www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Submission: On November 06 via api (November 6th 2023, 11:58:06 pm UTC) from US — Scanned from US

Summary HTTP 94 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 34 IPs in 1 countries across 25 domains to perform 94 HTTP transactions. The main IP is 2606:2c40::c73c:671e, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.uptycs.com.
TLS certificate: Issued by GTS CA 1P5 on September 21st 2023. Valid for: 3 months.

This is the only time www.uptycs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:2c40::c7... 2606:2c40::c73c:671e	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	35.201.125.192 35.201.125.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.70.53.43 104.70.53.43	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:c060	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.111.194.12 34.111.194.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:f9a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5b9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::8a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:ae5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:6cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	23.48.104.41 23.48.104.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:141b:f00... 2600:141b:f000:1e::1737:f34d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.162.125.83 3.162.125.83	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e2:6e00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2600:141b:f00... 2600:141b:f000:37::1728:122b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:890f	() ()
1	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
94	34

22 2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.uptycs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.125.201.35.bc.googleusercontent.com

cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.53.43 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-53-43.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:c060 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

2617658.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.194.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.194.111.34.bc.googleusercontent.com

ixfd2-api.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f9a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5b9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:ae5d (United States)

ASN13335 (CLOUDFLARENET, US)

2617658.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::67 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:6cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.48.104.41 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-41.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:f000:1e::1737:f34d (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.125.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-83.iad61.r.cloudfront.net

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e2:6e00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:f000:37::1728:122b (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:890f (None, )

ASN- ()

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	uptycs.com www.uptycs.com	3 MB
9	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 12052 js.hubspot.com — Cisco Umbrella Rank: 5485 app.hubspot.com — Cisco Umbrella Rank: 5456 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5222 track.hubspot.com — Cisco Umbrella Rank: 2298	40 KB
8	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 12777 forms.hsforms.com — Cisco Umbrella Rank: 4294 forms-na1.hsforms.com — Cisco Umbrella Rank: 6733 perf-na1.hsforms.com — Cisco Umbrella Rank: 5955	7 KB
7	6sc.co j.6sc.co — Cisco Umbrella Rank: 5465 c.6sc.co — Cisco Umbrella Rank: 8564 ipv6.6sc.co — Cisco Umbrella Rank: 5738 b.6sc.co — Cisco Umbrella Rank: 3759	19 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	hubspotusercontent-na1.net 2617658.fs1.hubspotusercontent-na1.net	142 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	257 KB
4	hs-sites.com 2617658.hs-sites.com	56 KB
3	zoominfo.com ws.zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 15113	28 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 9225	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157	816 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
3	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5567	13 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4607 forms.hscollectedforms.net — Cisco Umbrella Rank: 4689	26 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	17 KB
2	bc0a.com cdn.bc0a.com — Cisco Umbrella Rank: 13380 ixfd2-api.bc0a.com — Cisco Umbrella Rank: 19901	15 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11310	43 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8342	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3361	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4559	24 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3240	361 B
94	25

	Domain	Requested by
22	www.uptycs.com	www.uptycs.com js.usemessages.com 2617658.hs-sites.com
5	2617658.fs1.hubspotusercontent-na1.net	www.uptycs.com
4	b.6sc.co
4	www.googletagmanager.com	js.hsadspixel.net www.uptycs.com www.googletagmanager.com
4	2617658.hs-sites.com	js.hubspot.com 2617658.hs-sites.com
3	px.ads.linkedin.com	3 redirects
3	js.zi-scripts.com	www.uptycs.com js.zi-scripts.com
3	track.hubspot.com
3	perf.hsforms.com	www.uptycs.com
3	static.hsappstatic.net	www.uptycs.com 2617658.hs-sites.com
2	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google.com	www.uptycs.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	perf-na1.hsforms.com	www.uptycs.com
2	www.google-analytics.com	www.uptycs.com www.google-analytics.com
2	forms.hsforms.com	www.uptycs.com
2	cta-service-cms2.hubspot.com	www.uptycs.com js.hubspot.com
2	js.hs-banner.com	www.uptycs.com js.hs-banner.com
2	js.hubspot.com	www.uptycs.com 2617658.hs-sites.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	analytics.google.com	www.googletagmanager.com
1	www.clickcease.com	www.uptycs.com
1	j.6sc.co	www.uptycs.com
1	cdn2.hubspot.net	2617658.hs-sites.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	forms-na1.hsforms.com	www.uptycs.com
1	app.hubspot.com	www.uptycs.com
1	js.hscollectedforms.net	www.uptycs.com
1	js.hsadspixel.net	www.uptycs.com
1	js.hs-analytics.net	www.uptycs.com
1	js.usemessages.com	www.uptycs.com
1	ixfd2-api.bc0a.com	cdn.bc0a.com
1	no-cache.hubspot.com	www.uptycs.com
1	s7.addthis.com	www.uptycs.com
1	cdn.bc0a.com	www.uptycs.com
94	42

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
github.com
osquery.io
osquery.readthedocs.io
www.youtube.com
2617658.fs1.hubspotusercontent-na1.net

Subject Issuer	Validity	Valid
www.uptycs.com GTS CA 1P5	`2023-09-21` - `2023-12-20`	3 months	crt.sh
cdn.bc0a.com GTS CA 1D4	`2023-10-02` - `2023-12-31`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-09-30` - `2024-09-29`	a year	crt.sh
ixfd-api.bc0a.com GTS CA 1D4	`2023-10-06` - `2024-01-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hs-sites.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
js.zi-scripts.com Amazon RSA 2048 M03	`2023-09-17` - `2024-10-16`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Frame ID: E2809BCDC5E888098837680C2973C654
Requests: 83 HTTP requests in this frame

Frame: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126
Frame ID: 2F135A008B14A70BB8A6EC0F93194A1C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Protect Your Cloud-Native Applications with Osquery EDR Solutions

Detected technologies

AddThis (Widgets) Expand

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

97 %
HTTPS

82 %
IPv6

25
Domains

42
Subdomains

34
IPs

1
Countries

3800 kB
Transfer

5728 kB
Size

26
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Search URL Search Domain Scan URL

URL: https://github.com/showcases/security
Title: GitHub security showcase

Search URL Search Domain Scan URL

URL: https://osquery.io/
Title: Osquery

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/
Title: well-documented

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/deployment/process-auditing/
Title: event tables

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/deployment/configuration/#schedule
Title: scheduled

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/deployment/logging/#results-logs
Title: as snapshot or differential

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/deployment/remote/
Title: remote TLS connection

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/introduction/using-osqueryi/
Title: CLI

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/installation/cli-flags/#augeas-flags
Title: augeas

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/development/osquery-sdk/
Title: thrift extension mechanism

Search URL Search Domain Scan URL

URL: https://osquery.readthedocs.io/en/stable/installation/cli-flags/
Title: configuration options

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/uptycs/

Search URL Search Domain Scan URL

URL: https://twitter.com/uptycs?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uptycs/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@uptycs

Search URL Search Domain Scan URL

URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Assets_Website_2023/Datasheets/Datasheet_EDR-XDR-Competitive-Comparison/Datasheet_EDR-XDR-Competitive-Comparison.pdf
Title: Uptycs XDR vs. The Old Way

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1699315084557%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fblog%252Fosquery-security-use-cases-and-solutions%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true&e_ipv6=AQLGWFrmj-n7dQAAAYunEm5Pr_NMPU6SB_B0y8c67-S-Ti_eGYSjVw5wCf3FB9cEDQfqYuY

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request osquery-security-use-cases-and-solutions Show response
www.uptycs.com/blog/ 162 KB
23 KB 308ms
199ms Document
text/html 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb705aad1a8d05071ef426393265304bc6fa268a329d02fd6ddce1c5fd97aba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 8221482bbc5a4bc6-BUF
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 06 Nov 2023 23:57:59 GMT
edge-cache-tag: CT-11761744813,CG-5593128451,P-2617658,CW-134517756523,CW-137251800366,E-105237096759,E-105237648739,E-105237674790,E-105237810298,E-105237812090,E-105237812106,E-105237812592,E-118532473678,E-122960336740,E-134903242311,MENU-134515445611,PGS-ALL,SW-0,GC-106292852859,GC-134517756932,GC-134902441270,GC-137251800404
etag: W/"f8aa40e0d96f52bf230b1c77fb2b3b21"
last-modified: Sun, 05 Nov 2023 01:42:46 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS1gBBlPOaBI4bT5dtU8g3t6jfGEbNI0yYdURY0F0LpKRsQe5SmqupU3BmAxT71kAc4zgRbbWHKQDBnYNfrLy7CVAxfmjhKxpqZMJCyl9AFtAXhMMgnUUC5FUxI%2BA08mn0nBzkm5vbhypbCh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3628800
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-campaign-id: 0dda784b-30ea-4a42-bc02-c3472e373b7d
x-hs-content-id: 11761744813
x-hs-https-only: worker
x-hs-hub-id: 2617658
x-hs-prerendered: Sun, 05 Nov 2023 01:42:46 GMT

GET
H2 200 project.js Show response
www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 58ms
57ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 750382
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek%2BDNh4ZF9r3OpRFvfKTCnZiFvSEPeXBC6sxpuj3wuLmsjeEnYwbRy444%2BmoxlJd39Vqgnopfh4jvz4b8AEErZUCAICW%2Be3nplWgyo9ruDqIwhFk3oXD0tGxmMkNV7vb8Zr6k72wej8HYY4u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8221482cfc684bc6-BUF
x-amz-cf-id: 7N7ImkOCUls4FYsXvLnjZw-B348QbQgiC1reBBg_wqbv2wH2Y8DmJQ==
expires: Tue, 05 Nov 2024 23:57:59 GMT

GET
H2 200 v2.js Show response
www.uptycs.com/_hcms/forms/ 559 KB
185 KB 59ms
59ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d282efcc9f7210172e8a372a36517e7801ba66fbf47586ddb33594e901fc3e39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 472
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4100/bundles/project-v2.js&cfRay=821df1ed813c6ac7-EWR
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"6628f2529fb21029b665432fc3ea6ff3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4100/bundles/project-v2.js
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: AHKplh_ntZFLRuOGJFDaw7UetnHwEXWl
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3c203798-3240-4296-99ce-77c0cee46ad9
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3c203798-3240-4296-99ce-77c0cee46ad9
last-modified: Mon, 06 Nov 2023 14:04:37 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtpO3RFv0RsasRmlYLxm8F3G2E0XzNusc%2B6a0US0R2Ihr%2FUPuUL%2Bdl2OdyfMTeYJKqLkrzSNHwurSSol50LSPyc9EnOSXEMFUmTgh3Do9KgS4MdC7wXD3G8fUssKmcl8%2BDASWucI%2Fpm8m8Qy"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
cf-ray: 8221482cfc694bc6-BUF
x-amz-cf-id: oj4XgVMDiYBfqKgIc-dHFPS1oF6u3BmZPuxVuwH6_P1t72kMowrMOA==

GET
H2 200 autopilot_sdk.js Show response
cdn.bc0a.com/autopilot/f00000000301697/ 37 KB
14 KB 106ms
30ms Script
application/javascript 35.201.125.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bc0a.com/autopilot/f00000000301697/autopilot_sdk.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.125.201.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a2761c3e991212a06e18cc1165e58a1a175d8d1bdf92c891438153e7637dd5de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-goog-meta-marvel_enabled: false
content-security-policy: default-src 'self' 'unsafe-inline';
content-encoding: gzip
age: 3197
x-guploader-uploadid: ABPtcPqa8Ic1DEARwwwxaifEzhsjlQpsYsiEfVOTUeUT8WhJDDtbCcN4OX-4lzLuaOjM0LfTQtJrllApK9Y4iKko85guc-zjQBHv
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist: ixf
x-goog-stored-content-encoding: gzip
x-goog-meta-publishingdate: 2023-10-19 17:05:56
x-goog-meta-sdk_canonical_protocol
etag: "c71f15fe74b4b7ff2391a544b7b9045c"
vary: Accept-Encoding
x-goog-generation: 1697735156447780
content-language: en
access-control-allow-origin: *
x-goog-meta-custom: true
access-control-expose-headers: Content-Type
x-goog-meta-marvel_test_mode: false
cache-control: public, max-age=3600
content-type: application/javascript
x-goog-meta-spa: false
expires: Tue, 07 Nov 2023 00:04:42 GMT
x-goog-meta-sdk_version: 1.5.9
date: Mon, 06 Nov 2023 23:04:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-goog-meta-sdk_account_id: f00000000301697
x-goog-meta-sdk_request_parameters_case_sensitive: false
x-goog-meta-marvel_config_consistency_custom: {"data-customerid":"f00000000301697"}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration: 3
x-goog-meta-sdk_log_level: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12737
x-goog-meta-content_only: false
last-modified: Thu, 19 Oct 2023 17:05:56 GMT
server: UploadServer
x-goog-hash: crc32c=0bDy1g==, md5=xx8V/nS0t/8jkaVEt7kEXA==
x-goog-stored-content-length: 12737
accept-ranges: bytes
x-goog-meta-disable_debug_elements: false

GET
H2 200 main.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1698436955344/Uptycs_Theme_2023/css/ 245 KB
46 KB 57ms
54ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1698436955344/Uptycs_Theme_2023/css/main.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac3dcb7a8d883749d08820847e38f01732c77235cc499049353cf8c45af9281

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 4SH70H8SEKCG63HY
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d71a7cc0a84791124429fb4fc8a6e666"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698436955344
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 c59b5a542015c208c95d2ed3c65cdbcc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 63zbBgkQWXKnHdBmCXwu3fGsc2mPdkVL
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 1f4b4e54-78ae-4a0a-afa2-6a3caf56707a
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 136
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mEtnJAvzb+vU8U+sm6534BN/LcTawUksJG9/0wO/FNHL1ioeX6gcVRC3u6jXpAcCuDFnfMdVPxU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1f4b4e54-78ae-4a0a-afa2-6a3caf56707a
last-modified: Fri, 27 Oct 2023 20:02:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I2O3ASx6PQQT5r%2BeNiCpdmVBISTkQyF6J4YfNIdLVNOhnqBiN8JEIJgkxiYAfbPrt4Mfl8KrZj2RWgWJF8ve4lj3j4XUMM%2BcL50%2B6EmV5pXdfv0e5%2Bli%2Fo6BYstqHoGxpUq%2FlPal6fhmGiv"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 8221482cfc6a4bc6-BUF
x-amz-cf-id: xruOnne3Cl32K0YMFU0o2xu8EmL-II4OQk00ao5V8awVzJBY8uzT2A==

GET
H2 200 blog.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1698899404070/Uptycs_Theme_2023/css/templates/ 32 KB
8 KB 60ms
57ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1698899404070/Uptycs_Theme_2023/css/templates/blog.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf73504c0e88814adb874bd7d2fd0b0eb54e70692e34038fcd82a76107e3acc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: RXAWRHXYFQ1H01S6
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"2ee442fb94ffe2f7520a0ed583af83b8"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698899404856
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 0ebe6e1aeade584a38f4b98aa3f2014a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: VPJUqlWSLarLcSl3CSUvuWzLBmLqu8al
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d098d830-1199-4595-b4cc-efd20cfe7b43
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uCSLwnRVIF4hRbZE/PcSvA5vFJCW5xkXitOBVILHR6rFPMoz8PODJLsX3VKkE9nrrCJEifVIQ3Q=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d098d830-1199-4595-b4cc-efd20cfe7b43
last-modified: Thu, 02 Nov 2023 04:30:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAWtchmrHXQ4MyGZm2%2BeXCv91%2BXbRErQGxls0h0uO8NSlYlF6%2Be75FxISvY3wPo%2FB%2FtGHl0ByR1JZ2YQQKXISBL%2FBC68goU5k8b%2FBy%2BHuC896b7v6T31WpIts7HHw6J1l%2FGExKh0InN5pwCn"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 8221482d0c6b4bc6-BUF
x-amz-cf-id: ozf1-L4cLQsAI2sdH1mr0nSED_bJr_dFbzd4YM0lTxROIr_7lieULw==

GET
H2 200 theme-overrides.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/ 25 KB
7 KB 58ms
55ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/theme-overrides.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e7e810369b0d05a3bee736f59e54c346b55721b3ca79fd8daca2ea23833e044

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: CG5NA9CY449VV6SR
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"11043a7a74c468f00929c7d94ca76315"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698434884727
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: MgCXIn7aiTnISrTnmFmESvsdlMdpbk4K
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 1ce36fed-c99c-41c1-9e14-0bfb8ee84493
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 153
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5BQAPONWU9PeOSPIwvjRw0Ps7aM16L6e88wqGU1a0FW67mgvkDmxgZwxnTEFrUBl2YNcTLFrv1w=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1ce36fed-c99c-41c1-9e14-0bfb8ee84493
last-modified: Fri, 27 Oct 2023 19:28:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFB4iTmEZcOMm3QUkiUHi9hzil%2BiSgU%2BMjkGIWHxwwP8IL2Q%2BX8%2BZLLzosyOLTGnyToqjLtZfK7y3u9yZOcW1RCau1C4B7E%2Fdgqjr3LXbS48AtrmW9v7p8EEKb5xuw3N3BPAKbuFgybjSP1Q"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 8221482d0c6c4bc6-BUF
x-amz-cf-id: 5hz6odeEzuI0dXk9IQkzk7Bd91dl2HnHEgWIyjqRvxwTFSh6YLjTmw==

GET
H2 200 uptycs-custome-style.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1692382054480/Uptycs_Theme_2023/css/ 7 KB
3 KB 90ms
88ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1692382054480/Uptycs_Theme_2023/css/uptycs-custome-style.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 0NKJBXVHD0WEZQ91
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"4d34062fc6bdbe0bd26f0e05ac925dde"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1692382055145
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 b7f525be96cecf61bbec66a423b622b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: _LC3G15hQn2CvyZK3VqJds2jPcCA4Qpr
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9d4393b8-f727-44a1-8a0e-7da41d8c4955
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 244
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xmhW5cvwyU+jvnoyJtzKpEbpi7s+gSzrQ5wFqbUygEn11LPVEJImjaxnv7E4tSJg5e+W+iHGy6Q=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9d4393b8-f727-44a1-8a0e-7da41d8c4955
last-modified: Fri, 18 Aug 2023 18:07:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSPTItAG1vKMqBsmnwUgUgQ9CiMzOHvPRs1cj2X2Uk23s6e2SDf1bl5UuwQzo9Iftz%2BqJJ7CqVSjkJF7IUwyXRk844XIMdv7mt%2Fd7ziM9pnJU1yfRm5CR48ayGCJc4NzNIi%2Fcvptgf1RYNP3"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9jn6n
access-control-allow-credentials: false
cf-ray: 8221482d0c6d4bc6-BUF
x-amz-cf-id: AVQAwJPEpj8tw7oS5JgkMcUWdOLbluqiinkO2WuOuOFZ1CqVc3LxCQ==

GET
H2 200 module_134517756523_Uptycs_-_Header_Mega_Menu.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/134517756523/1698434939553/ 51 B
849 B 58ms
56ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/134517756523/1698434939553/module_134517756523_Uptycs_-_Header_Mega_Menu.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc3a1deb7e3828d4af18bb095b0642db6df003ed68381d53c45ab45e0cd08451

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 5A8G05HVTJRHFD0E
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"06859d41da6ec38fd3e140a223163683"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698434939553
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EC_EqvUpCxI.SrQOFeBdjJesg8rRhyRB
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: fb411349-0434-4b5f-bf83-2b600d6b4ed6
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: E3mWYSeR6ppISZC1m3q42jWp9Puh47nHQadgk5nOcw/g04JN7VSaVMs4EWqBhln0odvDYe2517Vs65JkNBqorw==
x-evy-trace-route-configuration: listener_https/all
x-request-id: fb411349-0434-4b5f-bf83-2b600d6b4ed6
last-modified: Fri, 27 Oct 2023 19:29:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR7pIcnrvtLWs8T5xHUYUzidYc1frinSo5SmmsBAkfSkCifn6okVX%2BpcUWHs99nZVTdVLbUc%2Fb8kQ%2FVhRg5YTn5zfmofZSELZw6fKxcpvui3XOTWeOEmver6AKmoo3mg6cBPYsFgpwFET2yd"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 8221482d0c6e4bc6-BUF
x-amz-cf-id: tuvw0EiRINOPks4ipL52bqtivNehl9GR_dGDmjHK2lx8cQpstIY2Yg==

GET
H2 200 module_137251800366_EXT_-_Footer_Update_New_2023.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/137251800366/1698426916238/ 343 B
1 KB 90ms
88ms Stylesheet
text/css 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/137251800366/1698426916238/module_137251800366_EXT_-_Footer_Update_New_2023.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39b04223da4b61f9443127008257c7e245bb4567f8aea02b92c61f8f9ff8c18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 6ZVJGXJC71PXKQ1H
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6a10230f5457813f9eed7bb1445a8e96"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698426916238
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 6fc72fa6c2eb32c52ac1d02c16e75776.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FexCNsHdSjzWy55qTd7.dBeA_gcwSeUR
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9f07dcf9-df8f-40d7-8a0a-bd5de857df7b
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 225
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Q8kPyNiqiqr+MsYrEr15zrph/0YIJ6OW0RYGh/OAooS1V/7Ikxdl7d2I/IO6Id/30qhbV8wsawM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9f07dcf9-df8f-40d7-8a0a-bd5de857df7b
last-modified: Fri, 27 Oct 2023 17:15:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBMu%2BrkpGV1E36LBcFNaXGwrcO%2F7J0Z4rPxLSpTv2DJ%2BVZwluBDNljUKULkV9Zzd6QKPmSn7V7NpYxqs1crOML4OgMjC%2BieaX3u%2Fy%2B%2Bzur1udYx3UojcQUj6MTOZvgmWJYGqQ6Veo9lE1Q%2FT"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 8221482d0c6f4bc6-BUF
x-amz-cf-id: 7taSnOvo5Q3GhXOLaJUKGMQR8ARuj1wPOYyLomE1azwuRES1wXU-fw==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 188ms
55ms Script
text/javascript 104.70.53.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.53.43 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-53-43.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 23:57:59 GMT
server: Oracle API Gateway
opc-request-id: /C14304CED0502BCC4A7C4049F039536F/E96315A5ACB932163B048C1254A671FA
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 c2014fad-3939-42c5-a213-64a022998850.png
no-cache.hubspot.com/cta/default/2617658/ 2 KB
3 KB 190ms
111ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/2617658/c2014fad-3939-42c5-a213-64a022998850.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9789198eec3f8facee6487dc4d84a197d830a64361cf4267528aaa56ca2031a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
x-amz-version-id: CJ.Zcf95Pv6MQ.tvpf1BF7Ekjs0cwPuP
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: PZ5YZ34YV29CKZH7
x-amz-server-side-encryption: AES256
content-length: 1976
x-amz-id-2: y4CiI7UFP5LyRSdz1BmY+XjQBbU+eRkRT7Mz2d244xiGcRkaMbxEMEIMTAf/Cf5zrrCxQHqa8yI=
last-modified: Thu, 19 Oct 2023 13:52:21 GMT
server: cloudflare
etag: "00eeb4d31b1949f06f525c1ef6fac1f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4znFkEikvwnTlSOQQnL4xWVRSrWd87gerGvuFbSu%2FfSm02As1iHXmoOXBUrjMczVOglk4lKrLEYcv8hht0qy4HHW2W05BLlv8AbFvtEJEBKeWMVdxZeW2No1H%2F%2FqfJZlryslWp2JjgLyFzeNB6GwjRD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8221482d7e474bcc-BUF

GET
H2 200 current.js Show response
www.uptycs.com/hs/cta/cta/ 18 KB
8 KB 91ms
90ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/cta/cta/current.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 345
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.226/bundles/current.js&cfRay=81c1037ba427c43e-EWR
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"7a7ad36467619447fadd7b98ce7f3800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.226/bundles/current.js
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: vhhL_YuOEeyrE1us6iU1p_IC2N0DFzup
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 6a80b81b-e786-4596-91aa-19d1b23ceb5f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6a80b81b-e786-4596-91aa-19d1b23ceb5f
last-modified: Wed, 04 Oct 2023 01:26:06 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FfqmBvfb%2FodSZ0MGLdy5Bk1W5Q9%2BGQkxPiTXIrDJLEUQBDwNJWAwLPYiTTFfGwpUqC7IUwQefDRQsvOkDcSo%2F6Lz2pukN3ytE41jO%2Bip%2BjfYF171azPbXpjc88cG9eRqT8dpCygNkfTQA7X"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
cf-ray: 8221482d0c704bc6-BUF
x-amz-cf-id: vPaovu4IFywrGvxvxC85SeqjL47uITXmLp0jETCmNdisc3vDw65PPA==

GET
H3 200 Logo-2.png
www.uptycs.com/hs-fs/hubfs/ 1 KB
2 KB 494ms
494ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Logo-2.png?width=232&height=70&name=Logo-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c247f4f6de93c46c80e02486f424fe8688f0a7452bf075f3fc9c69787023af55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 8087c23e2868fe888ce1d81522a0d9e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-116328200274,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 1470
cf-resized: internal=ok/h q=0 n=42+0 c=0+1 v=2023.9.8 l=1470
last-modified: Fri, 19 May 2023 16:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfKsXki7rADSFPnuCVrPpta8h8HviWbuUVkP6tVMqlDQ:994f4838c3a75378da2344348501fb9a"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVh%2FAL0ntRx8sa%2FEZHiqzjbRm9aGztYcMWMakNz4kc0QOOQ4gbX5m0ryRERC4xh9Orl%2BqxcQVcGOhTPeGJZWdfyc1drZIpzMZeMXNgldYGI91PBm0AJp793ds6U%2BWydz6loO9XzF60UWk5Ha"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8221482d9f6f4bc3-BUF

GET
H3 200 KC%20Image%20500x500%20Web.webp
www.uptycs.com/hs-fs/hubfs/ 17 KB
18 KB 563ms
549ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/KC%20Image%20500x500%20Web.webp?width=500&height=500&name=KC%20Image%20500x500%20Web.webp

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec0edd8a3392894c45f5198ed0d0fca6db9ccd08876ef5f46220036769b4172

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-135617155332,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 17720
cf-resized: internal=ok/h q=0 n=38+0 c=2+0 v=2023.9.8 l=17720
last-modified: Tue, 19 Sep 2023 15:30:03 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfP8dgq6p8sG6DlxWdBZOHSCvvlNYXA11WPbRXVG9jDQ:7533e35f48ccea362e4e3a2d25f931b1"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjvLrdfSaMvgYE%2F0qC16uXpXQNAjK1zHukO%2FnKwLaMLuYsfUO7IJDKD6EPXV2Lnp%2B0cFnvAphZquDT%2BQeDK1NcizW6Aj7MOP0suaohFKAQyPTY6l3qfZeS07C5ZGicGNg4cCzk6lCXqNK%2FYW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8221482ddf704bc3-BUF

GET
H3 200 Ganesh_Headshot.jpeg
www.uptycs.com/hs-fs/hubfs/ 690 B
1 KB 722ms
708ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Ganesh_Headshot.jpeg?width=45&height=45&name=Ganesh_Headshot.jpeg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f5b4f24db45e3f791e9d8cfdd443e8426fec51ca65a5858ef63104437a837a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
via: 1.1 52240057c1971b0cba3bbf4f025cacd0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-5886082710,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 690
cf-resized: internal=ok/m q=0 n=653+0 c=0+0 v=2023.9.8 l=690
last-modified: Tue, 02 Apr 2019 19:59:08 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfoRtm3nqDinmCIzo3SBXDxJ4Ldc90szObOHm-ATa9DQ:00984005dbecc2db30ee8d647a6d4845"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mmx8pXEtpNgGf4gpFWLPWv7wC%2B5xxfmjGM%2Bv4AXh8O5XuXpO79zQhgNhAko3nAa8QN72VfutL%2BS3dsQT6UUvrXVM%2FCLu4sjo2b3DrK3KxkIhMeUC%2FlZ%2FJvM1VsYKP5ol0RV2diCRjqfEPGHu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8221482ddf734bc3-BUF

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 126ms
42ms Script
application/javascript 2606:4700::6811:c060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 1400daf58929007edfec4f92e9b3dde8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOS50-P4
age: 770583
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHCsPz3DKkjE1FmzTXRM2XPvEr5DBrSUyxVlnUlvFyC%2BmCUZDIWE2VXjNUWCoLeyRjJoc9NbwNzd7NYrs%2F80bvtZf8KFvNqfl9RI9uYJWm0iaM4TL0kB9PZJqzYQ%2BFCoSeBW69ysWYnzp5X1jYx%2BLVE239U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8221482e4fab6aee-BUF
x-amz-cf-id: OZRhBlC_DF-6JXprZLMdoFRqgjVWffm5CbPIhhYqLCDeLVgoZ-QbOw==
expires: Tue, 05 Nov 2024 23:57:59 GMT

GET
H3 200 code.jquery.com_jquery-1.12.4.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1692382057809/Uptycs_Theme_2023/js/ 95 KB
36 KB 1170ms
1155ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1692382057809/Uptycs_Theme_2023/js/code.jquery.com_jquery-1.12.4.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 0NKYQX7NSBGJNWNY
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"0fca26b5a37a66d68d0f4406976be4b5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1692382057809
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
via: 1.1 0286f8e6d2ddfae7e9a56c7cc839488c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: R5acMq48kK7Wpj.3wc80oAKICEoHfLJJ
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3f2193df-8657-4d61-b8b8-2e42303af0f1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 185
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RdU4uTdQl6GSk6MWOIHgwevoT58aM8J0mUk4Y0nSEC9rqlr43ABshDjllUHCo9KsfEpJ4cuY9j4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3f2193df-8657-4d61-b8b8-2e42303af0f1
last-modified: Fri, 18 Aug 2023 18:07:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQE2IvuZWUaFtAb%2FZrkhBGmucWcE1iMioneFDNGJ0oXmp6Jm6ibtVwsZ41tg73NEJ0MfoO7AG7tIxd4xoBn3zSxipziw8i5EVa7n8Ow9izS8ocM8%2FrPqqyhKcgBV2GcECcadhCWo0i763e7P"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-nlblb
access-control-allow-credentials: false
cf-ray: 8221482ddf714bc3-BUF
x-amz-cf-id: q-KyycsSxaCM-QehrcSim43Ap85s-6NhwM5eFvI_OsCX-Rfx8B5rtA==

GET
H3 200 main.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1692382053626/Uptycs_Theme_2023/js/ 47 KB
14 KB 637ms
622ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1692382053626/Uptycs_Theme_2023/js/main.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb0e4fbfcd0e207130cf63c0a62e053cefae5c035cd45e11a6a4564687624ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 402
x-amz-request-id: 8Y2X4QTMRA3EXX7M
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"48fa28b6a0f4cb2db343790fa1e3f6c2"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1692382054151
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: cSJTuVcIKOh1OcbGR7QB9MTNL_FAl_Iw
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 05625e22-8f7c-4691-b2ba-e0c4886a79f7
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 269
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7plNxeWpr+5jqnU/3O4M5bykhvR2sr97FmwBMS5r2K7m6wwHvvN3nw5I7a9+xjIILeOiUYgdzj3doqxMBuFBlQN6Iehfr7TQN37Gk2vNO1I=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 05625e22-8f7c-4691-b2ba-e0c4886a79f7
last-modified: Fri, 18 Aug 2023 18:07:35 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2By0BBOULcCDx4uC%2FFUt3Hp9MbELVWTEfSV4bZfC4H6t1ukoUqgga8LvCaPdreONb0%2Bwz63Fm5Mo6ZiwgoixhOLlxcMxBZ1%2FIPbxqbXVNpqvHRabxphygKCF9QYgqGVgup%2BnPc89tqe6AhuP"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 8221482ddf724bc3-BUF
x-amz-cf-id: LP2Bx_-LiafZ0mlM14jgXmHCYNRDNnypq9mEe8m9SfGDH1L4KgNPtw==

GET
H3 200 2617658.js Show response
www.uptycs.com/hs/scriptloader/ 3 KB
2 KB 602ms
589ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/scriptloader/2617658.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7add3f7be59c708bca440ba5cdbf5d5be9a3a79fa9587c4522afc049cd5cdd4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 83d52363-3170-427f-8c2d-5c7386a4e214
content-encoding: br
x-envoy-upstream-service-time: 10
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 83d52363-3170-427f-8c2d-5c7386a4e214
last-modified: Mon, 06 Nov 2023 23:56:58 GMT
server: cloudflare
x-trace: 2BC8D05919429BCAC5A22CFC8878B55C92BFD938A6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-ff5vt
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0CPYGAYwRUkF9cf%2FTnRB31QtvdogpkwSltEvkQrwx0mAAPITNNM8Ch3cATzM7ViDAgf1LU1QcXCy0UKHv2yiN7WkowwmNvez8tpKolVLrAp%2BzHUSGS0jYWi1D6GoMnxVCaEQ%2BMpMpG0iaZa"}],"group":"cf-nel","max_age":604800}
cf-ray: 8221482ddf744bc3-BUF
expires: Mon, 06 Nov 2023 23:58:59 GMT

GET
H3 200 index.js Show response
www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 603ms
589ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:57:59 GMT
strict-transport-security: max-age=3628800
via: 1.1 ed31b4e68abf63ec3ae0c1e539b4d67c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 1014214
x-amz-cf-pop: YTO50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gToIW%2Btmf0%2F2dS70MOFRCb34nMdS2p%2FpjMwlQaHaJfuzLI9r4Vk6ZPaiSzClMjEs6Wk1DmPook8iCkFEEi%2B%2FKkCxLaLWN%2FuZSZzsqxRxikHgYEzZrWeXScfyVGyn3i%2BO9SqmdW4W8lwBIM0L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8221482ddf764bc3-BUF
x-amz-cf-id: igb1K9ay9eXyFIe8nboIBvvIMXqdV5VhNE0bl_hGXRtdY0uTxDHRHA==
expires: Tue, 05 Nov 2024 23:57:59 GMT

GET
H2 200 Dazzed-SemiBold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
35 KB 253ms
166ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-SemiBold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
age: 68406
x-amz-request-id: SPS2GS4YPB1V3C6V
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "2d0d0de050f8833c2853af07a440a4ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122420
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
via: 1.1 5aa3496856399e97c5203e44d7e06caa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: IEWlA03LFNsvE9C7Xc.pkI3DfKgTQ7bF
x-amz-cf-pop: ORD58-P2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35588
x-amz-id-2: ig19if+zc6af8fgirO0/zlvVkgCntWprETQcRbxDmFKUNDeHz9HK9fOKnFNWL4ZzY/56qtiu4Dg=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8221482e6a1e6aed-BUF
x-amz-cf-id: VcwzFm91aKtQfSaBAb-WZjc5fbq2kGflEYFbn9yOpwG6mBQTWwzTSg==

GET
H2 200 Dazzed-Regular.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
34 KB 292ms
206ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Regular.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
age: 68406
x-amz-request-id: JK34T58DKWF1XFET
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "504d899b185471166fa525f6154e224f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122391
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
via: 1.1 7f6b04942f28195d41e126f3dad955c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Z950va749GesENoMyecGaQOgk36GpyAD
x-amz-cf-pop: YTO50-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34732
x-amz-id-2: S9gZeHKNy66evmKPEZq6FgNK267OjURobX1eeVoinoDIel0pYvJm/NLXupEnDwJWEq7B+SER0pQ=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8221482e6a1f6aed-BUF
x-amz-cf-id: 8y7mx_gtI3nlCVNPZ7VMTVBhFXQjKGY_zQ8wjRe0Br6GCzF0-u9Jsg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1024db20df71903f3bd673cc9e99ce16ea9dc5489260baa0647b88674937d75b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dazzed-Medium.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
35 KB 272ms
207ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Medium.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
age: 68406
x-amz-request-id: DJG8A3D3PXMMY65Q
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "91c0cd4d25d2ea71e8826f69b4497c6c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122410
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
via: 1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A6Y2_MG70jGC4aeahpXKuceRQH2hp.YW
x-amz-cf-pop: YTO50-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34664
x-amz-id-2: cEqblfSrfGS3KBXRz3ulBFYi3+qupJk9YYP51L8dOmohoA91Fb/nNeoyLmp6abHdNs3+ik12TCt9LRm8NuepfVXVS8IeSy6g
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8221482e6a216aed-BUF
x-amz-cf-id: fxwyP8Wzb3lrIyMm8h3NEj5tLI8OxvJduoesjoR5fXbo10TpLOj2tw==

GET
H2 200 Dazzed-Bold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
36 KB 229ms
164ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Bold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1698434883822/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604

Request headers

Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
age: 68406
x-amz-request-id: A73M1GXVTN3FK51M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "dec9ad669c463ebe04b667dc906e58b0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122320
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:57:59 GMT
via: 1.1 23a608374ae3bf657d89218b7a0bf0cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: kiiOVn0Uia49V.XtbhyVQvLQlSKfVfD1
x-amz-cf-pop: YTO50-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35912
x-amz-id-2: i+UpZXQMAttBcufzcYDOL8SMOoWCt4GQIQJBEFSwHHIseq/i/DtNhzNAvhJE5E750OIJQqP6cKo=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8221482e6a206aed-BUF
x-amz-cf-id: WtYSEuwFKock5TOOmQk1UYOjvffPozeuTnxKo8vvx0P6o-H5bEiyQA==

GET
H3 200 Vector.png
www.uptycs.com/hs-fs/hubfs/Uptycs%20Theme%20-%202023/Home%20Page%20Images/ 258 B
1 KB 1089ms
1088ms Image
image/webp 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Uptycs%20Theme%20-%202023/Home%20Page%20Images/Vector.png?width=29&height=30&name=Vector.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2e5bb6af2eb313674c89cc3e597f66c850bd073d3b82f490274cd81f3965a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
via: 1.1 fb7b65b8cad8124239a4b25728a84288.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-105721150579,FD-105371464374,P-2617658,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 258
cf-resized: internal=ok/h q=0 n=38+0 c=0+0 v=2023.9.8 l=258
last-modified: Thu, 09 Mar 2023 05:04:05 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfFuHgxwWeQOyOXQounULRLCeYBGlA74QyhsHtG6J4DQ:7f94a07a6135e6f2996dc26a740ed639"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Irxt%2FcYCb5Zli24KBZUFvoMdmMJVXWFrgLXqgmkp8VjyVbj6vx%2BLQQZXJBsihgFkI9M%2Fj4QxGcKwy9%2FR7qDuxzWewW%2FAHUzJVgt0Q0MF1E96Vxro3vBHvlq0ZnJMwx7L2NR9QEKT4ob6MH4O"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8221482e2f784bc3-BUF

GET
H2 200 1193448951 Show response
ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000301697/ 3 KB
1 KB 117ms
51ms XHR
application/json 34.111.194.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000301697/1193448951?client=js_sdk&client_version=1.5.9&orig_url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&base_url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.105%20Safari%2F537.36
Requested by: Host: cdn.bc0a.com
URL: https://cdn.bc0a.com/autopilot/f00000000301697/autopilot_sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.194.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 12.194.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: 1d4a08d74abcdb5205911dbbc29275caab3a4dcd2cfed400323fb53c13e3f42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-be-pop: IAD-1-602
date: Mon, 06 Nov 2023 23:57:53 GMT
content-encoding: br
via: 1.1 google
server: bws/1.0
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/ 10 KB
4 KB 105ms
105ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/json?hs_static_app=forms-embed&hs_static_app_version=1.4100&X-HubSpot-Static-App-Info=forms-embed-1.4100

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92225558bc920bbbab27169556f1c7d0ee887026c1c00234fe6c3f7d7ec8613a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 72e4d017-87e3-4864-99c5-eb037d7e588c
content-encoding: br
x-envoy-upstream-service-time: 26
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 72e4d017-87e3-4864-99c5-eb037d7e588c
server: cloudflare
x-trace: 2BB6D4BA01961ABFDB00E93A0D28086ED120F769F5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-rwf2n
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ub0Sap3%2ByEznXeS4iF2eCwN9tM6nZGF63oMHoGo1z9E1YKLozyeP9qdXm2GeTcsiZWjjzXyTfUcK%2F7LQSokT1O5Jy22MleOX%2BgHPALokkuUJYX6zIIBqpudRtlhGHv4xr7dcMb7G6V2fEc7"}],"group":"cf-nel","max_age":604800}
cf-ray: 822148359fc14bc3-BUF
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 83 KB
24 KB 112ms
39ms Script
application/javascript 2606:4700::6811:f9a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f9a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14289833de1c5b8da19bf0aa86278185dfdbb3113baca8b658fa0ee8a563dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: wH3z2hXmzY083mmKsKR.rBDdNfo.ct1e
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e8c01eed-aa39-49df-9a99-77048c4ca529
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14670/bundles/project.js&cfRay=821f2a8bee68c3f8-EWR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
age: 62
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e8c01eed-aa39-49df-9a99-77048c4ca529
last-modified: Mon, 06 Nov 2023 17:38:05 UTC
server: cloudflare
etag: W/"16a6c607eb7d2279e56c6ae6291e6de2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-sgzbx
cf-ray: 82214836098f4bd2-BUF
x-amz-cf-id: Z6FvuLa5VRgb3htbHiguqfcPRdADQTulAdbYS8YwVzqoNPNzoWP4Ig==
x-hs-target-asset: conversations-embed/static-1.14670/bundles/project.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 77 KB
23 KB 121ms
44ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1792bc5e743bd0ac0fd96fbb6009f36867ffc40ee02f99b87b142a5720e59894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 402
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.670/bundles/project.js&cfRay=82213e642bbd4bbb-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"42b57e1143f6aa475fdeb427c59693f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.670/bundles/project.js
date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: m.Nbb3nZrFYCpU.uAzEgjZqcTWnoEvq6
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 37455d89-3d55-412f-abbe-388fda3fbbe8
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 37455d89-3d55-412f-abbe-388fda3fbbe8
last-modified: Mon, 06 Nov 2023 15:34:56 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLGDXdaGLiRZl3ApcbD4sH%2FVqgVXLqmE4YDTx%2Bjuin6xo2ifO06rTpnj7Tmp1vMrXVfTQcPFoC4keV8aDnq6bhagX5Al3wzF527MlgMZ3HkVWnbLZNWDa%2BV6QBqTDDB1OUxR2imcZg4i8eOn"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hjsqm
cf-ray: 822148361f074bd5-BUF
x-amz-cf-id: 3cbO-PzojSLAUgISaDI85tb2rLdqwdzRD3KkDH-sS2LHrnMGFB2gfA==

GET
H2 200 2617658.js Show response
js.hs-banner.com/ 63 KB
16 KB 111ms
38ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236076d0bd9a24fa200c53a2d05ad373c9ccf773e00108d4990c012eaf1834a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: ByyqQ2GMnlBXcHClLEKwSVvoixkB2Bfs
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3M9BNBSTD59WSYR3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: c2ffdc45-e6f1-48b5-975b-3ad468477242
age: 62
x-envoy-upstream-service-time: 15
x-amz-id-2: tSK0yDcxXtrRHOAOK7zAdHmU2zZuVGPVsQug6PK6KPiLoImG0LVp1lkvrUObhV62/ypqFU7q5rY=
x-evy-trace-listener: listener_https
x-request-id: c2ffdc45-e6f1-48b5-975b-3ad468477242
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 28 Oct 2023 23:34:17 GMT
server: cloudflare
etag: W/"dd5bc95a7240f18058d804c8ad7d1b58"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-gcx66
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 82214836098e4bd2-BUF
expires: Tue, 07 Nov 2023 00:01:58 GMT

GET
H2 200 2617658.js Show response
js.hs-analytics.net/analytics/1699314900000/ 66 KB
21 KB 115ms
43ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1699314900000/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df389062e7b71d6554dac955a86cfa1964427a28c91cc50ca645785da0dfbc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: E6B0YK6KD26ARR7J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b955429e-7a3b-474a-9fb5-4de8d546412f
age: 133
x-envoy-upstream-service-time: 18
x-amz-id-2: LtY9JCzKiLj7xgAn+CxSKvHpAoo1yYRrtQursNV5lmeimGkh/qoNWUX768T/k+wL/ZbOJ0lPliE=
x-evy-trace-listener: listener_https
x-request-id: b955429e-7a3b-474a-9fb5-4de8d546412f
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 28 Oct 2023 23:34:18 GMT
server: cloudflare
etag: W/"83459b75d46aeb25cb551d5c7b11ef2e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-gcx66
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 822148360a7f4bc1-BUF
expires: Tue, 07 Nov 2023 00:00:47 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 118ms
39ms Script
application/javascript 2606:4700::6811:e7a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e7a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 01f28eee-1646-4c59-96ce-7d55e1d92e82
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=81cb8099ea756aca-EWR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
age: 169
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 01f28eee-1646-4c59-96ce-7d55e1d92e82
last-modified: Fri, 27 Oct 2023 13:56:49 UTC
server: cloudflare
etag: W/"14edbc97b72939e54b0993394190ecf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
cf-ray: 822148361f0a4bd5-BUF
x-amz-cf-id: NZx6NClCNSBtP2sWnpckO1rfAhPul4sRVqUYlIUyuAkI665naJLEsQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.494/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 109ms
38ms Script
application/javascript 2606:4700::6811:5b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Origin: https://www.uptycs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 402
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=81f681807a0b4bbb-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7864f8fd485be672e98358eb894b6fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.433/bundles/project.js
date: Mon, 06 Nov 2023 23:58:00 GMT
x-amz-version-id: XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e0b2c3bf-9027-40dd-bb8b-b0e6c873ac95
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-request-id: e0b2c3bf-9027-40dd-bb8b-b0e6c873ac95
last-modified: Mon, 23 Oct 2023 13:11:34 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-27cn8
cf-ray: 822148360a284bc9-BUF
x-amz-cf-id: YPSAWFpc8XxAxL1ALd3cfgcNRE2wF41qQ015hfiHZZTM7Sab5pnAxA==

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
424 B 126ms
125ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2617658&callback=jsonpHandler

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2ad5aadb-da3c-4a33-81ea-ac4c4bda758b
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=822148359edf4bcc&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 2ad5aadb-da3c-4a33-81ea-ac4c4bda758b
server: cloudflare
x-trace: 2B47E2183A28A6E308A821BC1D82E7C664EDCCA9D9000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 822148359edf4bcc-BUF

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 3 KB
2 KB 89ms
80ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&pageId=11761744813&pid=2617658&sv=cta-embed-js-static-1.226&rdy=1&cos=1&df=t&pg=c2014fad-3939-42c5-a213-64a022998850

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4adc1c67f21a4b1f0ec28d20d4a991bb4db6cce7ecd1fd979331c1b46e85d1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a3d67fea-2dfc-4aac-9836-e761566c219a
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3d67fea-2dfc-4aac-9836-e761566c219a
server: cloudflare
x-trace: 2B97E9B2C5347662BA7738D249359D96144FA777AB000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-swd7n
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVSahYqsqi8Cd9icW1zILQ0KwEvCUUUEMk49mDNl5bTnmtahoBbaHhoLbfPQPtlfnDS43nneGny3jKEhyA1AO2uKyWkjUCQ2Ymjlw%2BHL7wGVgtFxBZm89iMo2PKdWNX85scoGsNW4TQ%2F%2BfHSXRQCJs3SWfDCczmt0HY%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 82214835bee04bcc-BUF

GET
H3 200 cta-loaded.js Show response
www.uptycs.com/hs/cta/ctas/v2/public/cs/ 0
1 KB 97ms
97ms Script
application/javascript 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2617658&pg=c2014fad-3939-42c5-a213-64a022998850&lt=1699315079318&dt=1699315079328&at=1699315080668&an=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-origin-hublet: na1
date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7e5e1f67-3b54-4a0b-b55c-3f8a8b3e1d1f
x-envoy-upstream-service-time: 17
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7e5e1f67-3b54-4a0b-b55c-3f8a8b3e1d1f
last-modified: Mon, 06 Nov 2023 23:58:00 GMT
server: cloudflare
x-trace: 2B0B3BD49A0368ABF83790CF6000CEF773EC8B6C45000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imytJAKFDqRwrr9NUhdJGaGajhZe9Q%2FPhKKD9TaFmPKcawHus0UlTUxnF1%2FLjTjPHYCgEK3aip6sW34bXv96IkTPCOZEspviuFnE2dyTLzuUMYcKvutX%2F8bU8LIidrOXKD31%2FcPrE3IPR2AO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-w68n2
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
cf-ray: 822148363fc94bc3-BUF
x-robots-tag: noindex, follow

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 153ms
81ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:58:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 07e7ebe0-1b28-497b-9386-dba29eaea9ec
x-envoy-upstream-service-time: 14
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 07e7ebe0-1b28-497b-9386-dba29eaea9ec
Last-Modified: Mon, 06 Nov 2023 23:58:00 GMT
Server: cloudflare
X-Trace: 2B4344D5C9AE0B46329ECE0068A48A6A4047EE0F87000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-r55k7
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 82214836aa8c4bc1-BUF

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 144ms
72ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:58:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 8fd2c2f2-37cc-4036-8500-2dcd3c704fd2
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8fd2c2f2-37cc-4036-8500-2dcd3c704fd2
Last-Modified: Mon, 06 Nov 2023 23:58:00 GMT
Server: cloudflare
X-Trace: 2B3356B301F8791CEFA3FAF9753D2B4D745D76DF45000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 82214836aa8d4bc1-BUF

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 136ms
66ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:58:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 0317f13b-a7ae-480d-b2d1-977a59925349
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0317f13b-a7ae-480d-b2d1-977a59925349
Server: cloudflare
X-Trace: 2B0BF384254C1B161E20E458ADAA2A805002FC0E37000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-x2zdh
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 82214836cf124bd5-BUF

GET
H2 200 Submit_arrow.svg
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/ 270 B
1 KB 126ms
59ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/Submit_arrow.svg
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1698436955344/Uptycs_Theme_2023/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
age: 402
x-amz-request-id: SAKSC3C8MC5MXCYS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"d86c78f19be3b56354776168464f274a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678357972000
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:58:00 GMT
via: 1.1 10f978be0e76903f65b35bee6581c310.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: jMw4TxEmyrDKjLRp3HsQf.dOAbMI9oJK
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: bUVHpyi6rU0ow+8LQUayjzOo1LOe/xwdntF7kjqjUSKSQLsC2R2tD0N+Rv50JtHzqXiyOFSYMbM=
last-modified: Thu, 09 Mar 2023 10:32:53 GMT
server: cloudflare
cf-ray: 822148370cb64bc6-BUF
x-amz-cf-id: qFmP8Tvf2XTsNE66lbjGQfPzUuPhHlOXa9qogArLHMafW2lkmwNDEA==

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1016 B 144ms
76ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:58:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 3bb01607-17e2-4936-8a4d-2a19e8ce297c
x-envoy-upstream-service-time: 10
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3bb01607-17e2-4936-8a4d-2a19e8ce297c
Server: cloudflare
X-Trace: 2B03A08CB5E697E6D2715D2B2A24999FA63824BFA9000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-97dlb
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 822148371f184bd5-BUF

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
150 B 105ms
39ms XHR
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://www.uptycs.com
date: Mon, 06 Nov 2023 23:58:00 GMT
server: cloudflare
cf-ray: 822148371dad4bc7-BUF
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H3 200 widget Show response
www.uptycs.com/_hcms/livechat/ 302 B
1 KB 159ms
159ms XHR
application/json 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/livechat/widget?portalId=2617658&conversations-embed=static-1.14670&mobile=false&messagesUtk=27842497625f464e8d85d372bc200e5b&traceId=27842497625f464e8d85d372bc200e5b

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e09edb0f802bf7fb78bf2eed58fed8ef48d4660da25a229a8ef36c47092859

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
X-HubSpot-Messages-Uri: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 33dfa9ba-c492-45d0-ba5b-aeb66f98cd1f
x-envoy-upstream-service-time: 36
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 33dfa9ba-c492-45d0-ba5b-aeb66f98cd1f
server: cloudflare
x-trace: 2B99247980BE42CFF5D3E93B07CD986DED027E1D29000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-kz7hh
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db9qkNCIB0DL4edzedTa0Hu44RqTVtPtYaHO1szBTVaFiXqk57w65H2eElF6KENqwJW2SX8sxmJq%2B39P1aLk%2Bceh6i2Aixetmc8XRwyqr9JaMoYG2m9L5BzJRu%2BKgKgo9%2BMcZVST%2B44HHuUD"}],"group":"cf-nel","max_age":604800}
cf-ray: 82214836bfcd4bc3-BUF
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
435 B 73ms
72ms XHR
application/json 2606:4700::6811:5b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2617658&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cea735b9-0c9d-489f-a2e4-a4640c11db10
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cea735b9-0c9d-489f-a2e4-a4640c11db10
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-95l7k
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 82214836fa314bc9-BUF

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 2 KB
2 KB 155ms
155ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2617658&currentUrl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&contentId=11761744813

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a302918b47dbdf1d33f0cb9eb4cb49f6334efd03c25d66976163758b10aa8645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 84b61e43-4208-4186-8bca-da37226d5ac3
content-encoding: br
x-envoy-upstream-service-time: 88
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 84b61e43-4208-4186-8bca-da37226d5ac3
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itaEGO43S6yjtQi1Tircd4owFD983L4qC%2BBHIMwpxWaXKZlMrpnmi7lep17ZRpQymlvufLlAhguCZxbvCA6xFlnPhJHDsTB%2BzGMFvKJlGCtQjXUWl1Xpa%2FBQI49YZpRW7vwt5qKktUbzRr4GzVNCQnDNvvMEjtDaSt0%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 822148370f174bd5-BUF
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-97gbm

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 103ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Nov 2023 22:19:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 Nov 2023 00:19:43 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 195ms
122ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2617658

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e880329d35a31b2a246d67f2c2cb7cd72b18292a9ae4bd785915efbdb44ff91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1b214c85-2380-46b7-b996-bb022fee2f67
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1b214c85-2380-46b7-b996-bb022fee2f67
server: cloudflare
x-trace: 2B0F9E6632ECAD136C4ED4BA00A267832C480EE67F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-w2bb7
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOhmgUlg1h8iyXHJ%2FdLCnLRr5MSD1BiddIRdbaDmRsM%2F0H%2BcTB4KI%2BayANzGK0e%2Bmk%2FqmIoUD9VYRHIlsj8cXYQSu8Xxqpsyo1T4RdWT5o0SskMGDR6oiGzLzRLlon845rlqbPVueAVhNRx8"}],"group":"cf-nel","max_age":604800}
cf-ray: 82214837ca404bcd-BUF
access-control-allow-headers: *

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 105ms
66ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: aa490203-297a-4945-b9c7-78c286f86320
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: aa490203-297a-4945-b9c7-78c286f86320
server: cloudflare
x-trace: 2B36CDD3C5AE467A9D4C2ADD181E584D5405AD9DD5000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-t2vvv
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 82214837befa4bcc-BUF

GET
H2 200 hs-web-interactive-2617658-143118818126 Show response
2617658.hs-sites.com/ Frame 2F13 26 KB
7 KB 308ms
229ms Document
text/html 2606:4700::6811:ae5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b4881310dc147ec4f036dc348defb7dbe08fa8e712bc628b98fdaffd0a19ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10,max-age=5
cache-tag: CT-143118818126,P-2617658,PGS-ALL,SW-0
cf-cache-status: EXPIRED
cf-ray: 8221483889dd4bd8-BUF
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Mon, 06 Nov 2023 23:58:01 GMT
edge-cache-tag: CT-143118818126,P-2617658,PGS-ALL,SW-0
last-modified: Mon, 06 Nov 2023 23:56:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 104
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-hs-sites-td/envoy-proxy-587cb47bf-h4k4d
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-10s
x-hs-content-id: 143118818126
x-hs-hub-id: 2617658
x-hubspot-correlation-id: 28e79fc2-c415-4de8-9a64-139e0d611789
x-request-id: 28e79fc2-c415-4de8-9a64-139e0d611789
x-robots-tag: none
x-trace: 2B3EA075BFC95EA21DBD8B1AAC222668218112E20A000000000000000000

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 156ms
79ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Mon, 06 Nov 2023 23:58:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: a5be05fe-fc62-4061-96e7-5d75d83f9557
x-envoy-upstream-service-time: 13
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a5be05fe-fc62-4061-96e7-5d75d83f9557
Last-Modified: Mon, 06 Nov 2023 23:58:01 GMT
Server: cloudflare
X-Trace: 2BDD3D115D9EAA423DE39B5CBFCBBD69AB528480A7000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 822148388f4c4bcc-BUF

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 41ms
41ms XHR
text/plain 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1900712720&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&ul=en-us&de=UTF-8&dt=Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=498325018&gjid=1048790180&cid=275401487.1699315081&tid=UA-117543321-1&_gid=1773105530.1699315081&_r=1&_slc=1&z=467817189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 112ms
39ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-117543321-1&cid=275401487.1699315081&jid=498325018&gjid=1048790180&_gid=1773105530.1699315081&_u=IEBAAEAAAAAAACAAI~&z=1758417559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Nov 2023 23:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 120ms
50ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-806815567

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

735241e12cbf86569b65a574f21c259512a9a2373d4d7c08c4cfc87ee453bae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75190
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:24:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 23:58:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 112ms
45ms Image
image/gif 2607:f8b0:4004:c09::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-117543321-1&cid=275401487.1699315081&jid=498325018&_u=IEBAAEAAAAAAACAAI~&z=689517310

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/806815567/ 2 KB
2 KB 116ms
46ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/806815567/?random=1699315081254&cv=11&fst=1699315081254&bg=ffffff&guid=ON&async=1&gtm=45be3b60v9103991276&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&hn=www.googleadservices.com&frm=0&tiba=Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=61262733.1699315081&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-806815567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9d428faab91c6e82275664ed0d30d11ca18d487460422ad26965d465351c54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 module_-53649664999_Button_interactive.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-53649664999/1699304531668/ Frame 2F13 114 B
1 KB 115ms
46ms Stylesheet
text/css 2606:4700::6810:6cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-53649664999/1699304531668/module_-53649664999_Button_interactive.min.css
Requested by: Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b94925cc30a38d4cff4893ce00128a1314eeeee9fa06ffb2d3650a5077050ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2617658.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
age: 9347
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"be7a4b154e718de7dee2ae186bac4fb8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699304531668
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:58:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 99f5b355-3729-4049-a55e-74b3b5237efb
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 171
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 99f5b355-3729-4049-a55e-74b3b5237efb
last-modified: Mon, 06 Nov 2023 21:02:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw8p0FrT9lRKoNtlwRUCD%2B2KmBquMBWWmaz3AttcfY2bupAMEj0Csq1gv9xbGU076005LBWYT77ijPwk32j%2F5fr2AUtrMZ0Dqu%2BdCEHHQA2H%2BzPt7mqRuofltw6YtO8oar%2Fl0iUWBHFMtYSvPJI%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-5745477c8b-fc8qf
cf-ray: 8221483a79ec4bd8-BUF

GET
H2 200 web-interactives-container.js Show response
js.hubspot.com/ Frame 2F13 26 KB
9 KB 60ms
59ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-container.js

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7923920bfd91508a3204881f312848ee362b0b94730a9688addf63319ddb22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2617658.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-container/static-2.670/bundles/project.js&cfRay=821e6812f8056ac8-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"e41f306d205764e09a7c9157e5418925"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-container/static-2.670/bundles/project.js
date: Mon, 06 Nov 2023 23:58:01 GMT
x-amz-version-id: O4H3NtYz6cYXAj2ZmmmEmiuNrYIeGt8c
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e4dcec9c-ebda-42f4-bb44-9a5a38192dfd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-container-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: e4dcec9c-ebda-42f4-bb44-9a5a38192dfd
last-modified: Mon, 06 Nov 2023 15:34:56 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSvgUVhWXeBmEdePUb1BxbjJS72sHHiH9Zcxc4KyMXOe6ZCJQ1gCAgvApaV2bwU2r2ewnRg9fq3JSzfcZr3XXsLxaV04ln%2FjG9i4rnxOOjHWNFBtvgXIQkiN6X%2Fj%2Fv8TPWFTGPc670mSuM4F"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-mqbv2
cf-ray: 8221483a0f6d4bcc-BUF
x-amz-cf-id: bwz0yl-MRiEmCneGwNVCYXarkF9yjET7yICLGKhaZ3fRB6x6EEujhQ==

GET
H3 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ Frame 2F13 14 KB
6 KB 41ms
40ms Script
application/javascript 2606:4700::6811:c060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2617658.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 1400daf58929007edfec4f92e9b3dde8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BOS50-P4
age: 770585
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy8soSMxOgFk056hEFO5YDdTIDnDGIP4PisCxRFl2EgqgYz5VxoNhwUcdtc163QpJwUdTIs1II7EBTYVBs2Hlz5ikFl%2BZJ4ekFxZ3pXPE6lfNMDJVD7Q%2Br%2FTxS6BQaCSb1okNtrwgCPGDZif4qPxjAwp0Cs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8221483a6cdf4bc6-BUF
x-amz-cf-id: OZRhBlC_DF-6JXprZLMdoFRqgjVWffm5CbPIhhYqLCDeLVgoZ-QbOw==
expires: Tue, 05 Nov 2024 23:58:01 GMT

GET
H2 200 project.js Show response
static.hsappstatic.net/cos-i18n/static-1.53/bundles/ Frame 2F13 1 KB
1 KB 40ms
39ms Script
application/javascript 2606:4700::6811:c060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2617658.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
via: 1.1 3f6eb9ff07d4d2f572d4e8e6fb935a36.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C3
age: 750063
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ0K4Jv0YnGtU8HIonhM53oZ3krBxN4mevNqMogpfvfwfGa63pORnrXji38hw2BE3CHxlYt3oP1S5BFnEE1Ca2MicHSSzWlRk0zrrWNPkR5uJ2trUP41%2BxxL%2Fl4x%2FsXniOVvc6tfW%2B9Bnfk9Co4ODjZptJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8221483a086d6aee-BUF
x-amz-cf-id: T-8se9MzlYg-UP0MDWsGtXGLZP6z3fV5nliSL_s5p9ctc-OO7I_qCA==
expires: Tue, 05 Nov 2024 23:58:01 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/806815567/ 42 B
154 B 52ms
51ms Image
image/gif 2607:f8b0:4004:c09::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/806815567/?random=1699315081254&cv=11&fst=1699311600000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v9103991276&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&frm=0&tiba=Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZtyRkRydlZhl6e2RAT6UhY5an785YQ&random=1051450253&rmt_tld=0&ipr=y

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 600.woff2
2617658.hs-sites.com/_hcms/googlefonts/Sora/ Frame 2F13 16 KB
16 KB 52ms
51ms Font
font/woff2 2606:4700::6811:ae5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2617658.hs-sites.com/_hcms/googlefonts/Sora/600.woff2

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2703ec771af750de243cb11fd7194ba36b307ae4742528926e619c67ebcfe531

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126
Origin: https://2617658.hs-sites.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 20 Nov 2023 23:58:01 GMT
date: Mon, 06 Nov 2023 23:58:01 GMT
via: 1.1 70853fab189cfb8c99abfcbca0e10266.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 402
x-amz-cf-pop: YTO50-C2
x-amz-server-side-encryption: AES256
x-amz-request-id: FVB89XTZ5MGS4QVE
x-cache: RefreshHit from cloudfront
x-amz-version-id: wPR3775H0pW44N18Na.eXLrHLMRFUtPv
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 16244
x-amz-id-2: nEJyRZoyXqFkf1Y0d9tgw1X/uPVH+ApaFMuOhC98IpBfuN/QQqMsK/MAepB+NcnZw4fjt3gsRjM=
last-modified: Tue, 17 Jan 2023 19:36:20 GMT
server: cloudflare
etag: "899be0f6496a98f2b6fc31255813d1dd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8221483ac9f04bd8-BUF
x-amz-cf-id: B21UprXzfO_Q5JUtDh2fmHl4tJFG-655yxBVrM49GJ4CfsoVQms1RA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 regular.woff2
2617658.hs-sites.com/_hcms/googlefonts/Sora/ Frame 2F13 16 KB
16 KB 53ms
52ms Font
font/woff2 2606:4700::6811:ae5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2617658.hs-sites.com/_hcms/googlefonts/Sora/regular.woff2

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff593959af1591876c41ed15a7dffb1c56b9aa38311658b1f9ede97784286918

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126
Origin: https://2617658.hs-sites.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 20 Nov 2023 23:58:01 GMT
date: Mon, 06 Nov 2023 23:58:01 GMT
via: 1.1 fa233eda5c1020134ebe64d4b888f816.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 402
x-amz-cf-pop: YTO50-C2
x-amz-server-side-encryption: AES256
x-amz-request-id: F2FV91B7G0PKAMH8
x-cache: RefreshHit from cloudfront
x-amz-version-id: e.sWEgjcWFtH7tSC.hoqN.YPMiNTzTqN
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 15904
x-amz-id-2: pq3jNVxW7/tjZgZRuXSEjut14WIJzr4ihRNR5Js8u1tN2NWAILMvu/nU+dtqCjNtax7+u7m0eT5L8vZ10vfEnBFeQ2FiVXxe
last-modified: Tue, 17 Jan 2023 19:36:18 GMT
server: cloudflare
etag: "bc0dd77923c2c49e406cbac9ccfd0579"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8221483ac9f14bd8-BUF
x-amz-cf-id: Eszx5ukbk1eK--Na2FIh1eqRtjJdjsQ0jsfnRxeEyjY2i7qXnFmVaw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 500.woff2
2617658.hs-sites.com/_hcms/googlefonts/Sora/ Frame 2F13 16 KB
16 KB 53ms
53ms Font
font/woff2 2606:4700::6811:ae5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2617658.hs-sites.com/_hcms/googlefonts/Sora/500.woff2

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

905b4438bb7528abecd295eaf67aa8df47913ce0c539c75671d1292bcf06ca4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126
Origin: https://2617658.hs-sites.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 20 Nov 2023 23:58:01 GMT
date: Mon, 06 Nov 2023 23:58:01 GMT
via: 1.1 8087c23e2868fe888ce1d81522a0d9e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 402
x-amz-cf-pop: YTO50-C2
x-amz-server-side-encryption: AES256
x-amz-request-id: 3E5CCDW3MBTJNZG5
x-cache: RefreshHit from cloudfront
x-amz-version-id: biSERBl1P9fd3CDCAz4kg2G37jLRPm_Z
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 16240
x-amz-id-2: 39ccVCHw2ZXeEh4dxOi4ajMlVrgZkKtSHlTdytYoYiwfRXoR81V+320/Fq6g1E2iCna6oUE6lIk=
last-modified: Tue, 17 Jan 2023 19:36:23 GMT
server: cloudflare
etag: "abe9c20193d8dd0062c47b9b299b1c8c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8221483ad9f24bd8-BUF
x-amz-cf-id: -bWH415REXTXax1-LPDu2DFh8ogHqHkz-ADE-fNpCVY6erxFqlPD7A==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 Mockup_Buyers%20guide.png
www.uptycs.com/hubfs/ Frame 2F13 3 MB
3 MB 50ms
50ms Image
image/png 2606:2c40::c73c:671e
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hubfs/Mockup_Buyers%20guide.png

Requested by

Host: 2617658.hs-sites.com
URL: https://2617658.hs-sites.com/hs-web-interactive-2617658-143118818126

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5b3c5e718b5d8058dd9c099a93b068ea1ce3af678cbff86cf568d6ba6719f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2617658.hs-sites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-143766606156,P-2617658,FLS-ALL
age: 402
x-amz-request-id: X497A6C3YB4K01D5
x-amz-server-side-encryption: AES256
edge-cache-tag: F-143766606156,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "fcf74c57dfec5a0d6fcb8e6247181b60"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699041205590
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=3628800
via: 1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: coypJnNqOncRTW6R7SZVOY2Pq7dZF4nO
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
cf-polished: status=input_too_large
x-cache: RefreshHit from cloudfront
cache-tag: F-143766606156,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 2746986
x-amz-id-2: QyAnv/q9bxGa6yoPI9X2JmEvV0pH/wvEdso1tTJkO9ha+07geFUOH3wHJeB8bua6eMQD3r+9lyk=
last-modified: Fri, 03 Nov 2023 19:53:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT0ALGFk8Rr8FgWbbVtE76DhA8NwaT7AnZjHkuq5Wx9e4V%2B4LEIE15zAA8YT2U9nCr91XrQCg4hCJRYg%2FTezu%2FBOpPmGlPm8yMqzUf804GfHan%2BZY44Tz%2FmtCcv1MLG3GvQgJvxPFJf%2BwfDn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8221483adff74bc3-BUF
x-amz-cf-id: 2qFTbh6M6S_1R0Grn6xh_NUG80arz6MD4C3hq4s2CvrdeqAjudGsxA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
457 B 133ms
126ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3081353101&v=1.1&a=2617658&pi=11761744813&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cpi=11761744813&cgi=5593128451&lpi=11761744813&lvi=11761744813&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&t=Protect+Your+Cloud-Native+Applications+with+Osquery+EDR+Solutions&cts=1699315081744&vi=c7831e4cb4b7cb2d3770696d73806b79&nc=true&u=26386402.c7831e4cb4b7cb2d3770696d73806b79.1699315081740.1699315081740.1699315081740.1&b=26386402.1.1699315081740&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 201c4c52-1c9b-4e9a-ac0c-5442b19698ff
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 201c4c52-1c9b-4e9a-ac0c-5442b19698ff
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2AoDvHIxmDoENwwG4xYjpjYWbkvZp%2FR1tUuXv8Y0UsVU4LpVAgHJCFsfmLKqnPGDDYbGuepFU%2BY9vGVxZ6I48hPBTIP3kSsLeqzA%2BAitUivF3tb2EPwqvZiHgOW%2BEto4vlvZbxS0ziEneV953h0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-lsbhc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8221483d0fa84bcc-BUF
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
631 B 77ms
76ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 84a274ad-15ae-456a-992b-278f989d0c5b
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 84a274ad-15ae-456a-992b-278f989d0c5b
last-modified: Mon, 06 Nov 2023 23:58:01 GMT
server: cloudflare
x-trace: 2BC7B408A756F4FA2E485FE090D47FD47924BCACAD000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-xhvvh
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8221483cffa64bcc-BUF

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
693 B 91ms
84ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22c2014fad-3939-42c5-a213-64a022998850%22%2C%22813e4fe9-1fd6-4055-a52a-f7cdb6564837%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3081353101&v=1.1&a=2617658&pi=11761744813&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cpi=11761744813&cgi=5593128451&lpi=11761744813&lvi=11761744813&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&t=Protect+Your+Cloud-Native+Applications+with+Osquery+EDR+Solutions&cts=1699315081746&vi=c7831e4cb4b7cb2d3770696d73806b79&nc=true&u=26386402.c7831e4cb4b7cb2d3770696d73806b79.1699315081740.1699315081740.1699315081740.1&b=26386402.1.1699315081740&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c8e1e1c3-a4e1-44d4-8d84-3093cf18213b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c8e1e1c3-a4e1-44d4-8d84-3093cf18213b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdaiwiv2M%2FT4IQjPNSAp1CMvvzRQpI6QTizRfAA4%2FhT6vYDNRVYAUMIfZq%2FejQYCuqj5dvANAvDPCgldw%2Bw3mBDmdckXXC1IxFZVXPrwuHw7lQeIuTnDqfh2B64jiBxu6gPMKnnQNtvjhHQQZNW4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-h8hcb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8221483d0fa94bcc-BUF
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
459 B 101ms
99ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0492e7b1-c029-4110-8042-598f482d9802&fci=5ff1902f-b7f1-427e-bdca-73e57cb04a28&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3081353101&v=1.1&a=2617658&pi=11761744813&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cpi=11761744813&cgi=5593128451&lpi=11761744813&lvi=11761744813&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&t=Protect+Your+Cloud-Native+Applications+with+Osquery+EDR+Solutions&cts=1699315081748&vi=c7831e4cb4b7cb2d3770696d73806b79&nc=true&u=26386402.c7831e4cb4b7cb2d3770696d73806b79.1699315081740.1699315081740.1699315081740.1&b=26386402.1.1699315081740&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e08dee5c-90c1-4cfc-849d-369a370e3123
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 16
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e08dee5c-90c1-4cfc-849d-369a370e3123
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpwfHL%2FdWjuidGMuC8%2BuUYaXEVsz3b946OsIjNXO4ckf4VR1%2F2i935yPdO7A89ow57Mt2Iye6DOjmksRtRJDRDUnZgJ%2BuMSudP%2FEhVhWOfLWHlhrCfWa34BoO0PioRdXlvWSnI%2BevGHZ3g9m8ofi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-sf6pl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8221483d0fa74bcc-BUF
x-robots-tag: none

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
630 B 85ms
84ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6618b544-a1ac-4bd6-83ee-57a882ea6a89
x-envoy-upstream-service-time: 14
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6618b544-a1ac-4bd6-83ee-57a882ea6a89
last-modified: Mon, 06 Nov 2023 23:58:01 GMT
server: cloudflare
x-trace: 2B0DA1C4BB060A21E359D52B0CC0401150A131480F000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-w68n2
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8221483d4fad4bcc-BUF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
85 KB 50ms
49ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd34665802ccb739b847816050eea144f63bdb64efc02471d3ca9f604340dce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87046
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:24:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Nov 2023 23:58:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
98 KB 56ms
55ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7a2c143b29d02519cef4b041260f24293c804c2ed1c6b6e7bc487c97f4cc541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Nov 2023 23:58:04 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 60 KB
16 KB 164ms
38ms Script
application/javascript 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-41.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 19:14:48 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "652edd28-f1f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 16484
expires: Mon, 06 Nov 2023 23:58:04 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 132ms
47ms Script
application/javascript 2600:141b:f000:1e::1737:f34d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1e::1737:f34d Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2126d13951d660b735a803ddd2572268e66210fa2a60a1be6b56e9fca2d8fb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Nov 2023 10:38:42 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3840

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 118ms
39ms Script
application/javascript 3.162.125.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-83.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9a144d016db30ba861af6f2464d3df7bd55240b2c1b9635d6e2527320ec81ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: E1WmCtCijJ51e17CdkS6A0kAshBxGSzY
content-encoding: gzip
via: 1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 13:13:22 GMT
last-modified: Thu, 19 Oct 2023 07:00:40 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P3
age: 38683
etag: W/"d08bc8c5ca973ebe8c18a64c74607654"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Gd2ROSIYgu4JN50LZoRDGke1u28q_jbxJ-ntgxl9qkoC0Q7xwE0WMw==

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 136ms
43ms Script
application/javascript 2600:9000:20e2:6e00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e2:6e00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 495532b0efe43a0c4d32da9e6929277e.cloudfront.net (CloudFront)
date: Mon, 06 Nov 2023 23:57:57 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: IAD79-C2
age: 8
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: tLcAwAo0ijjSJHV2nq1gcMziXvSA46rWQYJXc8IYPc-VziDcw3KvXQ==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 328ms
106ms Preflight 3.162.125.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-83.iad61.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: OACOBitevHcES6A=
date: Mon, 06 Nov 2023 23:58:04 GMT
vary: Access-Control-Request-Headers
via: 1.1 e28efd1a65ea5d8d42e5dac75c735524.cloudfront.net (CloudFront)
x-amz-cf-id: 9tzIKLb7KIETqjY4xep1ah2PKabHgsUTR4ufm3PBqzAmTx53JJtxkw==
x-amz-cf-pop: IAD61-P3
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 199 B
564 B 107ms
106ms Fetch
application/json 3.162.125.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-83.iad61.r.cloudfront.net
Software: / Express
Resource Hash: 6280d77afabfcad57a0e1aae1aecd91066ece6a053fe51076077c05b299166b5

Request headers

Content-Type: application/json
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
accept-language: en-US,en;q=0.9
Authorization: Bearer 5d799bfd871670447419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
visited_url: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
via: 1.1 e28efd1a65ea5d8d42e5dac75c735524.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
etag: W/"c7-T9U//axCvHCib87w+/x7bF9lTeU"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 199
apigw-requestid: OACOCiH-vHcESjQ=
x-amz-cf-id: u8c78f91_ASTmLfRbORsNH8wXE7Kdxi-Ij1Mnv5aQIIajVi-D7eWPg==

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 194ms
43ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FM1R8N7KP8&gtm=45je3b11v895835665z879163642&_p=1699315081045&_gaz=1&gcd=11l1l1l1l1&cid=275401487.1699315081&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1699315084&sct=1&seg=0&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&dt=Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions&en=page_view&_fv=1&_ss=1&tfd=5532
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 46ms
43ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FM1R8N7KP8&cid=275401487.1699315081&gtm=45je3b11v895835665z879163642&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 47ms
47ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1652008459&rv=3b11&u=AAAAAAAAAAAAACA&ut=Ag&h=Ag&gtm=45je3b11v895835665&ccid=95835665&cid=G-FM1R8N7KP8&l=G-FM1R8N7KP8.L2168.S64.B55.E62.I1692.EC5.TC27.HTC0~gtm.init.S0.V0.TS5ogtgasend.TI17.TE1.TS5ogtipmark.TI19.TE0.TS5ogtreferralexclusion.TI20.TE1.TS5ogtsessiontimeout.TI21.TE0.TS5ogt1pdatav2.TI22.TE0.TS5ccdgalast.TI23.TE0.TS5ccdautoredact.TI24.TE1.TS5ogteventcreate.TI25.TE0.TS5ogteventcreate.TI26.TE0.TS5ogteventcreate.TI27.TE0.TS5ogteventcreate.TI28.TE0.TS5ogteventcreate.TI29.TE0.TS5ogteventcreate.TI30.TE0.TS5ogteventcreate.TI31.TE0.TS5ccdconversionmarking.TI32.TE0.TS5ccdemvideo.TI33.TE0.TS5ccdemsitesearch.TI34.TE0.TS5ccdemscroll.TI35.TE0.TS5ccdempageview.TI36.TE0.TS5ccdemoutboundclick.TI37.TE0.TS5ccdemform.TI38.TE0.TS5ccdemdownload.TI39.TE0.TS5ccdgaregscope.TI40.TE1.TS5ogtgooglesignals.TI41.TE0.TS5setproductsettings.TI42.TE0.TS5ccdgafirst.TI43.TE0~*.S0.V0.TS5gct.TI14.TE0~gtm.dom.S0.V0.E7~gtm.load.S0.V0.E7~gtm.init_consent.S1.V0.E58~GA3364

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 34ms
34ms Script
application/x-javascript 2600:141b:f000:1e::1737:f34d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1e::1737:f34d Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=66308
accept-ranges: bytes
content-length: 3272

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 37ms
36ms XHR
text/html 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
308 B 167ms
35ms XHR
text/html 2600:141b:f000:37::1728:122b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:37::1728:122b Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6de15bae32e3187e6c5b433ed8832f35d17b006eecbe822679045b81a1f851d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Nov 2023 23:58:04 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2602:ffc8:2:104::15
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699315084480_388501803_17458434_21_778_31_88_219";dur=1
content-length: 19
expires: Mon, 06 Nov 2023 23:58:04 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 50ms
44ms Image
image/gif 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=b5d5cfbd-ec67-405a-8b41-3c6e6a1ce30d&session=32493dac-bb9e-4b46-8726-e5dce31661f6&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2006%20Nov%202023%2023%3A58%3A04%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Boost%20your%20security%20analytics%20with%20osquery.%20Download%20our%20ESG%20report%20for%20insights%20and%20solutions%20on%20osquery%20EDR.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&pageViewId=d3e6eb02-c970-4f90-8ae9-87437691191c&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-41.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 56ms
51ms Image
image/gif 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=b5d5cfbd-ec67-405a-8b41-3c6e6a1ce30d&session=32493dac-bb9e-4b46-8726-e5dce31661f6&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20Nov%202023%2023%3A58%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%227f8bd8662c3cd8304b53ece67c07c07c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20Nov%202023%2023%3A58%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2006%20Nov%202023%2023%3A58%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Boost%20your%20security%20analytics%20with%20osquery.%20Download%20our%20ESG%20report%20for%20insights%20and%20solutions%20on%20osquery%20EDR.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&pageViewId=d3e6eb02-c970-4f90-8ae9-87437691191c&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-41.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1699315084557%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true&e_ipv6...

0
491 B

162ms
73ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true&e_ipv6=AQLGWFrmj-n7dQAAAYunEm5Pr_NMPU6SB_B0y8c67-S-Ti_eGYSjVw5wCf3FB9cEDQfqYuY
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CA3ED1DBFBC54DFB95BFB2AE76A79D3B Ref B: YTO01EDGE0420 Ref C: 2023-11-06T23:58:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJhKABRa936TTEB/xY1g==

Redirect headers

date: Mon, 06 Nov 2023 23:58:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A167EB2A990A48218AC0B0D8D87298A0 Ref B: NYCEDGE1411 Ref C: 2023-11-06T23:58:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1699315084557&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&cookiesTest=true&liSync=true&e_ipv6=AQLGWFrmj-n7dQAAAYunEm5Pr_NMPU6SB_B0y8c67-S-Ti_eGYSjVw5wCf3FB9cEDQfqYuY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJhJ/+0WocxhWwMHT00g==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 43ms
43ms Image
image/gif 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=b5d5cfbd-ec67-405a-8b41-3c6e6a1ce30d&session=32493dac-bb9e-4b46-8726-e5dce31661f6&event=ipv6&q=%7B%22address%22%3A%222602%3Affc8%3A2%3A104%3A%3A15%22%7D&isIframe=false&m=%7B%22description%22%3A%22Boost%20your%20security%20analytics%20with%20osquery.%20Download%20our%20ESG%20report%20for%20insights%20and%20solutions%20on%20osquery%20EDR.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&pageViewId=d3e6eb02-c970-4f90-8ae9-87437691191c&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-41.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ Frame 0
0 727ms
617ms Preflight
text/html 2606:4700::6810:890f

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f -, , ASN (),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.uptycs.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82214850a9c36aee-BUF
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 23:58:05 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 86 KB
28 KB 269ms
159ms Script
application/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2977
x-guploader-uploadid: ABPtcPpk8Yke1rKgkfvtsej7x1FsGFgTeEPY8_UpYHNyw0o2jc2jXO4cFZ97CpsHRYbquOUuat8RKSUQ0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:05:05 GMT
server: cloudflare
etag: W/"bbabfd4493e8cf8aafea99a2f70825c0"
x-goog-hash: crc32c=4scEgA==, md5=u6v9RJPoz4qv6pmi9wglwA==
x-goog-generation: 1698923105172059
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 87554
cf-ray: 82214850ac574bc1-BUF
expires: Tue, 07 Nov 2023 00:08:28 GMT

GET /
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ 0
0

POST forms
ws.zoominfo.com/formcomplete-v2/ 0
0

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 611ms
610ms Preflight
text/html 2606:4700::6810:890f

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f -, , ASN (),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.uptycs.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8221485209ce6aee-BUF
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Nov 2023 23:58:05 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 46ms
46ms Image
image/gif 23.48.104.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=b5d5cfbd-ec67-405a-8b41-3c6e6a1ce30d&session=32493dac-bb9e-4b46-8726-e5dce31661f6&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2006%20Nov%202023%2023%3A58%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2006%20Nov%202023%2023%3A58%3A04%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Boost%20your%20security%20analytics%20with%20osquery.%20Download%20our%20ESG%20report%20for%20insights%20and%20solutions%20on%20osquery%20EDR.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Protect%20Your%20Cloud-Native%20Applications%20with%20Osquery%20EDR%20Solutions%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fosquery-security-use-cases-and-solutions&pageViewId=d3e6eb02-c970-4f90-8ae9-87437691191c&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.104.41 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-104-41.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.uptycs.com/blog/osquery-security-use-cases-and-solutions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 23:58:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Domain: ws.zoominfo.com
URL: https://ws.zoominfo.com/formcomplete-v2/forms

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.uptycs.com/	1970-01-20 16:01:56	Name: __cf_bm Value: 3WnJP.1QHEoVrToWZQ5TA.Wh4Fm.eF1FuYewQp4ssDc-1699315079-0-ARnsKqSKO0jgKcMyUSkaEWqdwqXLipCNloiTaAQgYyuGoChv+p6pWBsiM5R5a3xlXWbyZ4E4omsG52Bu0/03ROM=
.www.uptycs.com/	1969-12-31 23:59:59	Name: __cfruid Value: 27d1654a5b39ddfdeda05b32fc03d65cb1016f20-1699315079
.hubspot.com/	1970-01-20 16:01:56	Name: __cf_bm Value: qDB2XwondLAMzgLGcmnG5zg7zZbB7f.5fgT0DdB.uwo-1699315079-0-AZ6Ou1EsTwyF9oUJ94Y3gFawl82KfCPp6CjB3c7ILW8dtcPeZ5bRVqPhnQREVI3udV3itOqWNRHJ6uCA3FCgz3U=
.uptycs.com/	1970-01-20 16:03:21	Name: _gid Value: GA1.2.1773105530.1699315081
.uptycs.com/	1970-01-20 16:01:55	Name: _gat Value: 1
.uptycs.com/	1970-01-20 18:11:31	Name: _gcl_au Value: 1.1.61262733.1699315081
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: 43d809a95509e30d157433480d27dd035a8e9936-1699315081
.doubleclick.net/	1970-01-20 16:01:55	Name: test_cookie Value: CheckForPermission
.uptycs.com/	1970-01-20 20:21:07	Name: __hstc Value: 26386402.c7831e4cb4b7cb2d3770696d73806b79.1699315081740.1699315081740.1699315081740.1
.uptycs.com/	1970-01-20 20:21:07	Name: hubspotutk Value: c7831e4cb4b7cb2d3770696d73806b79
.uptycs.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.uptycs.com/	1970-01-20 16:01:56	Name: __hssc Value: 26386402.1.1699315081740
.uptycs.com/	1970-01-21 01:37:55	Name: _ga_FM1R8N7KP8 Value: GS1.1.1699315084.1.0.1699315084.60.0.0
.uptycs.com/	1970-01-21 01:37:55	Name: _ga Value: GA1.1.275401487.1699315081
www.uptycs.com/	1970-01-21 01:37:55	Name: _gd_visitor Value: b5d5cfbd-ec67-405a-8b41-3c6e6a1ce30d
www.uptycs.com/	1970-01-20 16:02:09	Name: _gd_session Value: 32493dac-bb9e-4b46-8726-e5dce31661f6
.6sc.co/	1970-01-21 01:37:55	Name: 6suuid Value: 29643017780d10008c7d4965d10100005f200c00
.linkedin.com/	1970-01-20 18:11:31	Name: li_sugr Value: 9279df3a-fed4-4191-a535-ace1f7966b1d
.linkedin.com/	1970-01-21 00:47:31	Name: bcookie Value: "v=2&24a55d84-8b38-46c5-8b4d-8bf30aaedc35"
.linkedin.com/	1970-01-20 16:03:21	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2796:u=1:x=1:i=1699315084:t=1699401484:v=2:sig=AQFEWdSmayFECTHkRpLqh6EXkLn66WYN"
.linkedin.com/	1970-01-20 16:45:07	Name: UserMatchHistory Value: AQIK9XMRK9uZwQAAAYunEm20ekDVqMK6qVwnZCruSROXDwX3ziYTwNc1ouwvhgSQA7w3IZWkN8COWw
.linkedin.com/	1970-01-20 16:45:07	Name: AnalyticsSyncHistory Value: AQI_afZFf5zE5QAAAYunEm20XyUAXo59iNgsRJiedlmA_0SBSoDUt2Zt3e8fPlCotPG9fPPjud0FZqfQr4fdcg
.www.uptycs.com/	1970-01-21 01:37:55	Name: _zitok Value: 569bca01d29a1831bdc61699315084
.www.linkedin.com/	1970-01-21 00:47:31	Name: bscookie Value: "v=1&20231106235804b5ff2383-9dc9-41ae-8851-068177ba9247AQGuBbhTLlYP0pYM8MzyMg5phnWYNa25"
.zoominfo.com/	1970-01-20 16:01:56	Name: __cf_bm Value: sRQW3IBJp93SEFnDfsPIsgFIPEoJbBThIKZRHEPTeFs-1699315085-0-AWrtEp+z5sy744o7fuJNB6NEhMtTT7GpU9mE3yhE/KfBo+/fBf8+Dp21yCL/LEsq+cENjaHcbfaEp4zKFnYcLlc=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: b7nIs5UWK7IPtzuT91EpbSJB642B8kgEgErniPHt1AM-1699315085017-0-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2617658.fs1.hubspotusercontent-na1.net
2617658.hs-sites.com
analytics.google.com
api.hubapi.com
app.hubspot.com
b.6sc.co
c.6sc.co
cdn.bc0a.com
cdn2.hubspot.net
cta-service-cms2.hubspot.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
ipv6.6sc.co
ixfd2-api.bc0a.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
js.zi-scripts.com
no-cache.hubspot.com
perf-na1.hsforms.com
perf.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
s7.addthis.com
snap.licdn.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.clickcease.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.uptycs.com
ws.zoominfo.com
104.70.53.43
13.107.42.14
2001:4860:4802:32::181
23.48.104.41
2600:141b:f000:1e::1737:f34d
2600:141b:f000:37::1728:122b
2600:9000:20e2:6e00:15:a0d3:77c0:93a1
2606:2c40::c73c:671e
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:9284
2606:4700::6810:4fba
2606:4700::6810:6cd1
2606:4700::6810:880f
2606:4700::6810:890f
2606:4700::6811:5b9a
2606:4700::6811:ae5d
2606:4700::6811:c060
2606:4700::6811:c8cc
2606:4700::6811:cff9
2606:4700::6811:e7a3
2606:4700::6811:eff9
2606:4700::6811:f9a8
2606:4700::6812:b07d
2606:4700::6813:9a53
2606:4700::6813:9b53
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::67
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1d::8a
2620:1ec:21::14
3.162.125.83
34.111.194.12
35.201.125.192
0b94925cc30a38d4cff4893ce00128a1314eeeee9fa06ffb2d3650a5077050ab
1024db20df71903f3bd673cc9e99ce16ea9dc5489260baa0647b88674937d75b
1792bc5e743bd0ac0fd96fbb6009f36867ffc40ee02f99b87b142a5720e59894
1d4a08d74abcdb5205911dbbc29275caab3a4dcd2cfed400323fb53c13e3f42d
1df389062e7b71d6554dac955a86cfa1964427a28c91cc50ca645785da0dfbc9
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
20b4881310dc147ec4f036dc348defb7dbe08fa8e712bc628b98fdaffd0a19ee
2126d13951d660b735a803ddd2572268e66210fa2a60a1be6b56e9fca2d8fb58
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
236076d0bd9a24fa200c53a2d05ad373c9ccf773e00108d4990c012eaf1834a8
2703ec771af750de243cb11fd7194ba36b307ae4742528926e619c67ebcfe531
2ac3dcb7a8d883749d08820847e38f01732c77235cc499049353cf8c45af9281
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
3fb0e4fbfcd0e207130cf63c0a62e053cefae5c035cd45e11a6a4564687624ad
4adc1c67f21a4b1f0ec28d20d4a991bb4db6cce7ecd1fd979331c1b46e85d1fc
4e7e810369b0d05a3bee736f59e54c346b55721b3ca79fd8daca2ea23833e044
4e880329d35a31b2a246d67f2c2cb7cd72b18292a9ae4bd785915efbdb44ff91
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5f2e5bb6af2eb313674c89cc3e597f66c850bd073d3b82f490274cd81f3965a9
5fb705aad1a8d05071ef426393265304bc6fa268a329d02fd6ddce1c5fd97aba
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6280d77afabfcad57a0e1aae1aecd91066ece6a053fe51076077c05b299166b5
62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6de15bae32e3187e6c5b433ed8832f35d17b006eecbe822679045b81a1f851d9
735241e12cbf86569b65a574f21c259512a9a2373d4d7c08c4cfc87ee453bae0
7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430
7add3f7be59c708bca440ba5cdbf5d5be9a3a79fa9587c4522afc049cd5cdd4b
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
905b4438bb7528abecd295eaf67aa8df47913ce0c539c75671d1292bcf06ca4b
90f5b4f24db45e3f791e9d8cfdd443e8426fec51ca65a5858ef63104437a837a
92225558bc920bbbab27169556f1c7d0ee887026c1c00234fe6c3f7d7ec8613a
92b6882a6f1f89eaea5cd62363f34180267d117487929efc8e050c20cacc5174
9789198eec3f8facee6487dc4d84a197d830a64361cf4267528aaa56ca2031a2
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e
a2761c3e991212a06e18cc1165e58a1a175d8d1bdf92c891438153e7637dd5de
a302918b47dbdf1d33f0cb9eb4cb49f6334efd03c25d66976163758b10aa8645
ab5b3c5e718b5d8058dd9c099a93b068ea1ce3af678cbff86cf568d6ba6719f9
aec0edd8a3392894c45f5198ed0d0fca6db9ccd08876ef5f46220036769b4172
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b14289833de1c5b8da19bf0aa86278185dfdbb3113baca8b658fa0ee8a563dba
b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61
b7a2c143b29d02519cef4b041260f24293c804c2ed1c6b6e7bc487c97f4cc541
b9d428faab91c6e82275664ed0d30d11ca18d487460422ad26965d465351c54a
c247f4f6de93c46c80e02486f424fe8688f0a7452bf075f3fc9c69787023af55
c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4
cc3a1deb7e3828d4af18bb095b0642db6df003ed68381d53c45ab45e0cd08451
cd34665802ccb739b847816050eea144f63bdb64efc02471d3ca9f604340dce4
d282efcc9f7210172e8a372a36517e7801ba66fbf47586ddb33594e901fc3e39
dbf73504c0e88814adb874bd7d2fd0b0eb54e70692e34038fcd82a76107e3acc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39b04223da4b61f9443127008257c7e245bb4567f8aea02b92c61f8f9ff8c18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6
e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa
e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f
e8e09edb0f802bf7fb78bf2eed58fed8ef48d4660da25a229a8ef36c47092859
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f7923920bfd91508a3204881f312848ee362b0b94730a9688addf63319ddb22c
f9a144d016db30ba861af6f2464d3df7bd55240b2c1b9635d6e2527320ec81ea
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1
ff593959af1591876c41ed15a7dffb1c56b9aa38311658b1f9ede97784286918

www.uptycs.com Open in urlscan Pro 2606:2c40::c73c:671e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

97 %HTTPS

82 %IPv6

25 Domains

42 Subdomains

34 IPs

1 Countries

3800 kBTransfer

5728 kBSize

26 Cookies

19 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uptycs.com Open in urlscan Pro
2606:2c40::c73c:671e Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

97 %
HTTPS

82 %
IPv6

25
Domains

42
Subdomains

34
IPs

1
Countries

3800 kB
Transfer

5728 kB
Size

26
Cookies

94 HTTP transactions
1 data transactions