3b40b8631fdef84b6a969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 06 Aug 2024 15:12:58 GMT
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 a4e96ecf509fcfc9f68ca161fa7a61e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: DUB56-P2
x-amz-request-id: ZB6FVS69TJNQ8JYV
x-amz-server-side-encryption: AES256
x-amz-version-id: QDfhk1JeGPTpLZLZiEq_CUtXf9Gfn8JD
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 106168
x-amz-id-2: hX+K3nTqzM4xXRBbq95+G6AniohMp2xE3l1uiaOayOuhNrW9lQ7h02FJy5BwZVYDcS6YqdWnems=
last-modified: Sat, 06 Jul 2024 14:03:01 GMT
server: cloudflare
etag: "eff90385be9d3cfd841608f3446045a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nj%2B23uU2GHderaSnWMVHgmU%2F7YNwSoFO16BkAiZmk3Yd0g6EFqExExrwHd6ELLCqPzID0iukuy7Wp%2BqT%2BAMzYcoLZpR5ZekoKq5NT9QRPH8ebgtSa49HFmuh79oxOb7Oxsh2"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a7c9c9b0d6b4516-TXL
x-amz-cf-id: GuH1iqLtLOhMfKdTRAM-gX3fnt3IoPOwVrYXz3yzt1AGVJo9kFu8XQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 status.json Show response
pp1lkj6mpx59.statuspage.io/api/v2/ 232 B
1 KB 417ms
202ms XHR
application/json 108.138.7.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pp1lkj6mpx59.statuspage.io/api/v2/status.json

Requested by

Host: cdn.statuspage.io
URL: https://cdn.statuspage.io/se-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-72.fra56.r.cloudfront.net

Software

AtlassianEdge /

Resource Hash

2d09ee289a39c09f808ee38c5a13f94bd3ca938fea16eed0e98d014fb06c8ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=259200
x-content-type-options: nosniff
nel: {"failure_fraction": 0.001, "include_subdomains": true, "max_age": 600, "report_to": "endpoint-1"}
x-permitted-cross-domain-policies: none
atl-traceid: 992f6bf6a3dc45cc9a8eab9e62595895
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-statuspage-skip-logging: true
x-cache: Miss from cloudfront
x-statuspage-version: 821b2a7d1a543df8d51b1212abbb554182c2c3ea
content-length: 232
x-xss-protection: 1; mode=block
x-runtime: 0.047285
referrer-policy: strict-origin-when-cross-origin
server: AtlassianEdge
etag: W/"2d09ee289a39c09f808ee38c5a13f94b"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints": [{"url": "https://dz8aopenkvv6s.cloudfront.net"}], "group": "endpoint-1", "include_subdomains": true, "max_age": 600}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3, public
accept-ranges: bytes
x-amz-cf-id: Bkq37WhSemvP7syu9WGXACutz5o59lBO4VYTuZ4BMbZ68AVCF6JArQ==
x-pollinator-metadata-service: status-page-web-pages

GET
H2 200 analytics.min.js Show response
s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/ 103 KB
29 KB 939ms
775ms Script
text/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3992fb94fa3c705d5ac930446b2af285af96e59de78d602799b4e940317cf88

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 f781469e78b7a441c6f692b1629e1518.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: xtOUpm23DX0YtSH.gvfXjOIg98JY3Rn6
x-amz-cf-pop: LHR50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 30 May 2024 23:44:16 GMT
server: cloudflare
etag: W/"92e52c6244831168a6d9a6b9a4beb0b5"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skedthGtjv2csvXHfLJp0AKcQQfJBjPfcE6LVGXvfNNe9WoWGis4XF5KaoCHj0Vj6bLceJm7NcCW2%2BGrrKhz4TkOtWVd%2FsKBi5hybR9u2nWgtR2p6x37%2BKnm%2B%2FnlEAYDwXy%2FwEppjGYLNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=5356800
access-control-max-age: 3000
cf-ray: 8a7c9c9c997e367f-FRA
x-amz-cf-id: xIKoYaVmylYYtlJkVvlwc7elkD_sMUtqwwR_O0twSVpp2Ko3oP5ngQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
4 KB 147ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7224fc326ad38826d04ac6cbba2a17cc9c7337d1a918cca0d3f9456fdeee956f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 15:12:58 GMT
content-md5: fmhPyStXU5PnocxDgq10NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: fmOpiUwVr/Tr/lKw2Eu5eBGYaBrUZzGpy1M56i1ENMD4cIZh6YekvYifoz9smBIGtUmLp6J/HZtnn3mjp4q69A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6a6291ca7c41bc9ff93dde745065109a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "00d46e2bdd43d03bd1a9a4738b80354d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 Jul 2024 15:24:31 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 199ms
42ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 15:12:58 GMT
Content-Encoding: gzip
Age: 498
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67F3)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
652 B 215ms
198ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=23609470

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/hsstatic/HubspotToolsMenu/static-1.349/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b8933f2b-a97d-4c28-9b0b-b9f25e3430e0
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8a7c9c9c9ca93832&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: b8933f2b-a97d-4c28-9b0b-b9f25e3430e0
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-n579v
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8a7c9c9c9ca93832-FRA

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 7 KB
3 KB 197ms
186ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageId=173633154213&pid=23609470&sv=cta-embed-js-static-1.302&rdy=1&cos=1&df=t&pg=ae32186b-4163-48fb-9e26-ae62701eb72c&pg=d1cf6edb-b5f7-488f-bbcc-ca0507322f6f&pg=ae32186b-4163-48fb-9e26-ae62701eb72c&pg=d1cf6edb-b5f7-488f-bbcc-ca0507322f6f

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c84795f9d49b879d1840ac4b6c966965aee4ba3dcdf21834679938781629441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1001a3e5-2f1e-496e-b85c-dc806252d7ee
x-envoy-upstream-service-time: 23
content-length: 1923
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1001a3e5-2f1e-496e-b85c-dc806252d7ee
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-24kf4
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xr2wS6glwNL6gs1lYh%2FVDXoTJeGnPvWh1Mpm5YrJw3FqSzvIZtAe8lVYGoH9xx2njSioL%2FJlmD7PoFKhCVpx5G%2BVKng1EdkU23O9hesYzM6ElCxVKO1KcC7IB0XJXcY87yJQArpx9Jl1qSnaiSDYEM57U%2Bx8SmWsCAw%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a7c9c9cfd433832-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
109 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MMR27NNV7M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a136e77a084a4c6b74e6ca680fb670a909c0609dc5f343825aacac12fdf0b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 15:12:58 GMT

GET
H2 200 hotjar-716477.js Show response
static.hotjar.com/c/ 9 KB
4 KB 195ms
45ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-716477.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

1b95229981f8970f06a72dcaf0ec40bb9fafd6662cacf1e5b5588a45554606f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 15:12:19 GMT
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 39
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/0a237c8a65d70f059b81328e8b6e27a4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 2REw8LxpyxRzEpbTp_uNTonCTXP3uHDMD8xL0_7Yd7fnvdYvVM425A==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-863109926&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dedc947610c7ea80ed90f42d85f560591b748af1d07a8112baafda185ca4add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 15:12:58 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 232ms
68ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 23 Jul 2024 15:12:58 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A530ED8A7D624FDBA0FED19EB5488482 Ref B: FRA31EDGE0506 Ref C: 2024-07-23T15:12:58Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 184ms
45ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 292ms
148ms Script
application/javascript 2a02:26f0:7100::1720:ee18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ee18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=76213
accept-ranges: bytes
content-length: 14011

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
58 KB 47ms
43ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 15:12:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=20, mss=1297, tbw=6598, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: gPclP18Mmh2O98avAF7oTbJ30b3307GyulMsOhwA8Zvyz4f4F2L8UAC1kR2hrVgC0yUp/nt1xBPEl/zWkJa/hA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5128.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 261ms
124ms Script
text/javascript 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/5128.js?p=https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains&e=

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ba3d82bd7d73a87d2b6e9c71e53955b8325d42068ad5fbf9d3023aa31e9564

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 8a7c9c9e891d975b-FRA

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
18 KB 176ms
40ms Script
application/javascript 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4dba9e54570483a0624219ec53864f468c9cbdf4f9c1f23821e539de7cb0c9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 19:23:12 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "669182a0-10e5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, proxy-revalidate, max-age=1800
accept-ranges: bytes
content-length: 18671
expires: Tue, 23 Jul 2024 15:42:58 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 178ms
42ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220029-FRA

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 530ms
49ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

eb071f3429c047426154145f7ad18ce941c38bf886d1d6d0834196150f1eb13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 18 Jul 2024 21:29:37 GMT
server: ECS (frb/67D4)
age: 64652
etag: "30aae9759d9da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 23609470.js Show response
js.hs-scripts.com/ 2 KB
1 KB 547ms
412ms Script
application/javascript 2606:4700::6810:8cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/23609470.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b88cf48f08a5576f922d6234e5416c1a7463f92b813a7e9e9f2870242fdf90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7771ecca-2dd5-41fb-b5a8-35f689fa571f
x-envoy-upstream-service-time: 235
content-length: 638
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7771ecca-2dd5-41fb-b5a8-35f689fa571f
last-modified: Tue, 23 Jul 2024 15:09:30 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-8npl2
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8a7c9c9e8ef5927d-FRA
expires: Tue, 23 Jul 2024 15:14:28 GMT

GET
H/1.1 200
OK AF0i3f9L.js Show response
a.burly.io/ 62 KB
19 KB 561ms
250ms Script
text/javascript 54.208.90.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.burly.io/AF0i3f9L.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.208.90.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-90-167.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a899a5f069997ad1b4d655a5d6909001fa85247dd9aff2f243770bb9ca63dd1b

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 15:12:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Dec 2023 17:21:24 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=43200
Connection: keep-alive
Expires: Wed, 24 Jul 2024 03:12:59 GMT

GET
H/1.1

200
OK

index.php Show response
chat-application.com/frontend/web/
Redirect Chain

https://chat-application.com/embed/index.php?tracker_id=21938257
https://chat-application.com/frontend/web/index.php?r=api%2Fload-js&tracker_id=21938257

663 B
624 B

164ms
163ms

Script
text/html

3.215.34.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://chat-application.com/frontend/web/index.php?r=api%2Fload-js&tracker_id=21938257
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: HTTP/1.1
Server: 3.215.34.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-34-116.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e8bd78fb3f6b354e9648a0dc43b4385fd3778336bf87b69bd9bc9c7bd3fc276d

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 15:12:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Tue, 23 Jul 2024 15:12:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://chat-application.com/frontend/web/index.php?r=api%2Fload-js&tracker_id=21938257
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 299 KB
86 KB 89ms
45ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=951ce5422d5f295444660a033011d8ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

bff18d03d481562425a6f802dbf823bb562176c526d839d70892d43722e72908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 15:12:58 GMT
content-md5: kOVdxOAfm8KFy43SfdxM0Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87613
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4315, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: H8t3Y9Aa30aNDqo0VsHybdS3A7Q4a85DV2Nun5y5O8jlDBlD8b5dV1S6ntjaeNuP3ch2JP5YzLAkbn0BXdmtKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c2442f1c0a9d24331abd92cd78ffce08
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5be20883322d8828100e4c93966452bf"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Jul 2025 12:07:33 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23609470/ 95 KB
28 KB 494ms
361ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23609470/banner.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/scriptloader/23609470.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8cceb31dd630220be3f37b73eeb1fdc1e5f1092fba750a849501b669ce34d2f

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
x-amz-version-id: AIHpV2aYOKJc3XUnrCWCOkYWL8OLVWtY
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 2FQ29CCZ7E9E3DWA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3e6ae5e9-40b7-4bb9-849b-513346c423eb
x-envoy-upstream-service-time: 45
x-amz-id-2: Jz17kNirK38XTqNIz3n4lEkoXO1ek5lMfn0HDE76w3nFSEUZUqy63+XtgJqgPAwcY0c9dLcOx9GunsBP+kZ42W7Wghr+GcVwHtZh533TPNs=
x-evy-trace-listener: listener_https
x-request-id: 3e6ae5e9-40b7-4bb9-849b-513346c423eb
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 16 Jul 2024 22:16:57 GMT
server: cloudflare
etag: W/"2560887590e736a95911189361dc0988"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-762px
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a7c9c9fae7e1c36-FRA
expires: Tue, 23 Jul 2024 15:17:59 GMT

GET
H2 200 23609470.js Show response
js.hs-analytics.net/analytics/1721747400000/ 68 KB
24 KB 314ms
193ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1721747400000/23609470.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/scriptloader/23609470.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289ee97aac1bd18098b2c8e74c001fe7b994d5626019ec89da6e563c629b74e3

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: AMD364XYAE88A8C2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3d458872-3faa-4e61-a0be-5eecd129192e
x-envoy-upstream-service-time: 26
x-amz-id-2: CiEKWkP+tFuNJGwU7vAMu1Whgz5joZpWNGNGrVUaOYFiG+eCGGlWVk/LwDR/WqJ6oadEVJD6tEM=
x-evy-trace-listener: listener_https
x-request-id: 3d458872-3faa-4e61-a0be-5eecd129192e
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 22 Jul 2024 16:11:10 GMT
server: cloudflare
etag: W/"82f6498844266c7695c7b3b991e03b22"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-gtkxs
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8a7c9c9fcb8765a5-FRA
expires: Tue, 23 Jul 2024 15:17:58 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 189ms
76ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/scriptloader/23609470.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afd88bfe20bd2c5fe7172d4ded544c87091baa2a1192d1d8a123019f59e545db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 402
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1261/bundles/project.js&cfRay=8a7c92c8ef018c52-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"e0ec4a917baf483196c0e80923677d90"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1261/bundles/project.js
date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: mYHtjhRClJKGNULtQP__evmLaGD3jgJF
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: ff2ddffc-c6d6-4a22-9075-3493c6ce0ce5
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: ff2ddffc-c6d6-4a22-9075-3493c6ce0ce5
last-modified: Mon, 22 Jul 2024 13:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uNGe9PGsH5WPCRkiipP57CMp7UO1ZzA%2FsndlusJCmxJgJCPVb%2FBoUiuDiEk2v4lI72ShoMZn9i8p8E5nLYSykTwZsUmEZfx0%2FeEmxpWjIwbhHV6sxbczge5I47flumvuHjfM6pTCAgZNJjS"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-kt4hg
cf-ray: 8a7c9c9fca2d1e57-FRA
x-amz-cf-id: TFFF-smarmAE0FkA1xU9xj-Sbxr50kc9A4Xa0Qlv3O_7-XsPrJ6IKg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 250ms
66ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/scriptloader/23609470.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
x-amz-version-id: kl1dxvjzkssE.fV_O4PhpuAJA5n_6jGg
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 436
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.571/bundles/pixels-release.js&cfRay=8a7c91f5bc728f41-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a4b7c758-75a0-4020-8c4c-92f784c82389
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a4b7c758-75a0-4020-8c4c-92f784c82389
last-modified: Fri, 19 Jul 2024 20:16:33 UTC
server: cloudflare
etag: W/"5d8f21e5e9508f10da257acb3360bbbd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-5bdqs
cf-ray: 8a7c9ca07dc14dbb-FRA
x-amz-cf-id: i3Wvg9mNJgBn7X83-FuCtweqUMm4JOFmtiv7S09xhrg0ICaK03BdXA==
x-hs-target-asset: adsscriptloaderstatic/static-1.571/bundles/pixels-release.js

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 1BC8 0
0 173ms
43ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.dnsfilter.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10408336
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Jul 2024 15:12:58 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 cta-loaded.js Show response
www.dnsfilter.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 428ms
427ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=23609470&pg=d1cf6edb-b5f7-488f-bbcc-ca0507322f6f&lt=1721747578038&dt=1721747578039&at=1721747578565&sl=1&an=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bb297eda-a254-4134-9bc4-d07e0ecd4317
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bb297eda-a254-4134-9bc4-d07e0ecd4317
last-modified: Tue, 23 Jul 2024 15:12:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIXNjHjTqNvphTzLBZsRI2BVkrnLcsFL2TDzcFA0nVVuDmXvhMqE%2Fd5gMZmb9YaAwNBNNsUIWGTcAi9hJ%2BGoFoIT9SzIje5KYfuWDb1UfzNs9fCLg2hN3u2rgu0adbs5yRna"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-phcmr
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c9e2ccc4516-TXL
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
www.dnsfilter.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 229ms
229ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=23609470&pg=d1cf6edb-b5f7-488f-bbcc-ca0507322f6f&lt=1721747578038&dt=1721747578039&at=1721747578566&sl=1&an=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 09a14726-bd00-4144-b5f2-7c85bc075d8a
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 09a14726-bd00-4144-b5f2-7c85bc075d8a
last-modified: Tue, 23 Jul 2024 15:12:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pHKgpvnuYt4H9cyg5MNLX1mJTzk1hwhjhQuny1hj7Qp8vGhERRfkh7jEg50PAXVPlkMKnlHKshoDNHNFaSiCJzRXq3LNAXuMA4w2RCjOM2JnzfGoeWuKPsZv2pcfsrFkWw1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-7rvg4
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c9e2cd04516-TXL
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
www.dnsfilter.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 238ms
238ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=23609470&pg=ae32186b-4163-48fb-9e26-ae62701eb72c&lt=1721747578034&dt=1721747578039&at=1721747578567&sl=1&an=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e49f2986-632d-486b-8acc-ef2d656412e5
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e49f2986-632d-486b-8acc-ef2d656412e5
last-modified: Tue, 23 Jul 2024 15:12:58 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oApokk0UzUf4KvymcmK90x%2Fn%2B0Naz%2FtO4NFa16YgPMCwn7mFp6XIM9fhPPbskWXhZ%2B9VhAkWMkMBxu%2BwX4K2zYuXWf2yMQF3PKzuffxKPsgxP0GdpsBwdMCWYz330H%2FkqdtP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-2n8kz
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 8a7c9c9e3cdc4516-TXL
x-robots-tag: noindex, follow

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
895 B 394ms
230ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5477213b-334b-4329-b99a-581f92a8bfec
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5477213b-334b-4329-b99a-581f92a8bfec
last-modified: Tue, 23 Jul 2024 15:12:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-njspp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a7c9ca08e97b623-WAW

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
928 B 236ms
202ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 632eed9f-4f35-4c5c-bd17-96c41cd76f89
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 632eed9f-4f35-4c5c-bd17-96c41cd76f89
last-modified: Tue, 23 Jul 2024 15:12:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a7c9ca08e92b623-WAW

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 148ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MMR27NNV7M&gtm=45je47h0v883152203z878440247za200zb78440247&_p=1721747578008&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2070210737.1721747579&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1721747578&sct=1&seg=0&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&dt=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2417&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MMR27NNV7M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dnsfilter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 163ms
54ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MMR27NNV7M&cid=2070210737.1721747579&gtm=45je47h0v883152203z878440247za200zb78440247&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MMR27NNV7M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dnsfilter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.gr/ads/ 42 B
408 B 206ms
81ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.gr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MMR27NNV7M&cid=2070210737.1721747579&gtm=45je47h0v883152203z878440247za200zb78440247&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=889086134

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 300641693796955 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 127ms
126ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/300641693796955?v=2.9.162&r=stable&domain=www.dnsfilter.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

b0a2c6d3fbde4d657e77b993c58401d2a54e9cefbf782d176cd77bf669460873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 15:12:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4313, tp=9, tpl=0, uplat=76, ullat=0
pragma: public
x-fb-debug: n2J9oZa3oeYm9nT/V3XBmNedrENlLfG9GiHIR/YKNItil79gLB212dxVt4IiPLxIVXfLqc0t9wHOHJ802L3o1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_3q8y68o7/ 3 B
124 B 182ms
63ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_3q8y68o7/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_3q8y68o7_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 171ms
75ms XHR
application/json 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_3q8y68o7_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 225ms
70ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1721747578910&id=t2_3q8y68o7&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8589e350-5b10-48cc-bbd9-400074519704&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
75 B 149ms
70ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1721747578916&id=t2_3q8y68o7&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8589e350-5b10-48cc-bbd9-400074519704&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
378 B 375ms
217ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cb77347b-9ff7-460d-90aa-fa0caec43eed&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cc2ae5c-44d7-4150-ace1-0b0b364ee3ac&tw_document_href=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2fdm&type=javascript&version=2.3.30

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 173
date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c542856cb3ac1d37
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ee58fed56eff2d1637b4b09f169da3bd60e7b122eeec3a9a9d4d9357b4eff2dd
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 366ms
228ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cb77347b-9ff7-460d-90aa-fa0caec43eed&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cc2ae5c-44d7-4150-ace1-0b0b364ee3ac&tw_document_href=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2fdm&type=javascript&version=2.3.30

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 191
date: Tue, 23 Jul 2024 15:12:58 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d3e46505e7634f4e
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 775de53eb6a8603e92498a7979e6fb1881b7b30082b652ad55f81f9c8c15be85
content-length: 43

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 176ms
48ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-716477.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19912
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Cg1paBytz3kD4UCrjS9rbBhxs2wxXdOQKv5l2LeGesk8SVVveMdt9w==

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 48ms
46ms XHR
text/html 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-6-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.dnsfilter.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
313 B 186ms
44ms XHR
text/html 2a02:26f0:480:22::1726:62ed
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62ed Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d83f73562c5fedb0c3086617e16fd47c91832f0de8d01fcc638dc2ed0c8bd978

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.dnsfilter.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:93::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1721747579085_389993773_89063635_29_1469_48_55_219";dur=1
content-length: 20
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 137ms
124ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A12%3A58%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&v=1.1.22

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 129ms
125ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2023%20Jul%202024%2015%3A12%3A58%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ddae39997fdea351f85db5722bb1ed46%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2023%20Jul%202024%2015%3A12%3A58%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2023%20Jul%202024%2015%3A12%3A58%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&v=1.1.22

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H2 200 56231424.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 74ms
65ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56231424.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b90539f2d26001d43f620bf3b480d5b260d28078afa5da9880e7614d7b04059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 23 Jul 2024 15:12:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C262F298A0D4F6DA515C3AEB055F418 Ref B: FRA31EDGE0506 Ref C: 2024-07-23T15:12:59Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 177ms
166ms Ping
text/html 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5128.js?p=https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9DjcpBRAypvdkiUh

Response headers

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
440 B 640ms
468ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 33D6D8C78B7744F0B6BEBC59C79704FC Ref B: FRAEDGE1305 Ref C: 2024-07-23T15:12:59Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.dnsfilter.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYd65jf4dC43hotnH4ZnA==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
819 B 650ms
467ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EFC7BF36C5624D5BBB010C4F5F6DA30E Ref B: DUS30EDGE0421 Ref C: 2024-07-23T15:12:59Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYd65jcRJ+0d+9F9Zyk+Q==
x-fs-uuid: 00061deb98dc449fb477ef45f59ca4f9

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2&e_ipv6=AQJUyG5mhC9GKAAAAZDgJyLQmJ_7...

0
265 B

280ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2&e_ipv6=AQJUyG5mhC9GKAAAAZDgJyLQmJ_7niZ2kHcql17wZPpEw0wKCNIqq0oqF2gXupb6s-QubE-L
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5DD53DD5323E40779CA950A8E28E186A Ref B: FRAEDGE1205 Ref C: 2024-07-23T15:12:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYd65jkYgOBRTaEKfjdPA==

Redirect headers

date: Tue, 23 Jul 2024 15:12:59 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FF2A4507D3DF43B8AE3C0B40BE50DE6F Ref B: FRAEDGE1305 Ref C: 2024-07-23T15:12:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=478386&time=1721747579083&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&tm=gtmv2&e_ipv6=AQJUyG5mhC9GKAAAAZDgJyLQmJ_7niZ2kHcql17wZPpEw0wKCNIqq0oqF2gXupb6s-QubE-L
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYd65jf5mfIPj324aHvGw==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 185ms
179ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=23609470&currentUrl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&contentId=173633154213

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 13799056-2a6e-4585-b4de-a40399c4afef
content-encoding: br
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 13799056-2a6e-4585-b4de-a40399c4afef
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKw6Df%2F7uI8gz7gDMfCWU3pps8%2BapT0HriDADmPlyFImbdtF3GaEzrSAP5icI%2FGYK%2FGPpEOsKvSahY2SuWXBRtWkORG5Q0b34KtheN7Ht3%2Bc0dL1opGpDWo%2BV83aM21nP9jjOoZikicyc6MrjsQppRmoaMq8NLl0Gq4%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8a7c9ca19d3a1e57-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-jxrsm

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 149ms
52ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=300641693796955&ev=PageView&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&rl=&if=false&ts=1721747579142&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1721747579135.896668225756116026&cs_est=true&ler=empty&cdl=API_unavailable&it=1721747578824&coo=false&rqm=GET

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 23 Jul 2024 15:12:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 285ms
188ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=300641693796955&ev=PageView&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&rl=&if=false&ts=1721747579142&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1721747579135.896668225756116026&cs_est=true&ler=empty&cdl=API_unavailable&it=1721747578824&coo=false&rqm=FGET

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Tue, 23 Jul 2024 15:12:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394849545584340668", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1297, tbw=3135, tp=-1, tpl=-1, uplat=144, ullat=0
pragma: no-cache
x-fb-debug: +Nme1zCcrAp82HnJOHw+ryQjQkroz41oKqTv71YJfmbsuL2RoLQahgBuYrkxDKwpFlnVje+Ubt98dmcMdUXEwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394849545584340668"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394849545584340668"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 135ms
132ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A93%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
328 B 56ms
42ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=80adbf5a4c7348bfcf39223228127506&_biz_l=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&_biz_t=1721747579221&_biz_i=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date&_biz_n=0&rnd=434727&cdn_o=a&_biz_z=1721747579228

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 19 Jul 2024 21:15:25 GMT
server: ECS (frb/67BA)
age: 323854
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 58ms
46ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=80adbf5a4c7348bfcf39223228127506&_biz_l=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&_biz_t=1721747579252&_biz_i=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date&rnd=926262&cdn_o=a&_biz_z=1721747579252

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 19 Jul 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 323852
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 settings Show response
s-site-cdn.dnsfilter.com/v1/projects/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/ 2 KB
2 KB 218ms
133ms Fetch
application/json 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/v1/projects/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/settings
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a24dbda068cd0c9738563b59c505de08c844da7f6e08565af42b3d0e1a3c01b

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 42a90eee92b9e5976aea125e8f9d2f9a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Us26u68daYGEwaVlwfht31IOgDVNCqtu
age: 8177
x-amz-cf-pop: LHR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 May 2023 14:05:47 GMT
server: cloudflare
etag: W/"372d2ce11ea343e59b62b7e564d79971"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnQkq%2BvN%2FdaLqQpICm38HKsrwoP%2FKPD6f6Lq83cKO50NHH2y4dvUJQXedAhAFkzOq6LhWqY2LgIzpDmwI6P31%2FrruU6fhfDotZksPfNdWr%2B71UUVZaA3s72CW1I1C%2FDC13OFGn%2BAS03oXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=10800
access-control-max-age: 3000
cf-ray: 8a7c9ca319c0194b-FRA
x-amz-cf-id: NPLRDMSxdcBpzA41J1j3OSK1FyzFCsDQMXjbTC1K4w2MWlvx5bpLRA==

GET
H2 200 56231424 Show response
www.clarity.ms/tag/uet/ 816 B
1 KB 789ms
493ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56231424
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56231424.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 68cb3e0e1feb8a7de1cb7351cebb592ad8925ae2f4a8aa79c5b415473003c64e

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Tue, 23 Jul 2024 15:13:00 GMT
x-azure-ref: 20240723T151259Z-17d8f75f7d7bp2s6uywawage6n000000077g000000000ark
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 816
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 204 0
bat.bing.com/action/ 0
286 B 68ms
64ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56231424&tm=gtm002&Ver=2&mid=859b9e09-73ee-4734-8079-ce695adcad5e&sid=0c0f8990490611efb4d14f996b224c3e&vid=0c0fc200490611efb7fc436f76bfa53d&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date&p=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&r=&lt=2027&evt=pageLoad&sv=1&cdb=ARoR&rn=658737

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jul 2024 15:12:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B37038C5B09421C9900BA3E25F53FE0 Ref B: FRA31EDGE0506 Ref C: 2024-07-23T15:12:59Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 179 B
1 KB 379ms
284ms XHR
application/json 2606:4700::6812:f46c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=23609470

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0be9baa95405eb8af6fe2c23bc4c81d9b07c0d62153bf5661178c042a92bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9b91b0b3-a838-4635-acc5-e79d8819e5c8
content-encoding: br
x-envoy-upstream-service-time: 108
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9b91b0b3-a838-4635-acc5-e79d8819e5c8
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-wmqb2
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntIy0NCCPizYGCemuWWdqk7Fy%2F5L1Q%2BuusdNS%2FBPWcWLY4v3FJQRqWClDiVKEHHcjTcp69gOf5jjaQ6ZkJLIdkGgoMWM4ACgxHrfj34eIZHh9kvxFbPOix4uOIdo8938xixLDeEzUxr4xnhO"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a7c9ca34b3fa043-FRA
access-control-allow-headers: *

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
552 B 56ms
50ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/23609470/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 13:44:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 15:12:59 GMT

POST
H2 204 view
js.hs-banner.com/v2/activity/ 0
0 207ms
205ms Fetch 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/v2/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/23609470/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-hubspot-correlation-id: e314247d-10e7-4e56-af7a-88c7dcc5d902
x-envoy-upstream-service-time: 56
x-evy-trace-route-configuration: listener_http/all, listener_https/all
x-evy-trace-listener: listener_http, listener_https
x-request-id: e314247d-10e7-4e56-af7a-88c7dcc5d902
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host: all, all
x-evy-trace-served-by-pod: iad02/private-hubapi-td/envoy-proxy-5f998ff6dc-cpbk6, iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-rslzw
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin: https://www.dnsfilter.com
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8a7c9ca44bfb1da6-FRA

OPTIONS
H2 200 view
js.hs-banner.com/v2/activity/ Frame 0
0 248ms
159ms Preflight
application/octet-stream 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dnsfilter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.dnsfilter.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8a7c9ca34a651da6-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 23 Jul 2024 15:12:59 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-zmwrp
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: bfc5ae06-d72e-485c-bb26-fe21510654d5
x-request-id: bfc5ae06-d72e-485c-bb26-fe21510654d5

GET
H/1.1 200
OK /
ls-af0i3f9l.a.burly.io/ Frame 7BAB 0
0 621ms
120ms Document
text/html 54.208.90.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ls-af0i3f9l.a.burly.io/
Requested by: Host: a.burly.io
URL: https://a.burly.io/AF0i3f9L.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.208.90.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-90-167.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Jul 2024 15:12:59 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
325 B 153ms
152ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=80adbf5a4c7348bfcf39223228127506&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.07.18

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

f6a02692e1c017b57bd8128a015c3f6779258e8292056bf5d0d2997318529ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (frb/6711)
etag: 1C280BE4
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 219

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
582 B 222ms
204ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 06d72a74-4839-4e02-980d-a072ba0f8b3a
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 06d72a74-4839-4e02-980d-a072ba0f8b3a
last-modified: Tue, 23 Jul 2024 15:12:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a7c9ca36ac2b623-WAW

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 64ms
51ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.dnsfilter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:56:39 GMT

GET
H2 204 716477 Show response
vc.hotjar.io/sessions/ 0
231 B 177ms
65ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/716477?s=0.25&r=0.08389727639832434
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 15:12:59 GMT
cache-control: no-store
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: wnmUu4GyLNikkR9cpYnWRq3Rrq3md9Jb3M5IxvtIdr8SP28OFTQjeQ==
x-cache: Miss from cloudfront

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 83 KB
27 KB 195ms
42ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: chat-application.com
URL: https://chat-application.com/embed/index.php?tracker_id=21938257
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9193c7924b14634841b4673ddcc3df72f6b8e149ff57fbc68abb0b4ce03c3d6b

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: MRX198Sy.RWfr8TN02nvY7_BNuJiKcqk
content-encoding: br
date: Tue, 23 Jul 2024 15:12:59 GMT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 26874
last-modified: Mon, 22 Jul 2024 10:11:17 GMT
server: AmazonS3
etag: W/"fba3f87de69decac9d1ca7b821b5ab34"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: 29vW7-TElSvXFCyMKDDkCiQcEiVYnaHBWsDihoMDkeQqIBTRA2x5nw==
expires: Tue, 23 Jul 2024 23:12:59 GMT

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
s-site-cdn.dnsfilter.com/analytics-next/bundles/ 9 KB
4 KB 72ms
71ms Script
application/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: t5.0B1aKR5Bj36KonBJ5kzKYiemG2xKc
age: 751306
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Jul 2024 22:08:15 GMT
server: cloudflare
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWU%2BpYF30WJvu9SJ6KoVMZl4BsB5gEoYFNoKiIIphhi145wj40jImJwlA1P4sGgjB4ee6jhlCkney6ljbsVsr9LLpO2T6mLX%2FG%2BB%2BuiD8VMRzsJCM72Fy%2F0faUJeUsbLCxAf3uSDszjoTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
access-control-max-age: 3000
cf-ray: 8a7c9ca43ce5367f-FRA
x-amz-cf-id: tLlgpzLVrB9lcqA7kh-j6ckPVdGeb3AiJK4HrYXc7U87UZ5jPJlW-Q==

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
s-site-cdn.dnsfilter.com/analytics-next/bundles/ 2 KB
1 KB 71ms
70ms Script
application/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BX9HaUeMpLHWb9F7LJD8SNMTy.CPWu_u
age: 751306
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Jul 2024 22:08:15 GMT
server: cloudflare
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4O64x%2BGwzkxwHru4kB62zofBILbQer5CGOXXwj1E9vn6u0GWKBbb6HGOgfO4gFFcqlXOUT9CxDi%2BuWr0DcVvLOR2znZ7Yc4ut4Ai9H%2F23wckOwFBtaee8P%2BzieqjRJ7QhpNPXvmnEmgigw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
access-control-max-age: 3000
cf-ray: 8a7c9ca4bd90367f-FRA
x-amz-cf-id: hqDV_vS3kuxMs6ZfAviW0DHdXy2XWDDwNEfioc4nxyfqByyu5C1ZzQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 60ms
60ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-863109926

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e5ea6df4dd9a50728ecd0094680cb1951f7b6e4bba8ecea3025dfd6b818ab307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 63ms
62ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-863109926&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2CRDFD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c6f49122d9b1440819b7aeb2ce7dee6bd9a94b97c1599425dd7cef48f0f2b4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92841
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 15:12:59 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
0 0ms
0ms Script
application/javascript 2a02:26f0:7100::1720:ee18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ee18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=76213
accept-ranges: bytes
content-length: 14011

GET
H2 200 mixpanel.dynamic.js.gz Show response
s-site-cdn.dnsfilter.com/next-integrations/integrations/mixpanel/3.2.1/ 8 KB
4 KB 84ms
83ms Script
application/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/next-integrations/integrations/mixpanel/3.2.1/mixpanel.dynamic.js.gz
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75bce8973450b6f9872cd0e0b14cdac748331748d262e1894bfbd822d998a3b9

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Bb6nOoNmpw67BBSjpIzFPCTOz57Gbehm
age: 751306
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3261
last-modified: Mon, 03 Jun 2024 14:40:13 GMT
server: cloudflare
etag: "baf0cbd3b18c3373d421818693d56c63"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0KeezJyRcwAyGYwdFksDBhDCmgiXQf2OWbXKDWSdz0d0hujWaR7S%2FuN0bXivF7pd%2BiZwHBeCnr8erk6GuGC35nQjqWUHqAgSRrYVEiTKF%2FqN9JfR1nzU%2FsA7WjZPUuCEa%2FRGzgWMbb1XA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8a7c9ca52e32367f-FRA
x-amz-cf-id: l5DKICQsVWtzK_J-3vpC3fJj8dREincR2ZgziWbBY8MI5NNZMn19nQ==

GET
H2 200 google-analytics.dynamic.js.gz Show response
s-site-cdn.dnsfilter.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 74ms
73ms Script
application/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EFE9lusc4JimpUbDBPawD3guBabh51Lw
age: 751306
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: cloudflare
etag: "6a3ed21f9b6777c0c37e6e248ea22387"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTmmSpBnA2wT0tKsaXtXas03YUQyClGPRB6O3X8jN41BinEcZRstUUQyZL83iRem2%2BmeT8e%2Byh%2FlbmLFxJYv3DbHrsylSZgpu43Q0WhyxIMcGPRIYkXfmLYci4QHRBJ1KCNqSfoU0sEEkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8a7c9ca52e35367f-FRA
x-amz-cf-id: 5sohm4HoZ92lI-n3MaYXvu3rG0VdHtcGJG1HK5qm1fZdwKmJBO70Tg==

POST
H2 200 p Show response
s-site-api.dnsfilter.com/v1/ 21 B
390 B 705ms
683ms Fetch
application/json 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s-site-api.dnsfilter.com/v1/p

Requested by

Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGuo7KAqhutf0zaJDM16n6N%2F1fbEw%2F4q3L2QYkKmydSEfnormIalWWJN6DDkFKECikFBSOzLRWIS9XlwGtAe7pB5zZu7E%2B%2BL3ZDo2AYAZhfQK5boyosy372IxfpVD%2FbHIezBf1oqqvtqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.dnsfilter.com
cf-ray: 8a7c9ca56d60194b-FRA
content-length: 21

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 1 KB
2 KB 707ms
569ms Script
application/javascript 23.53.42.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=6354551&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&channel_type=code&jsonp=__17bin591l

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.42.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-42-242.deploy.static.akamaitechnologies.com

Software

Resource Hash

7f3f8546b04748f6ab90f9a90e85d2673db1997dd4e1ba5dff2db6f3689f79ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains;
X-Frame-Options	allow-from https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains;
date: Tue, 23 Jul 2024 15:13:00 GMT
cross-origin-resource-policy: cross-origin
content-length: 1383
vary: Accept-Encoding
x-frame-options: allow-from https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
content-type: application/javascript; charset=UTF-8

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
s-site-cdn.dnsfilter.com/next-integrations/integrations/vendor/ 70 KB
22 KB 69ms
69ms Script
application/javascript 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-site-cdn.dnsfilter.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:59 GMT
content-encoding: gzip
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
age: 751306
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21911
last-modified: Mon, 03 Jun 2024 14:40:11 GMT
server: cloudflare
etag: "c467a63b2e7c3a99be423ace649014d8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbwgt2eI2XYS45whyypB8Alncj6FTMfFgIe3w1AwJ950skSrf0QgxzZRagCGJKK4uo6aFkfCKfGRD9GuV%2FX8Kuns5KZnWAYdFlANAn38P3GqFCnLLdIJh1g23pQpplZj%2Fb5v6G6zBZ97dA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
access-control-max-age: 3000
accept-ranges: bytes
cf-ray: 8a7c9ca5aee3367f-FRA
x-amz-cf-id: n6z81VouxY1zScsCR6wsJ7THW_nVO5fjzOgjB3L3ZawTllLhYx62Dg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 14:53:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 23 Jul 2024 16:53:22 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 137ms
40ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:12:37 GMT
content-encoding: gzip
age: 23
x-guploader-uploadid: ACJd0NpjRCT0HdrCwSAnkeZEZTDTP-p7GxGLevcnB_mGljEGGgn-pHtazno7LnAMiAB36s6fNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18820
last-modified: Fri, 21 Jun 2024 22:06:07 GMT
server: UploadServer
etag: "264255e7eaaa8cfa38c236557516b1d2"
vary: Accept-Encoding
x-goog-generation: 1719007567436070
x-goog-hash: crc32c=lF4D6Q==, md5=JkJV5+qqjPo4wjZVdRax0g==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18820
accept-ranges: bytes
expires: Tue, 23 Jul 2024 15:22:37 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 124ms
123ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A12%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A12%3A58%20GMT%22%2C%22timeSpent%22%3A%221006%22%2C%22totalTimeSpent%22%3A%221006%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 14:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 23 Jul 2024 15:41:27 GMT

POST
H2 200 i Show response
s-site-api.dnsfilter.com/v1/ 21 B
303 B 726ms
725ms Fetch
application/json 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s-site-api.dnsfilter.com/v1/i

Requested by

Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5J7Wt2dDy4VEWH1%2FMlZSIwTUBUtV%2BGXxMz9EhSZ1Plz3DEYufo4XVOs9JwIQHp26rfNA0AJfE1DJT0X5vHQHgTldWAIbhtdlHkN8UAPp3uJTkf%2BqJyYV6RNMHJGUve%2BzNX4HtrRQy8BBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.dnsfilter.com
cf-ray: 8a7c9ca7c9d7194b-FRA
content-length: 21

POST
H2 200 t Show response
s-site-api.dnsfilter.com/v1/ 21 B
298 B 681ms
680ms Fetch
application/json 104.26.2.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s-site-api.dnsfilter.com/v1/t

Requested by

Host: s-site-cdn.dnsfilter.com
URL: https://s-site-cdn.dnsfilter.com/analytics.js/v1/0eTIuyup9dIXJmaDgz2bMVdwP3FIRc6f/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WsU5gv3mfNUvlaCLL7p18Jg9yXH3LNs84oXhTZPTKDcq82N8T%2Fa6S84nQ2nAF94IwvXKMTMBx9nB6xlRtCbiGMm9nxnwH%2FWO2c1FHaY8oea2SYW7KqsQkjt1f3GOPdKqG%2BezWN515Nl4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.dnsfilter.com
cf-ray: 8a7c9ca7c9e6194b-FRA
content-length: 21

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 96ms
96ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56231424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
content-encoding: br
last-modified: Mon, 22 Jul 2024 18:04:22 GMT
etag: W/"0x8DCAA78B72A2AB6"
vary: Accept-Encoding
x-azure-ref: 20240723T151300Z-17d8f75f7d7bp2s6uywawage6n000000077g000000000arz
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 913f6fde-201e-0051-579e-dcb357000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
148 B 51ms
50ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1724059839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&dp=%2Fblog%2Fcrowdstrike-lookalike-domains&ul=de-de&de=UTF-8&dt=%2Fblog%2Fcrowdstrike-lookalike-domains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAACgCIAB~&jid=248474096&gjid=2060181776&cid=2070210737.1721747579&tid=UA-69841212-1&_gid=233388202.1721747580&_slc=1&z=900170158

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dnsfilter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 53ms
52ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-69841212-1&cid=2070210737.1721747579&jid=248474096&gjid=2060181776&_gid=233388202.1721747580&_u=aCDAgEAjAAAAAGgCIAD~&z=660905228

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jul 2024 15:13:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dnsfilter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1724059839&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&dp=%2Fblog%2Fcrowdstrike-lookalike-domains&ul=de-de&de=UTF-8&dt=%2Fblog%2Fcrowdstrike-lookalike-domains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20%2Fblog%2Fcrowdstrike-lookalike-domains%20Page&ev=0&_u=aCDAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=2070210737.1721747579&tid=UA-69841212-1&_gid=233388202.1721747580&z=1390959705

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 15:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85467
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1724059839&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&dp=%2Fblog%2Fcrowdstrike-lookalike-domains&ul=de-de&de=UTF-8&dt=%2Fblog%2Fcrowdstrike-lookalike-domains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=page%20viewed&ev=0&_u=aCDAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=2070210737.1721747579&tid=UA-69841212-1&_gid=233388202.1721747580&z=2040991991

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 15:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85467
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
281 B 776ms
509ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dnsfilter.com
Date: Tue, 23 Jul 2024 15:13:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 17 KB
5 KB 191ms
190ms Script
application/javascript 23.53.42.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=377e09fa-b893-4bb2-a428-43c93ead7192&version=4683.0.196.53006.5338.3212.1429.233.17.1105.13.8.1&group_id=421&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ded96d1d6e72da595bfd5661e122291088e36af01b3909df5099debb51898f0d

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 5052
expires: Tue, 23 Jul 2024 15:23:00 GMT

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 3419 0
0 314ms
183ms Document
text/html 23.53.42.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=6354551&group=421&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 744
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Jul 2024 15:13:00 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 199ms
199ms Script
application/javascript 23.53.42.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=377e09fa-b893-4bb2-a428-43c93ead7192&version=470b74842e9d45ce9f156d1d5a957bad_5f81e9f7569010fd5796173fa8115274&language=en&group_id=421&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fac1adbca286560df4870feb77f13b98d004a8ed3be10437f4e27f9300e49824

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 3972
expires: Tue, 23 Jul 2024 15:23:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 122ms
122ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A12%3A59%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222007%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Requested by

Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:01 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
281 B 131ms
130ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dnsfilter.com
Date: Tue, 23 Jul 2024 15:13:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 121ms
62ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.dnsfilter.com
URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:01 GMT
x-amz-version-id: PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 ab04d1b06bd0d3a30e653bbd207dbb64.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P6
age: 70615
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 08:13:46 GMT
server: cloudflare
etag: W/"b2877da906a3216c4f3fc4030b205e54"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8a7c9cb07ea72671-TXL
x-amz-cf-id: P-1c6Lq--J9gjkpwQGSpbnKHsz7LipoUXVYDuaPSQX-oCqPg6IKa3g==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
540 B 182ms
180ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=23609470&pi=173633154213&ct=blog-post&ccu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&cpi=173633154213&cgi=107420098604&lpi=173633154213&lvi=173633154213&lvc=en&pu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&t=Lookalike+Crowdstrike+Domains+Discovered+by+DNSFilter+to+Date&cts=1721747581453&vi=a565280ee5fbee4a2f1b328d863f5ff0&nc=true&u=205460111.a565280ee5fbee4a2f1b328d863f5ff0.1721747581449.1721747581449.1721747581449.1&b=205460111.1.1721747581449&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 56a5c1e9-8e65-41a1-aa68-bc4ca7f876bb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 56a5c1e9-8e65-41a1-aa68-bc4ca7f876bb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90eYzgXbXZvJsbnOAYdupvnl7nwMORLWWmh5OTbnbi6Og2R02zncUdhaFUDJIJvbwg0iX57JU6MMteB8sgyyw77v7caPSEaqwVekpMDY3LrbHN7qcOyuRl%2FbUJjj4ow%2FygY3A1X%2FJkwlS%2FbaHsKm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-cztsk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a7c9cb04d6b3832-FRA
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
582 B 193ms
192ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd7c9705-4629-421d-9534-e639fa5a0527
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd7c9705-4629-421d-9534-e639fa5a0527
last-modified: Tue, 23 Jul 2024 15:13:01 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-zwlt9
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8a7c9cb04d3ab623-WAW

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
565 B 193ms
192ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22d1cf6edb-b5f7-488f-bbcc-ca0507322f6f%22%2C%224e4525ea-ee2e-4c08-a168-ffa91e3c5152%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=23609470&pi=173633154213&ct=blog-post&ccu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&cpi=173633154213&cgi=107420098604&lpi=173633154213&lvi=173633154213&lvc=en&pu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&t=Lookalike+Crowdstrike+Domains+Discovered+by+DNSFilter+to+Date&cts=1721747581456&vi=a565280ee5fbee4a2f1b328d863f5ff0&nc=true&u=205460111.a565280ee5fbee4a2f1b328d863f5ff0.1721747581449.1721747581449.1721747581449.1&b=205460111.1.1721747581449&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2f7a2451-1aae-4584-87e1-7562b99a682e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2f7a2451-1aae-4584-87e1-7562b99a682e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkAxY33LeSuXCoi95Kg5icpncZjaNhlkaTq307If49JJjiI6Et%2FrvFji0F5%2B0LemLxSG5Sbre%2BUDMkZjWWnnG6%2BnBXcqYGx4pTeAUHErwKUhhsGKx91ZkO%2FD2oBQCPEQjPxm5bp3rNV6u06li3wL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-npjwb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a7c9cb04d6e3832-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
456 B 184ms
184ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22ae32186b-4163-48fb-9e26-ae62701eb72c%22%2C%22bc65acb4-9003-4aad-abff-a6d336b503b3%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=23609470&pi=173633154213&ct=blog-post&ccu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&cpi=173633154213&cgi=107420098604&lpi=173633154213&lvi=173633154213&lvc=en&pu=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&t=Lookalike+Crowdstrike+Domains+Discovered+by+DNSFilter+to+Date&cts=1721747581456&vi=a565280ee5fbee4a2f1b328d863f5ff0&nc=true&u=205460111.a565280ee5fbee4a2f1b328d863f5ff0.1721747581449.1721747581449.1721747581449.1&b=205460111.1.1721747581449&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d6c7eb6c-2e72-46a7-8781-3179b88b9dec
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d6c7eb6c-2e72-46a7-8781-3179b88b9dec
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYaT%2Fc55HesFeil%2BsWojCprSxW45LFEHzoHR4cJS46fIX8rnvsSilXaC%2BEWxuIlmXiHK8fkmtqwvhP2CxRlOrfm8WWxXaSJkgEPF2I7EZx0%2Feil1p8uCctwWLMj%2B5W6DSlQcAhJTp2ary2iVAQ8v"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-pkwbj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8a7c9cb04d753832-FRA
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&RedC=c.clarity.ms&MXFR=03FAF81534446BD313D0ECD030446536
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&MUID=15E81976D29A6FD216A80DB3D3116E30

42 B
464 B

62ms
62ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&MUID=15E81976D29A6FD216A80DB3D3116E30
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:01 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8A6B7CA6CBE434A9F314E470C7AB064 Ref B: FRA31EDGE0506 Ref C: 2024-07-23T15:13:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D16D5C506CDD409B9B8587D4CEAA1F59&MUID=15E81976D29A6FD216A80DB3D3116E30
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 642215cf4bf3fe49011dd0ca_dnsfilter-favicon.png
www.dnsfilter.com/hubfs/ 280 B
2 KB 131ms
130ms Other
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsfilter.com/hubfs/642215cf4bf3fe49011dd0ca_dnsfilter-favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce75b937f0da028f9b3d19c8ba8064167cf60d7175039a398d22e81895cd9ede

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-115052452452,P-23609470,FLS-ALL
age: 235924
x-amz-request-id: RPCTY756Z0W63GCE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-115052452452,P-23609470,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="642215cf4bf3fe49011dd0ca_dnsfilter-favicon.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f5b4b62a27ecb5728791137fb13da821"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1683741057962
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 23 Jul 2024 15:13:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 7a65f4d2ee5d57076ba751b6931848de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ecnEaBqGBvvVlkbr3cWf8I11nZM7Ayy4
x-amz-cf-pop: TXL50-P5
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=411
x-cache: RefreshHit from cloudfront
cache-tag: F-115052452452,P-23609470,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 280
x-amz-id-2: bHxoJZuR1LWVt0bUiTlEDqLhgS4TZI6ifVzB5F4Mpcu7QeJmTcwykfD7UYqRSU9beZqdhM4TSqw=
last-modified: Wed, 10 May 2023 17:50:59 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWdfrND3W%2BivvPNWDLDDCGG97jekwiVzunG7I%2Byy34OnTTdlYoiMRGid6ukTMgPsuzgjPe3a%2F2IrqFZXxFEFR75oETN5NQcM7nnr5AQbUBajCe4hH54rKeDi9dn8X8hdVTf0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8a7c9cb05abf4516-TXL
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 1Gfpqog3eu_p2JNj28h1wYJOZebT4J4DBZsAd7v6IyMGIVKgdWdd3g==

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 195 B
580 B 547ms
546ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 28134b6837e746bdb481f52df30339e5c9d7df71dfc4753298fa14937bca53df

Request headers

visited_url: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Authorization: Bearer f6e69739151680111464
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Jul 2024 15:13:02 GMT
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: VIE50-P1
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: bXxDyg89vHcEPLw=
server: cloudflare
etag: W/"c3-3n9U6SiWRbb1iMoEyYwU5h08bCc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
cf-ray: 8a7c9cb32ce9c3f6-WAW
x-amz-cf-id: -331NAxPS7W_pEL8cIRVBgh_AkBvOR5TGUJfsmnfHrAt8TEVU2LDvw==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 359ms
299ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.dnsfilter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin: https://www.dnsfilter.com
alt-svc: h3=":443"; ma=86400
apigw-requestid: bXxDshfAPHcEMnQ=
cf-cache-status: DYNAMIC
cf-ray: 8a7c9cb149e5c3f6-WAW
date: Tue, 23 Jul 2024 15:13:01 GMT
server: cloudflare
vary: Origin
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
x-amz-cf-id: R_ViYjJ0WOGspFDg11U4HhCzBQ32TnJjO90KRpFUo9vH_ro0DrtfMA==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 124ms
124ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A00%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223007%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:02 GMT

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 152ms
91ms Script
application/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:13:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1534
x-guploader-uploadid: AHxI1nPinxsBsHSq5cEhH1gsmfUUnquAd9a6ngq1MmCyYqo2kil1NjFcQiiIaxG2qshrEL1zlUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 8a7c9cb70fc7c3ad-WAW
expires: Tue, 23 Jul 2024 15:47:28 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/VfBmgKOgIfTnwceanRqw/ 3 KB
2 KB 312ms
257ms Fetch
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/VfBmgKOgIfTnwceanRqw/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cd5087cc3817223033979469416f78d191ab0bb8e2f8c5e16724840d01eac4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
_vtok: ODAuMjU1LjcuMTIy
_zitok: 70693a54fc2c07534dba1721747582
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/javascript

Response headers

date: Tue, 23 Jul 2024 15:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.dnsfilter.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8a7c9cb8bc00bf3b-WAW

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/VfBmgKOgIfTnwceanRqw/ Frame 0
0 272ms
200ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/VfBmgKOgIfTnwceanRqw/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.dnsfilter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.dnsfilter.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a7c9cb71a74c3bd-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 15:13:02 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 687 B
695 B 225ms
223ms Fetch
application/json 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ddf23927d70e04476ef3a8660065f3036cb3b7a93d2b3425bb5e2232ac15f005

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
Authorization: bearer e8ada7f053a53dc9b953e86ee9d3f2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Jul 2024 15:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"2af-h2PTJc4kLkkSxgV6rhHPRvRGkcQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dnsfilter.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 8a7c9cb94ce1bf3b-WAW

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 206ms
206ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.dnsfilter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.dnsfilter.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a7c9cb7fbaec3bd-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 15:13:02 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 124ms
123ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A02%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A01%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:03 GMT

GET
BLOB 200
OK 9639bf22-7629-4938-b1e0-e2c0cd44c612 Show response
https://www.dnsfilter.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dnsfilter.com/9639bf22-7629-4938-b1e0-e2c0cd44c612
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd5087cc3817223033979469416f78d191ab0bb8e2f8c5e16724840d01eac4d6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 3028
Content-Type: text/javascript

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
281 B 148ms
146ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.dnsfilter.com
Date: Tue, 23 Jul 2024 15:13:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 124ms
124ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A02%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:04 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:04 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 123ms
122ms Image
image/gif 2.16.6.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=ddae39997fdea351f85db5722bb1ed46&svisitor=null&visitor=aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5&session=03d100de-4858-4d64-8f78-4e8a93123179&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2023%20Jul%202024%2015%3A13%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226009%22%7D&isIframe=false&m=%7B%22description%22%3A%22DNSFilter%20has%20identified%20a%20number%20of%20lookalike%20domains%20related%20to%20the%20Crowdstrike%20outage.%20Here%20is%20the%20list.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Lookalike%20Crowdstrike%20Domains%20Discovered%20by%20DNSFilter%20to%20Date%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains&pageViewId=5b06fb88-9fb3-4237-8d50-987a7029d1f0&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A11&v=1.1.22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.6.6 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-6-6.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 15:13:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 23 Jul 2024 15:13:05 GMT

POST /
api-js.mixpanel.com/track/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-js.mixpanel.com
URL: https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1721747585069

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/377e09fa-b893-4bb2-a428-43c93ead7192/421/token	1970-01-21 07:51:47	Name: __lc_cid Value: 7249eef5-6566-4896-965e-4929a16b9c07
.accounts.livechatinc.com/v2/customer/377e09fa-b893-4bb2-a428-43c93ead7192/421/token	1970-01-21 07:51:47	Name: __lc_cst Value: f07e700d84c2c54a51039ed225a9172004c25871aa427eb6f1940e0354708571ed8384a4f58eaa5a054476d7b09db7d1034422b03691fd5c2bcab238062d
.accounts.livechatinc.com/licence/g6354551_421/	1970-01-21 07:51:47	Name: __lc_cid Value: 7249eef5-6566-4896-965e-4929a16b9c07
.accounts.livechatinc.com/licence/g6354551_421/	1970-01-21 07:51:47	Name: __lc_cst Value: f07e700d84c2c54a51039ed225a9172004c25871aa427eb6f1940e0354708571ed8384a4f58eaa5a054476d7b09db7d1034422b03691fd5c2bcab238062d
.www.dnsfilter.com/	1970-01-20 22:15:49	Name: __cf_bm Value: 0mg2uIp3xEDa0dxL4VJpKJ0tmV7J95lHejoUMjY7hdM-1721747577-1.0.1.1-w6UKUnCUJqs1rBk_dNSmD57RX99n.SoSzS82o9V7NLjezuezz_24DtXkGgkb3DR5U6b_n8apdGk8ahRZ5OaK6A
.www.dnsfilter.com/	1969-12-31 23:59:59	Name: __cfruid Value: 44d8de26a0857a412afe2542d7eec113c75da0a9-1721747577
.hubspot.com/	1970-01-20 22:15:49	Name: __cf_bm Value: xgnZ51BvMIqOZ6glL3VCtjQkFdEolOnwOdD.ADBgjdc-1721747577-1.0.1.1-Jxem4UuScNRALDjS3vofbAR85pmHm3XnNair8i2GUQRwdWB6czgMUeAKmb8vHT.nj6Ear6mMiS.B6C7.xz.rJw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: dAYR6PTfOCQEJ5pkr3S9hKCrBZhzHJkR.RPLFfTVmXc-1721747577987-0.0.1.1-604800000
.dnsfilter.com/	1970-01-21 00:25:23	Name: _gcl_au Value: 1.1.340586894.1721747578
.dnsfilter.com/	1970-01-21 07:51:47	Name: _ga_MMR27NNV7M Value: GS1.1.1721747578.1.0.1721747578.60.0.0
.g2crowd.com/	1970-01-20 22:15:49	Name: __cf_bm Value: WGZ4C1ULc4O5U8na_ZRogFkVWkOoUaXHfxZcIdoRzLM-1721747578-1.0.1.1-8aheXSEvKKoWIIQlUTozMDnNkLuL_kd_.TNhnOkQ34i1TLTDH8jd66vRF.KWwXfdds9DxR.qG7M1AAdcpHPt5w
.dnsfilter.com/	1970-01-21 00:25:23	Name: _rdt_uuid Value: 1721747578892.8589e350-5b10-48cc-bbd9-400074519704
www.dnsfilter.com/	1970-01-21 07:51:47	Name: _gd_visitor Value: aa1c93c2-d32b-48be-8d22-fd0d88fc2bf5
www.dnsfilter.com/	1970-01-20 22:16:01	Name: _gd_session Value: 03d100de-4858-4d64-8f78-4e8a93123179
.dnsfilter.com/	1970-01-21 00:25:23	Name: _fbp Value: fb.1.1721747579135.896668225756116026
.hsforms.com/	1970-01-20 22:15:49	Name: __cf_bm Value: xVvo0Bz2BgI0IYgVZyVrtkD7z0wm0N3gLHyJ0L3dMRg-1721747579-1.0.1.1-og0L4.iyJhXV34y.GaM3iKQ8yRUCXwvYpTV0YX5wHdECbO9P6W5OLcihz50pDnesJGXhb87qyPYIFTrInXvMYg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: t30oGYk4FNdKF2OuTPBDJ7GQh5_V6zhxf5dUCjMWhR8-1721747579140-0.0.1.1-604800000
.dnsfilter.com/	1970-01-21 07:01:23	Name: _biz_uid Value: 80adbf5a4c7348bfcf39223228127506
.dnsfilter.com/	1970-01-21 07:01:23	Name: _biz_nA Value: 1
.dnsfilter.com/	1970-01-20 22:17:13	Name: _uetsid Value: 0c0f8990490611efb4d14f996b224c3e
.dnsfilter.com/	1970-01-21 07:37:23	Name: _uetvid Value: 0c0fc200490611efb7fc436f76bfa53d
.bizible.com/	1970-01-21 07:01:23	Name: _BUID Value: 80adbf5a4c7348bfcf39223228127506
.bing.com/	1970-01-21 07:37:23	Name: MUID Value: 15E81976D29A6FD216A80DB3D3116E30
.dnsfilter.com/	1970-01-21 07:01:23	Name: _biz_pendingA Value: %5B%5D
.bizibly.com/	1970-01-21 07:01:23	Name: _BUID Value: e7e7916835f81adb672dcd390d630f58
.dnsfilter.com/	1970-01-21 07:01:23	Name: _hjSessionUser_716477 Value: eyJpZCI6IjJiNjFiNTcwLTA4YTctNWQ2Ny04MDNjLTAwOGQ1ZTc2ODMxYSIsImNyZWF0ZWQiOjE3MjE3NDc1Nzk0ODEsImV4aXN0aW5nIjpmYWxzZX0=
.twitter.com/	1970-01-21 07:51:47	Name: personalization_id Value: "v1_RV9NFBfghJ17HhDRP9L0QQ=="
.t.co/	1970-01-21 07:51:47	Name: muc_ads Value: c9ef3c42-c522-4fb6-a37f-b2906206dde8
.dnsfilter.com/	1970-01-20 22:15:49	Name: _hjSession_716477 Value: eyJpZCI6IjhmYzcwYmQwLTY4ZDYtNGEwZC05ZDIzLTA0MjVmYTY3NmY1MiIsImMiOjE3MjE3NDc1Nzk0ODUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.dnsfilter.com/	1970-01-21 07:01:23	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.linkedin.com/	1970-01-20 22:17:13	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2842:u=1:x=1:i=1721747579:t=1721833979:v=2:sig=AQFxAT5RFeEiBzLFcNaFjNqeGwAOuLcF"
.dnsfilter.com/	1970-01-21 07:01:23	Name: ajs_anonymous_id Value: b81e1ef8-b922-4291-814b-b5204715e7d5
.linkedin.com/	1970-01-21 07:01:23	Name: bcookie Value: "v=2&2567682c-0faf-429a-861b-d2c5bde8b24e"
.linkedin.com/	1970-01-21 02:34:59	Name: li_gc Value: MTswOzE3MjE3NDc1Nzk7MjswMjHjzLue5eKwHR1cnNruO5OhEWknk71o6exycbDuB9SKZg==
.dnsfilter.com/	1970-01-21 07:51:47	Name: _ga Value: GA1.2.2070210737.1721747579
.dnsfilter.com/	1970-01-20 22:17:13	Name: _gid Value: GA1.2.233388202.1721747580
.dnsfilter.com/	1970-01-21 07:01:23	Name: dnsfilterUTMParams Value: source=not set&campaign=not set&medium=not set&term=not set&content=not set
.dnsfilter.com/	1970-01-21 07:01:23	Name: mp_60609b6511cb26d6b364e351ae2b7cb7_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A190e02724a7eb7-07b6d6e25f883a-11462c6f-1d4c00-190e02724a7eb7%22%2C%22%24device_id%22%3A%20%22190e02724a7eb7-07b6d6e25f883a-11462c6f-1d4c00-190e02724a7eb7%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Linux%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%20126%2C%22email%22%3A%20%22%22%2C%22user_id%22%3A%20%22%22%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22not%20set%22%2C%22utm_medium%22%3A%20%22not%20set%22%2C%22utm_campaign%22%3A%20%22not%20set%22%2C%22utm_content%22%3A%20%22not%20set%22%2C%22utm_term%22%3A%20%22not%20set%22%2C%22gclid%22%3A%20%22not%20set%22%2C%22utm_source%20last%20touch%22%3A%20%22not%20set%22%2C%22utm_medium%20last%20touch%22%3A%20%22not%20set%22%2C%22utm_campaign%20last%20touch%22%3A%20%22not%20set%22%2C%22utm_content%20last%20touch%22%3A%20%22not%20set%22%2C%22utm_term%20last%20touch%22%3A%20%22not%20set%22%2C%22gclid%20last%20touch%22%3A%20%22not%20set%22%2C%22initial%20visit%20date%22%3A%20%222024-07-23T15%3A13%3A00.087Z%22%2C%22initial%20page%22%3A%20%22https%3A%2F%2Fwww.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains%22%2C%22referrer%22%3A%20%22not%20set%22%2C%22referrer%20hostname%22%3A%20%22not%20set%22%2C%22referrer%20path%22%3A%20%22not%20set%22%2C%22initial%20referrer%20hostname%22%3A%20%22not%20set%22%2C%22last_activity%22%3A%201721747580089%2C%22email%22%3A%20%22%22%2C%22user_id%22%3A%20%22%22%7D
www.clarity.ms/	1970-01-21 07:01:23	Name: CLID Value: ff1f87a631e54080a31dbdf62c16a0fc.20240723.20250723
.dnsfilter.com/	1970-01-20 22:15:47	Name: _gat Value: 1
.dnsfilter.com/	1970-01-21 02:34:59	Name: __hstc Value: 205460111.a565280ee5fbee4a2f1b328d863f5ff0.1721747581449.1721747581449.1721747581449.1
.dnsfilter.com/	1970-01-21 02:34:59	Name: hubspotutk Value: a565280ee5fbee4a2f1b328d863f5ff0
.dnsfilter.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.dnsfilter.com/	1970-01-20 22:15:49	Name: __hssc Value: 205460111.1.1721747581449
.c.bing.com/	1970-01-20 22:25:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:37:23	Name: SRM_B Value: 15E81976D29A6FD216A80DB3D3116E30
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:37:23	Name: MUID Value: 15E81976D29A6FD216A80DB3D3116E30
.c.clarity.ms/	1970-01-20 22:25:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:15:48	Name: ANONCHK Value: 0
accounts.livechatinc.com/	1970-01-20 22:15:47	Name: __oauth_redirect_detector Value: counter=1&t=1721747611&tag=a76294ad012edf4920db71ecd814cede6f31b6e7
.www.dnsfilter.com/	1970-01-21 07:01:23	Name: _zitok Value: 70693a54fc2c07534dba1721747582
.zoominfo.com/	1970-01-20 22:15:49	Name: __cf_bm Value: yUWPKnr7qkisG40suCGiljMgjhYPjFIWMdyb22uCAoQ-1721747582-1.0.1.1-RSZfH1Ouha0C1siRgvp1JL8jzdWhZenJhfhjvezcfbH8ZmsAcq1Z8xTi8GsftHUlJrgYBEDfExCqIeL8t.miMg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 8qKt3z8AT4Fazn538FibJqm8LMiQyuV15f4MEYkUa68-1721747582599-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.dnsfilter.com/cdn-cgi/speculation-rules?url=www.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.dnsfilter.com/blog/crowdstrike-lookalike-domains Message: Load failed or canceled (net::ERR_ABORTED; HTTP status 404) for rule set requested from "https://www.dnsfilter.com/cdn-cgi/speculation-rules?url=www.dnsfilter.com%2Fblog%2Fcrowdstrike-lookalike-domains" found in Speculation-Rules header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23609470.fs1.hubspotusercontent-na1.net
39666904.fs1.hubspotusercontent-na1.net
a.burly.io
alb.reddit.com
analytics.twitter.com
api-js.mixpanel.com
api.hubapi.com
api.livechatinc.com
app.hubspot.com
assets.dnsfilter.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.bizible.com
cdn.bizibly.com
cdn.livechatinc.com
cdn.mxpnl.com
cdn.statuspage.io
cdn2.hubspot.net
cdnjs.cloudflare.com
chat-application.com
connect.facebook.net
cta-service-cms2.hubspot.com
dnsfilter.ordavida.com
fonts.googleapis.com
fonts.gstatic.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.zi-scripts.com
ls-af0i3f9l.a.burly.io
maxcdn.bootstrapcdn.com
no-cache.hubspot.com
p.clarity.ms
perf-na1.hsforms.com
perf.hsforms.com
pixel-config.reddit.com
platform.linkedin.com
platform.twitter.com
pp1lkj6mpx59.statuspage.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s-site-api.dnsfilter.com
s-site-cdn.dnsfilter.com
script.hotjar.com
secure.livechatinc.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
t.co
track.hubspot.com
tracking.g2crowd.com
url.de.m.mimecastprotect.com
vc.hotjar.io
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.dnsfilter.com
www.facebook.com
www.google-analytics.com
www.google.gr
www.googletagmanager.com
www.redditstatic.com
api-js.mixpanel.com
104.16.118.43
104.17.25.14
104.18.11.207
104.18.88.62
104.19.175.188
104.244.42.195
104.26.2.59
108.138.7.72
13.107.42.14
13.32.27.54
13.74.129.1
142.250.186.72
146.75.120.157
151.101.193.140
151.101.65.140
152.195.15.58
157.240.0.6
172.64.150.44
18.66.102.106
18.66.112.110
199.60.103.254
2.16.6.6
20.122.63.128
2001:4860:4802:34::36
23.36.162.25
23.53.42.242
2600:1901:0:498c::
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:9284
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6811:ae5b
2606:4700::6811:df98
2606:4700::6812:1eb0
2606:4700::6812:f46c
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2008
2a00:1450:400c:c0a::9c
2a02:26f0:480:22::1726:62ed
2a02:26f0:7100::1720:ee18
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
3.208.127.243
3.215.34.116
51.163.159.16
52.222.214.24
54.208.90.167
76.76.21.164
93.184.221.165
04c1941f9dead21f493e49e123352b693a977446584f864bd780488c07d27c4a
0d5240247f57cb397d37604bcfd2dfe09d5a87362979d48848259917447c88b8
1121176bbb028464b9fd6ad24b5c9b717abce2a7bae00ac67822d6ffd37dbf89
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15ba3d82bd7d73a87d2b6e9c71e53955b8325d42068ad5fbf9d3023aa31e9564
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
193bf9556b022b174e3fab576cd1bd471e1e1f1d1ad247c987cf917b3a213283
1a9fd71726b2d787d74bb05435e29268f5dc7fd4957cd89c621233a4ab4182c9
1b90539f2d26001d43f620bf3b480d5b260d28078afa5da9880e7614d7b04059
1b95229981f8970f06a72dcaf0ec40bb9fafd6662cacf1e5b5588a45554606f9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
21c7bef4bb16cda4afacad5de8a7277bedf3bed36bbb581760064fd58dc3080a
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
22c2fd9d148329bbd3fca7d00f7fb3f4b5c61a6738bdd708efba2ae07c767925
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
28134b6837e746bdb481f52df30339e5c9d7df71dfc4753298fa14937bca53df
289ee97aac1bd18098b2c8e74c001fe7b994d5626019ec89da6e563c629b74e3
2a745ef600df6e1bc6e078b5e5797cb81f54eda6da4fdfe07370553cac6b1fe4
2b05828192ba2091faeb318ede9749b5c0abb6ac3926c67bce068e7a176c2b61
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2d09ee289a39c09f808ee38c5a13f94bd3ca938fea16eed0e98d014fb06c8ba2
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2eeae45bed0dbde85bf405393f3edc7f8b2d53f1d5c7814a3a199930f98bbeb9
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
386b2dc12c3d1183b4e665d5e90b94e5fd839c21ddbc93c30f44cbeb4b043bf5
3a7878d98566a4f25da90a9d14140de7df967d4dd20d443b75c22dc6fd3e60e4
3c0be9baa95405eb8af6fe2c23bc4c81d9b07c0d62153bf5661178c042a92bde
4012639a4d08ea2431b81a1464d1a3f5695d204f9e7c794adee3291252166b52
40b88cf48f08a5576f922d6234e5416c1a7463f92b813a7e9e9f2870242fdf90
428f2358d040249ed9fb549ebd5e75b2836b4c5df593b8a306b96338317af810
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4a948cad1525b333f4615fb0203e3dcf4a5fdef9409adb657fceeab1dcb37f7d
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4dba9e54570483a0624219ec53864f468c9cbdf4f9c1f23821e539de7cb0c9fc
4e11c5e343207d11c5d88db4a5e6ed9d1bec922ff9a3b40b8631fdef84b6a969
54582718101f4575e0323771cfaee34c8ab7c23223ae6a4ca7fc203d4248ec3b
5756d7ea181754d88819c7defee76ab068788d777a0de74227f6d33214be4698
5a24dbda068cd0c9738563b59c505de08c844da7f6e08565af42b3d0e1a3c01b
5b4134fc9963276fb840bb8178d62e95d0efa733909f6eeef3f364d4d60f0777
60f5f911fd8f366f29390166716a1977430d5472b02b6a1298c818096d7d2aac
635d3206ba746749382915cebadbf1e0bb469b17e01173d75d0a99ebee567180
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68cb3e0e1feb8a7de1cb7351cebb592ad8925ae2f4a8aa79c5b415473003c64e
6a136e77a084a4c6b74e6ca680fb670a909c0609dc5f343825aacac12fdf0b66
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8780efe53d44ce45cc299f603a5d0805cc64356dc0371a6a8a79aba1b4c65f
718d472477201493d1be31e5b01e10998272aa0cd6b98191e043ccbc1787b037
7224fc326ad38826d04ac6cbba2a17cc9c7337d1a918cca0d3f9456fdeee956f
73ba7b2ae82b23b68f871972183efd860b900c827f13ac7ddc6b9e86f09e31ff
75bce8973450b6f9872cd0e0b14cdac748331748d262e1894bfbd822d998a3b9
7c6ef2b5e6a0f1f77787cfc78bf8a60632731e20c36fac2368cf0301423c2158
7dedc947610c7ea80ed90f42d85f560591b748af1d07a8112baafda185ca4add
7f3f8546b04748f6ab90f9a90e85d2673db1997dd4e1ba5dff2db6f3689f79ea
83335661d0e89f65bdbbaa8ffe19be499c425c2574a6f6793a0e5c01d8c0d30c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
8c84795f9d49b879d1840ac4b6c966965aee4ba3dcdf21834679938781629441
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9193c7924b14634841b4673ddcc3df72f6b8e149ff57fbc68abb0b4ce03c3d6b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9cdb24dceeef015c90d840be5b5ad5e00fcbe19012960489b869f7a77316a6d3
a3ea005df4ad1dbcf388d374dfc7a160bc7dc49fa93f90f24248a456021f3cb7
a899a5f069997ad1b4d655a5d6909001fa85247dd9aff2f243770bb9ca63dd1b
a8cceb31dd630220be3f37b73eeb1fdc1e5f1092fba750a849501b669ce34d2f
a94733a0dc71c0d80f5ba3a6914d54d2a5f00681d47ac7fa231db70c4cbb7f35
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac342580356415a11227ffbf5fbe63d840680b35a0f8aa88ff9ea1099b0c03a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1eeb954035fe11ac9acfd7f30815bd26130711bf54cdf4823b93182673279b
af330b1c1eb95f325193f5f4bdd55e903ebb4e74c18d614dfa0bd76708a6abb2
afd88bfe20bd2c5fe7172d4ded544c87091baa2a1192d1d8a123019f59e545db
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0403829bc66fd1f26c7ad7f42a2560787fe44f34417d357ed83d107ab32d983
b0a2c6d3fbde4d657e77b993c58401d2a54e9cefbf782d176cd77bf669460873
b41c913da058a0eafd0d0534388cd06f9a5fbd51fedf6d487336e519e9651ce0
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b8f1bba6df92bf70e05decf0d6dfd221220ddd1a357c15b6aefcdf715a76ebc9
b987245cc5d802ec15d04b1797d14a16f002aca05348c13f79d31ecedecad8ac
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bff18d03d481562425a6f802dbf823bb562176c526d839d70892d43722e72908
c6f49122d9b1440819b7aeb2ce7dee6bd9a94b97c1599425dd7cef48f0f2b4f5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca725ff5868dd217cbeddea844518a637e23559ca5a3f57287a20e8a34d76b8f
cd5087cc3817223033979469416f78d191ab0bb8e2f8c5e16724840d01eac4d6
ce75b937f0da028f9b3d19c8ba8064167cf60d7175039a398d22e81895cd9ede
d2a75a0217c66257fb236e32cb43328f460da269cca4c18538cade5756a4fb19
d83f73562c5fedb0c3086617e16fd47c91832f0de8d01fcc638dc2ed0c8bd978
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf23927d70e04476ef3a8660065f3036cb3b7a93d2b3425bb5e2232ac15f005
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f
ded96d1d6e72da595bfd5661e122291088e36af01b3909df5099debb51898f0d
e2de85007c28d01d2a973cbd4efd90bda8f52771727ea5db199bd425f0720a37
e34b27d33f1027faefb23cdae4ac8e448654c795cbcd93947a9b4d52368dba3d
e3992fb94fa3c705d5ac930446b2af285af96e59de78d602799b4e940317cf88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea6df4dd9a50728ecd0094680cb1951f7b6e4bba8ecea3025dfd6b818ab307
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
e79ab82e5909071c56baad1b43348ca00a1a53970967f812638c10a449e73bcd
e8bd78fb3f6b354e9648a0dc43b4385fd3778336bf87b69bd9bc9c7bd3fc276d
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb071f3429c047426154145f7ad18ce941c38bf886d1d6d0834196150f1eb13d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f512372c512f14db3753c95c9b8c3bf30b6f32a43bdca4f71279b4824e21164e
f67c7701c1d42529acc97d9890d23f6d16f1a0b0e7aa2b137b85914f4f6e05db
f6a02692e1c017b57bd8128a015c3f6779258e8292056bf5d0d2997318529ad5
f7306cba988267141cd430335ff9fd7f46e56b4005c5f268b4f44573be1d91d8
fac1adbca286560df4870feb77f13b98d004a8ed3be10437f4e27f9300e49824
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
fc2b8b34b8e5c1f4feb8a7c35193c96ec52727dd918751def0e764b8abfb4182
fcaa9984b576d9dc419934c60554a069e50e124c589824ebd700d652863f4ef1
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.dnsfilter.com Open in urlscan Pro 199.60.103.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

97 %HTTPS

46 %IPv6

47 Domains

72 Subdomains

58 IPs

7 Countries

1936 kBTransfer

5058 kBSize

54 Cookies

23 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dnsfilter.com Open in urlscan Pro
199.60.103.254 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

97 %
HTTPS

46 %
IPv6

47
Domains

72
Subdomains

58
IPs

7
Countries

1936 kB
Transfer

5058 kB
Size

54
Cookies

174 HTTP transactions
1 data transactions