cqureacademy.com Open in urlscan Pro
104.198.110.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjA...
Effective URL:
https://cqureacademy.com/blog/server-monitoring/sysmon
Submission: On February 17 via manual (February 17th 2020, 4:28:57 pm UTC) from US

Summary HTTP 150 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 25 domains to perform 150 HTTP transactions. The main IP is 104.198.110.226, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is cqureacademy.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on June 20th 2019. Valid for: a year.

This is the only time cqureacademy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
3	104.198.110.226 104.198.110.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
65	94.31.29.96 94.31.29.96	33438 (HIGHWINDS2) (HIGHWINDS2)
7	104.16.20.19 104.16.20.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2606:2800:133... 2606:2800:133:7403:4a68:7eff:710b:1ddf	15133 (EDGECAST) (EDGECAST)
1	2606:4700:303... 2606:4700:3035::6812:23a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.2 151.101.13.2	54113 (FASTLY) (FASTLY)
1	3.225.77.184 3.225.77.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:eb:... 2a02:26f0:eb:3a3::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.196.237.80 34.196.237.80	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
4 8	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
18	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:e400:a:6697:8180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	209.170.211.179 209.170.211.179	13649 (ASN-VINS) (ASN-VINS)
7	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
150	34

5 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.198.110.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 226.110.198.104.bc.googleusercontent.com

cqureacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net

4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.20.19 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:7403:4a68:7eff:710b:1ddf (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6812:23a2 (United States)

ASN13335 (CLOUDFLARENET, US)

load.fomo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.77.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-77-184.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3a3::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.237.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-237-80.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 4 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e400:a:6697:8180:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.getmoreproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.170.211.179 (Venice, United States)

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com

cqure.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	netdna-ssl.com 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	4 MB
25	sumo.com load.sumo.com sumo.com micro-cdn.sumo.com Failed	638 KB
10	facebook.com 4 redirects www.facebook.com graph.facebook.com api.facebook.com	3 KB
9	googleapis.com fonts.googleapis.com ajax.googleapis.com	142 KB
8	ontraport.com forms.ontraport.com optassets.ontraport.com app.ontraport.com cqure.ontraport.com	169 KB
5	google-analytics.com 2 redirects www.google-analytics.com	44 KB
5	linkedin.com 2 redirects platform.linkedin.com px.ads.linkedin.com www.linkedin.com	57 KB
5	google.com 2 redirects www.google.com	3 KB
4	facebook.net connect.facebook.net	204 KB
3	twitter.com platform.twitter.com analytics.twitter.com	30 KB
3	cqureacademy.com cqureacademy.com	27 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	102 KB
2	google.de www.google.de	956 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	908 B
2	youtube.com www.youtube.com	944 B
2	quora.com a.quora.com q.quora.com	14 KB
1	getmoreproof.com cdn.getmoreproof.com	2 KB
1	ytimg.com s.ytimg.com	10 KB
1	t.co t.co	448 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	reddit.com alb.reddit.com	212 B
1	fomo.com load.fomo.com	16 KB
1	onesignal.com cdn.onesignal.com	3 KB
150	25

	Domain	Requested by
65	4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com	cqureacademy.com 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
18	load.sumo.com	cqureacademy.com load.sumo.com
8	www.facebook.com	4 redirects cqureacademy.com connect.facebook.net
7	sumo.com	load.sumo.com
5	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com
5	ajax.googleapis.com	cqureacademy.com forms.ontraport.com
5	www.google.com	2 redirects cqureacademy.com www.gstatic.com
4	connect.facebook.net	cqureacademy.com www.google.com connect.facebook.net
4	forms.ontraport.com	cqureacademy.com forms.ontraport.com
4	fonts.googleapis.com	cqureacademy.com ajax.googleapis.com load.sumo.com
3	cqureacademy.com	www.google.com cqureacademy.com ajax.googleapis.com
2	www.google.de	cqureacademy.com
2	stats.g.doubleclick.net	2 redirects
2	www.linkedin.com	1 redirects load.sumo.com
2	px.ads.linkedin.com	1 redirects cqureacademy.com
2	www.youtube.com	cqureacademy.com www.googletagmanager.com
2	platform.twitter.com	cqureacademy.com platform.twitter.com
2	optassets.ontraport.com	cqureacademy.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	cqure.ontraport.com	optassets.ontraport.com
1	cdn.getmoreproof.com	cqureacademy.com
1	fonts.gstatic.com	ajax.googleapis.com
1	app.ontraport.com	forms.ontraport.com
1	s.ytimg.com	www.youtube.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.gstatic.com	www.google.com
1	t.co	cqureacademy.com
1	q.quora.com	cqureacademy.com
1	snap.licdn.com	www.google.com
1	static.ads-twitter.com	www.google.com
1	www.googletagmanager.com	cqureacademy.com
1	alb.reddit.com	cqureacademy.com
1	a.quora.com	cqureacademy.com
1	load.fomo.com	cqureacademy.com
1	platform.linkedin.com	cqureacademy.com
1	cdn.onesignal.com	cqureacademy.com
0	micro-cdn.sumo.com Failed
150	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
twitter.com
technet.microsoft.com
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
www.woanware.co.uk
telegram.me

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
cqureacademy.com GlobalSign Extended Validation CA - SHA256 - G3	`2019-06-20` - `2020-07-24`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-18` - `2020-02-27`	a year	crt.sh
*.ontraport.com Go Daddy Secure Certificate Authority - G2	`2019-10-23` - `2020-11-21`	a year	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2021-10-14`	2 years	crt.sh
sni149738.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-06` - `2020-08-14`	6 months	crt.sh
quora.com Let's Encrypt Authority X3	`2019-12-29` - `2020-03-28`	3 months	crt.sh
alb.reddit.com Amazon	`2019-05-20` - `2020-06-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-02-02` - `2020-05-02`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-02` - `2021-01-01`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-28`	a year	crt.sh
*.getmoreproof.com Amazon	`2018-01-22` - `2019-02-22`	a year	crt.sh
cqure.ontraport.com Let's Encrypt Authority X3	`2020-02-04` - `2020-05-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2019-11-21` - `2020-09-01`	9 months	crt.sh

This page contains 6 frames:

Primary Page: https://cqureacademy.com/blog/server-monitoring/sysmon
Frame ID: 32EAC80F23DAD918DEA850996E1C4C8C
Requests: 158 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8qDEbnofkos?rel=0&showinfo=0
Frame ID: F1315003FC747D6D8E7703F2149D60CA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fcqureacademy.com
Frame ID: 76B830AB179A8D61B939E196C016E49E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=aiv5khibn5w1
Frame ID: 6E39DCDB05E4DE185C8912F21A1CB2C8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550
Frame ID: 7DFB975273A73FEF5B6F79CDAEA0ED4F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6
Frame ID: 371382AA6E29066C4F9E21A204CB0683
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNn... Page URL
https://cqureacademy.com/blog/server-monitoring/sysmon Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Google Web Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /gws/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

150
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

38
Subdomains

34
IPs

6
Countries

6064 kB
Transfer

11614 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/CQURE/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CQUREAcademy

Search URL Search Domain Scan URL

URL: https://twitter.com/cqureacademy

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/pl-pl/sysinternals
Title: sysinternals.com

Search URL Search Domain Scan URL

URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/cqsysmonconfig.zip
Title: >> Download the CQSysmonConfig tool <<

Search URL Search Domain Scan URL

URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/cqsysmonconfig_for_schema_3.0.zip
Title: >> Download the CQSysmonConfig tool version 3.0 <<

Search URL Search Domain Scan URL

URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/cqsysmonhashextract.zip
Title: >> Download the CQSysmonHash tool <<

Search URL Search Domain Scan URL

URL: http://www.woanware.co.uk/forensics/virustotalchecker.html
Title: >> Download the Virustotal checker <<

Search URL Search Domain Scan URL

URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/cqsysmonnetanalyzer.zip
Title: >> Download the CQSysmonNetAnalyzer <<

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=CQURE+Academy%3A+setting+up+Sysmon&via=cqureacademy&related=cqureacademy&url=https://cqureacademy.com/blog/server-monitoring/sysmon
Title: CQURE Academy: setting up Sysmon

Search URL Search Domain Scan URL

URL: https://telegram.me/cqure
Title: Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md Page URL
https://cqureacademy.com/blog/server-monitoring/sysmon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D29329%26url%3Dhttps%253A%252F%252Fcqureacademy.com%252Fblog%252Fserver-monitoring%252Fsysmon%26time%3D1581956920268%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268&liSync=true

Request Chain 92

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1394566312&t=pageview&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Sysmon%3A%20how%20to%20set%20up%2C%20update%20and%20use%3F%20%7C%20CQURE%20Academy&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEALQ~&jid=930938136&gjid=1754017305&cid=1696303758.1581956920&tid=UA-80845917-1&_gid=1649266350.1581956920&_r=1&gtm=2wg2505BK3X4&z=1150758221 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_gid=1649266350.1581956920&gjid=1754017305&_v=j81&z=1150758221 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221&slf_rd=1&random=2138551702

Request Chain 121

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550

Request Chain 122

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6

Request Chain 161

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1394566312&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Sysmon%3A%20how%20to%20set%20up%2C%20update%20and%20use%3F%20%7C%20CQURE%20Academy&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=time&ea=no%20baunce%20rate&el=10s&_u=aGDACEALR~&jid=1062071248&gjid=241906344&cid=1070547604.1581956930&tid=UA-80845917-1&_gid=1754055836.1581956930&_r=1&gtm=2wg2505BK3X4&z=1402029966 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_gid=1754055836.1581956930&gjid=241906344&_v=j81&z=1402029966 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966&slf_rd=1&random=276598973

150 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 url Show response
www.google.com/ 972 B
1 KB 40ms
28ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

4247ca4589d8dff06d232dfd0e803a4843e1d954bd0773cc65f444bee33847f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Mon, 17 Feb 2020 16:28:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 485
x-xss-protection: 0
set-cookie: NID=198=sFKTqqRU4GJK6yCc8AhwVaT_Nshm0KhK_bXeSESUIzFzwEbsyY1o_urVlxtX_B0eGluey-OXzqBw_tcDWQko2hwmS_3Ta4xALlkYRuNK3r7NrB_RRsYmBWvPwCDZn8oxm-aYsu6ANmjpOC_3DfE8h-mQqLe9B-uXsDigX5vi-OU; expires=Tue, 18-Aug-2020 16:28:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=WP.283b32; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 Primary Request sysmon Show response
cqureacademy.com/blog/server-monitoring/ 91 KB
22 KB 682ms
173ms Document
text/html 104.198.110.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.110.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: d97cf2705367e6c1fde89bbcbba44cec9da5b1a7f3dc16133278fcdbc4b7f0dd

Request headers

:method: GET
:authority: cqureacademy.com
:scheme: https
:path: /blog/server-monitoring/sysmon
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://www.google.com/

Response headers

status: 200
server: nginx
date: Mon, 17 Feb 2020 16:28:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://cqureacademy.com/wp-json/>; rel="https://api.w.org/" <https://cqureacademy.com/?p=918>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-pass-why
x-cache-group: normal
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 1 KB
884 B 28ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 16:28:39 GMT
server: ESF
date: Mon, 17 Feb 2020 16:28:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 16:28:39 GMT

GET
H2 200 style.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 14 KB
3 KB 72ms
16ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.3.0
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e2210d6ac94a06c7a1f14dff4babd1971a6a45e0f8691e807d0df8c595a8137f

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f45-3989"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 styles.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css/ 3 KB
993 B 73ms
17ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/click-to-tweet-by-todaymade/assets/css/styles.css?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a7260c89998dba51ffa677ea4292848fa9a3d364b013cb5ed5808976b42e02ec

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Dec 2018 09:59:01 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5c0f8a65-cea"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 styles.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
893 B 73ms
17ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:32:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5d6e331c-695"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 editor-style-shared.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 414 B
495 B 74ms
18ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/editor-style-shared.css?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 96dfa580986db416a0669725412182121c477c7fd7a164bfe79ba17bfbcdb078

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:40 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d257c-19e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 woocommerce-layout.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 16 KB
2 KB 74ms
19ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-409e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 woocommerce.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 61 KB
9 KB 85ms
29ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 43cfd18499dc36719f7dd66b2b30aa62fbfc7dcd6861817d19a61c0a159c7403

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-f4af"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 style.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 336 KB
49 KB 91ms
36ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: abbd792e20f71ea64e99928b3b9eac8c4052f3c4cbf6841e819aedadf19dd777

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 07 Aug 2018 13:40:27 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5b69a14b-53e3d"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 style-gocloud.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/ 4 KB
1 KB 85ms
30ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style-gocloud.css?ver=24.04
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c06d3388152ecac303ec82b605cfa5768e404668e0fc92cb0f66d31025e1d832

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 02 Oct 2018 16:56:34 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5bb3a342-f71"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 moonrayJS-only-wp-forms.css
forms.ontraport.com/v2.4/include/scripts/moonrayJS/ 504 B
374 B 327ms
227ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/scripts/moonrayJS/moonrayJS-only-wp-forms.css?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc2dc58ccbe0c654faa36f6c86de15eb09b7b0e99820d1b2c4efa5c317d5f3b

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
x-op-benvironment: production
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
x-op-what: what
last-modified: Tue, 17 May 2016 19:03:18 GMT
server: cloudflare
etag: W/"573b6af6-1f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 566922bc8f80ce23-LHR
expires: Mon, 17 Feb 2020 16:30:39 GMT

GET
H2 200 /
forms.ontraport.com/v2.4/include/minify/ 9 KB
3 KB 143ms
43ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29af56b62112eef5e5b0547812f2b093b6a8db2be7bc31fa9a1ae634026f4c1a

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 160337
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Mon, 17 Sep 2018 23:58:42 GMT
server: cloudflare
etag: W/"pub1537228722;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 566922bc8f84ce23-LHR
expires: Mon, 17 Feb 2020 17:28:39 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness/ 32 KB
6 KB 19ms
6ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/smoothness/jquery-ui.css?ver=5.3.2

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 04 Feb 2020 04:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1164693
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5900
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 04:57:06 GMT

GET
H2 200 jquery.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 95 KB
34 KB 109ms
54ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5cdeeaa5-17a69"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 10 KB
4 KB 104ms
50ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"573eaa90-2748"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 picturefill.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/ 12 KB
5 KB 103ms
48ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:34:48 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5d6e33b8-2e20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 gtm4wp-form-move-tracker.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
586 B 103ms
49ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.10.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 06:39:02 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da56986-5cf"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 19 KB
8 KB 106ms
51ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25d2-4c1c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js?ver=5.3.2

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 07:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1156867
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 07:07:32 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 73ms
11ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2454
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 566922bc38672fa5-FRA
expires: Tue, 18 Feb 2020 04:28:39 GMT

GET
H2 200 logo.svg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 6 KB
3 KB 39ms
39ms Image
image/svg+xml 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/logo.svg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fa768817b962146f574bf507b3f5a5a3bf552fe2bd9593591fcfc8fe1fc6080c

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d259c-183b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000

GET
H2 200 sysmon-1.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 350 KB
351 KB 26ms
21ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-1.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 313cb0bad9c891576003622a3c6a02ae96a9e1a68debc7c627ea5fddc206752d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:26:59 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a25b3-57927"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 358695

GET
H2 200 sysmon-2-e1535975124763.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 146 KB
146 KB 41ms
36ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-2-e1535975124763.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 52c7be1524d5311090e08f0510b1a93a7446e280ecf5238609ed8f7d5bf876e3

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:45:35 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1edf-247a2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 149410

GET
H2 200 sysmon-3.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 367 KB
368 KB 42ms
37ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-3.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ea8ffa3971189c57e251c5e941f9a88a1a2f4255b79994fcd2ab160d76fc1f03

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:25:04 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a2540-5bccd"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 376013

GET
H2 200 sysmon-4.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 182 KB
182 KB 42ms
37ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-4.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b6c039052d065fc4e58f96e772e79c7af291bdff45f7f0a63811d988a0d4bec4

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:24:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a250c-2d79f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 186271

GET
H2 200 sysmon-5.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 224 KB
224 KB 42ms
37ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-5.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 27f8d23dd70a3b1ad1483724c8efc1f118c66a5db72b1a61593f4af0e82bcc20

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:23:30 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a24e2-37e30"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 228912

GET
H2 200 sysmon-6.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 116 KB
116 KB 42ms
37ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-6.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 094eff0a09fcc78bcb5e5372b63d56d89be7c33108539196b242fbb3443cdbb9

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:22:45 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a24b5-1cf17"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 118551

GET
H2 200 sysmon-7.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 152 KB
152 KB 42ms
37ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-7.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c0f29cac3312e48b03fcf3091eabdf7388c01b354e95fdf399c1f26d137560fe

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:21:57 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a2485-26011"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 155665

GET
H2 200 sysmon-8-1.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 280 KB
281 KB 42ms
38ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-8-1.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 22b5a9e86f9a851d747b1e8603edb757c8e683423ff1270fc9a0cbad21bf30f9

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 17 Jul 2018 10:53:33 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b4dcaad-461c3"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 287171

GET
H2 200 sysmon-9-e1476368184424.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 42 KB
43 KB 42ms
38ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-9-e1476368184424.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 40637dfc895c22deeb30c31fc5a1ffe749363eae48b7169ba4f861b9a1cb694e

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:21:02 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a244e-a978"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 43384

GET
H2 200 sysmon-10-e1535975210699.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 265 KB
265 KB 42ms
38ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-10-e1535975210699.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d7ec787d9eba3ef677beff408069f4f42d667b778efc828ea1e191921fa92c2b

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:47:01 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1f35-423ca"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 271306

GET
H2 200 sysmon-11-e1535975235614.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 143 KB
144 KB 43ms
39ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-11-e1535975235614.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 73551d0994d74d845b5f90b5f61a7bf566767ff53949592082a2b5cd55e02e19

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:47:27 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1f4f-23d8d"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 146829

GET
H2 200 sysmon-12.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 394 KB
395 KB 43ms
39ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-12.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f9feb528c188eb14df91967708310b893b8b9ed5bad0dd994828bd173bf3d3cf

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Oct 2016 14:19:49 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "580a2405-629fb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 403963

GET
H2 200 sysmon-13-e1535975282352.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 199 KB
199 KB 43ms
39ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-13-e1535975282352.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 960e24e9e5f4092f9c8b53c2c552f94f4fa6ded3d2e27c382504f1047a3ca8db

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:48:14 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1f7e-31b99"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 203673

GET
H2 200 sysmon-14-1.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 134 KB
135 KB 43ms
39ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-14-1.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 202bb2bfeeed811976fcdcc5c4a46b560e6ec23e22f82be7b290f43f2b82f8e0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 17 Jul 2018 10:55:11 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b4dcb0f-21916"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 137494

GET
H2 200 sysmon-15-e1535975335917.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 167 KB
167 KB 44ms
39ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-15-e1535975335917.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5f4e8f7ceafc93c411bcb29e2c7000c742ee678a64c079a6b8739e2af5653b2a

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:49:07 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1fb3-29c5c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 171100

GET
H2 200 sysmon-16-1.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 610 KB
611 KB 44ms
40ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-16-1.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 049671e5dbf4cdc724fc31dc9aa4bed70e5ae67c1f503923ad1bb926785785f7

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 17 Jul 2018 10:56:03 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b4dcb43-987fe"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 624638

GET
H2 200 sysomn-17-1.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 122 KB
123 KB 61ms
57ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysomn-17-1.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a58e758d1eb914f8b0fc5fa29a3cacce5b32efed93453fff26032f1b24c5ce83

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 17 Jul 2018 10:56:50 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b4dcb72-1e925"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 125221

GET
H2 200 sysmon-18-e1476368223565-1-e1535975397752.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/ 197 KB
197 KB 61ms
57ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/10/sysmon-18-e1476368223565-1-e1535975397752.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d72fffd7048cdacc445b4eb23520df4a1c824f8cfe4495ca086fc1b2e36a6de5

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Mon, 03 Sep 2018 11:50:10 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b8d1ff2-31241"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 201281

GET
H2 200 hi.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 46 KB
46 KB 61ms
57ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/hi.jpg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bde640de5fbcb53d6cf5bfaf352427d6371c08ae925c1ef74d18631852c4fba4

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 28 Nov 2017 09:00:11 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5a1d259b-b799"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 47001

GET
H2 200 genjs-v3.php Show response
forms.ontraport.com/v2.4/include/formEditor/ 5 KB
2 KB 929ms
904ms Script
text/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d7139525d10396d0bcfe78a5344154db567ab3806eeeef89a16ba3e9848697

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
x-op-benvironment: production
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 566922bc8f85ce23-LHR
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 10 KB
3 KB 49ms
38ms Script
text/html 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd536bda12f3412d79f47f4aab0d693fd32cfa3fcbefbebcecde78c8116274bf

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 4102
x-op-release: 2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 566922bcaffdce23-LHR
expires: Mon, 17 Feb 2020 20:28:39 GMT

GET
H2 200 scripts.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 17ms
17ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 09:32:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5d6e331c-3868"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 jquery.blockUI.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 17ms
16ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-255e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 js.cookie.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 16ms
16ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-736"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 woocommerce.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/ 1 KB
870 B 19ms
19ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-5c0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 cart-fragments.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 16ms
16ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-b7c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
675 B 26ms
26ms Script
text/javascript 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43c064d14e69fdef6336b9aa086a123b2967634c31f541a6afaa1452ad0d96bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 478
x-xss-protection: 1; mode=block
expires: Mon, 17 Feb 2020 16:28:39 GMT

GET
H2 200 bootstrap.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 28 KB
8 KB 17ms
17ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/bootstrap.min.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25d1-71b6"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 owl.carousel.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 44 KB
11 KB 19ms
18ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.carousel.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5487a6f59506a25686adc1bdad7ff4be9545349ddc7aadb0bfaa515ae3cf1244

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25d2-b025"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 owl.navigation.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/ 10 KB
3 KB 21ms
20ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/owl.navigation.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d7cab659e3400afdb91ad13d5fea2fcd51025c85c1f25be6945a8e66429902d5

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:01:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25d2-2961"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 js.cookie.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 4 KB
2 KB 21ms
16ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/js.cookie.js?ver=3.1.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25a3-f20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?ver=5.3.2

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fac45de63ec3c660924ca7340b2d2a1d9074eb5b17bf7f97e8177cb5f50b94a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TxJgF5+PNa5zUw3HhRnORA==
status: 200
date: Mon, 17 Feb 2020 16:28:40 GMT, Mon, 17 Feb 2020 16:28:40 GMT
expires: Mon, 17 Feb 2020 16:29:24 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1777
x-fb-debug: dUiioVf/V+lxZqfFJWvcM8cSXQm5AahnxWFYF5uPx5MbOz76mVcxjcK9Nbw4Rtvf4la35+uk5aAVYgp8b2PYDg==
x-fb-trip-id: 1850256238
x-fb-content-md5: bc0404cc7c23d9c71d2419a3abe9a722
etag: "6096a02743f065900ded318f77db78c3"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 46ms
9ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 16:28:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Feb 2020 23:55:53 GMT
Server: ECS (fcn/40E4)
Age: 586
Etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29101

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 41ms
6ms Script
text/javascript 2606:2800:133:7403:4a68:7eff:710b:1ddf
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:7403:4a68:7eff:710b:1ddf , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: 6e796da2a1b9bbbdc24bf2e2dc1b8f960f531bfe1033c0f073a4bbfe73e54a84

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 16:28:40 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
X-CDN: ECST
Age: 3341
X-Cache: HIT
X-CDN-Proto: HTTP1
X-Li-Pop: prod-ech2
Content-Length: 55596
X-LI-UUID: Anu/N2Y69BUQXEGBKSsAAA==
Last-Modified: Mon, 17 Feb 2020 15:32:59 GMT
Server: ECAcc (frc/8F0A)
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
X-LI-Proto: http/1.1
X-Li-Fabric: prod-lva1
Expires: Mon, 17 Feb 2020 16:32:59 GMT

GET
H2 200 plugins.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 45 KB
12 KB 23ms
18ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/plugins.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8289ed784e4285911ff9a7026d0edd50cab5adb0888824ce5e0e39b83816068d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25a3-b520"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 jquery.flip.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 5 KB
2 KB 23ms
18ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/jquery.flip.min.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 080809ddd5787387961416ee9e961e51066246556e47836c8b385630a80dd8be

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Sat, 22 Sep 2018 11:47:31 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5ba62bd3-1432"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 main.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 7 KB
3 KB 23ms
18ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/main.js?ver=1.83
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e5cd5c6afc45bab3a8dd7a1645b94a8b4598d03e0607bb145478deae02928cf4

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Sat, 22 Sep 2018 12:19:10 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5ba6333e-1ca9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 courses.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/ 4 KB
1 KB 24ms
18ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/courses.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ac212158a335abe8eed52a0950981a4aba012d70032cd0486835046a3fc0df53

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 09:00:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d25a3-1193"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
992 B 24ms
19ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Sat, 05 Oct 2019 19:49:10 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5d98f3b6-577"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000

GET
H2 200 load.js Show response
load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/ 47 KB
16 KB 74ms
27ms Script
text/javascript 2606:4700:3035::6812:23a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/load.js

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6812:23a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c527c4d3abbf05ff59ccd224cab31deb51951e871271f8fd9c141ed1e91b885a

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 6736
status: 200
content-encoding: br
x-request-id: 64dbb998-fb61-4f1d-83e5-83949e202466
x-runtime: 0.005867
x-frame-options: ALLOWALL
server: cloudflare
f-script: load.js
etag: W/"c527c4d3abbf05ff59ccd224cab31deb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=5, public, s-maxage=18000
f-cache: hit
cf-ray: 566922beac5e64f7-FRA

GET
H2 200 wp-emoji-release.min.js Show response
cqureacademy.com/wp-includes/js/ 14 KB
5 KB 154ms
150ms Script
application/javascript 104.198.110.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cqureacademy.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.110.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 22:16:02 GMT
server: nginx
status: 200
etag: W/"5dc1f4a2-362a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 woocommerce-smallscreen.css
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 61ms
58ms Stylesheet
text/css 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.7.1
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 16:16:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5da49f46-1a66"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
cache-control: public, max-age=31536000

GET
H2 200 lato-regular-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 53ms
17ms Font
application/octet-stream 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-regular-webfont.woff2
Requested by: Host: 4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?ver=5.3.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b950f2899a41a8d45990d37c200c61641f5a79fbc007bf478b5144e96f0fadb9

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d258e-5728"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
status: 200
cache-control: public, max-age=31536000

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 115ms
33ms Script
text/plain 151.101.13.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
age: 3024
x-cache: HIT, HIT
status: 200
date: Mon, 17 Feb 2020 16:28:40 GMT
content-length: 13681
x-amz-id-2: 38CkKUezcwIDcWGDJKV59jQkjGK+UX76TF1NTGfwnNWUlCQN5pe3Ti9N1BBcT9admkof6BxqK3Q=
x-served-by: cache-bwi5121-BWI, cache-fra19149-FRA
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1581956920.159232,VS0,VE0
etag: "f32ebb1e93a72c0a57add6d07f688510"
vary: Accept-Encoding
x-amz-request-id: E40A28802C3D9D12
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 549

GET
H/1.1 200
OK snoo.gif
alb.reddit.com/ 35 B
212 B 409ms
94ms Image
image/gif 3.225.77.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/snoo.gif?q=CAAHAAABAAoACQAAACrwE7EkAA==&s=367ckLEAUP9BdYsbCWEB-aL7h-YEiIWCv5ghuJ2RucQ=&ts=1581956920058
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.77.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-77-184.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 16:28:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
34 KB 33ms
18ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

631c218ee8cc86cbda0e35bfc60160c509ef3f188413d8a83940d7b8b0511689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34750
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Feb 2020 16:28:40 GMT

GET
H2 200 8qDEbnofkos
www.youtube.com/embed/ Frame F131 0
0 148ms
121ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/8qDEbnofkos?rel=0&showinfo=0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/8qDEbnofkos?rel=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cqureacademy.com/blog/server-monitoring/sysmon
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache
content-encoding: br
date: Mon, 17 Feb 2020 16:28:40 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=fAAKWvSa8y0; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 16:28:40 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=fAAKWvSa8y0; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 16:28:40 GMT; httponly; samesite=None YSC=6F40OjUlUOQ; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 17-Feb-2020 16:58:40 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 cqure-news.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12/ 783 B
1009 B 54ms
52ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/12/cqure-news.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cdc32aafdb46e903c85c178df5f250e8d90f88007643e1e492788d39fe4902b0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 07 Dec 2018 14:32:36 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5c0a8484-30f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 783

GET
H2 200 cybersecurity-talk3.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
3 KB 54ms
52ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/cybersecurity-talk3.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2b113be19e119bb84d4d396edf9926101dd13fbd381ca857af13037f4976d29

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:48:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee6b5-9bc"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2492

GET
H2 200 forensics2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 965 B
1 KB 54ms
52ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/forensics2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d43d91fe7a63061274c03685a82d12a2f1e15fce24fe4699231fcab4038a56b3

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:58:35 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee92b-3c5"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 965

GET
H2 200 identity-theft-protection2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 904 B
1 KB 54ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/identity-theft-protection2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 17e806417f302ed4a74c980ffde96df0d7535af0f215e97214a1cb8ee3a017ed

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:58:48 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee938-388"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 904

GET
H2 200 ignite2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 54ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ignite2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ef00d67e59b19eea79a2e8bf067d8910c6697de339adaee79d2856e2fdd0d760

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:59:00 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee944-8bb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2235

GET
H2 200 malware2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
3 KB 55ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/malware2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3f3cd545367485ba660229234b213f845bea2841f41c580b005cb46e26605987

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:59:13 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee951-91f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2335

GET
H2 200 penetration-testing2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 55ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/penetration-testing2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: dcbbf43562c4706b7646cddf34ee2f45e86b70dcff680f65287a15391bb0f272

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:59:25 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee95d-8ad"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2221

GET
H2 200 secure-server2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 55ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/secure-server2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1ef0a96be1cfde52782ee9ddc0ef36f4bc1a72943c5de56fcf2a5ce677ec8a70

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:59:38 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee96a-6e2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1762

GET
H2 200 securing-infrastructure2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
2 KB 55ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/securing-infrastructure2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2cc358f06dc7a068cc0b177cfdbea09cf517681bb4fdca354b8ba13268b60851

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 15:59:52 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee978-7f7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2039

GET
H2 200 server-monitoring2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 960 B
1 KB 55ms
53ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/server-monitoring2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 77a5ec27e758b7c9bff23ef4f45200fe298fb51fe8ad87c008edc51b73442e33

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 16:00:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beee986-3c0"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 960

GET
H2 200 system-internals2.png
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 871 B
1 KB 55ms
54ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/system-internals2.png
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c2e273d2979485e959a68f54d1b5454697230d55f60dd40f12f416f591451cd5

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 16 Nov 2018 16:02:36 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5beeea1c-367"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 871

GET
H2 200 newsletter.jpg
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/ 128 KB
128 KB 54ms
54ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/images/newsletter.jpg
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b195b421eafc80f00471e0357daf039b5b1452ad7eef28fd4c5dfa1dc927c845

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Tue, 28 Nov 2017 09:00:12 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5a1d259c-1fece"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 130766

GET
H2 200 cqure_icons.ttf
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 19 KB
10 KB 46ms
45ms Font
application/octet-stream 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/cqure_icons.ttf?v=1.57
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5423a8eb065ad74539056dcd00ec57a155f134a6bb94338bac06167d517db2cb

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:56 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d258c-4a78"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
status: 200
cache-control: public, max-age=31536000

GET
H2 200 lato-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 54ms
52ms Font
application/octet-stream 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-bold-webfont.woff2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f4b43899402b4c787457e1275ad825ff389fb54fc3fe146f9203e727d4aded61

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:57 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d258d-57b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
status: 200
cache-control: public, max-age=31536000

GET
H2 200 lato-light-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 22 KB
22 KB 42ms
41ms Font
application/octet-stream 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/lato-light-webfont.woff2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: babd36a2da0a94172346873c11e2eb098205dfa23b553eda3d3fc7c180b1dc13

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d258e-5680"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
status: 200
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6908
date: Mon, 17 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 17 Feb 2020 16:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: DIZijDucJUdvRHniRed8hWcci06RINBcf6wlJg/My0lH0VfXMmTVBAznpJoFLXPIfRAEIp7YloceZU1S8UFH8Q==
x-fb-trip-id: 1850256238
date: Mon, 17 Feb 2020 16:28:40 GMT, Mon, 17 Feb 2020 16:28:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 93ms
30ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
age: 29698
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4062-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1581956920.266594,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 21ms
9ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=3&cad=rja&uact=8&ved=2ahUKEwiRkrzKgNnnAhUEJzQIHQuBCGsQFjACegQIAhAB&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&usg=AOvVaw2QMkPPTo0yf8A5XV_4e6md
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 16:28:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28542
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b/ 43 B
348 B 394ms
98ms Image
image/gif 34.196.237.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.quora.com/_/ad/111122a0cd4b4ff782251b8f9d66a78b/pixel?j=1&u=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&tag=ViewContent&ts=1581956920198
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.237.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-237-80.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 16:28:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: 81,804d2bfd81d6cb7e80c05e23c7409c17,10.0.0.221,14168,81.92.202.16,,23557479233,1,1581956920.542,0.002,,.,0,0,0.000,0.000,-,0,0,197,179,89,10,26847,,,,,,,
Content-Type: image/gif

GET
H2 200 903227543120584 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/903227543120584?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

449703d6a077b08f95a3847455f9dcb2a4b54b4c04025ac0d38a64f48dbbaaf6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: NMGEhv0fIIWV53PQDCd3UoOVmbajScTTyWRjRNDE336Vg8qy7rcZFht2ptFAUq8cZ7Ts3y1s6tEsJZMQcgqyYg==
x-fb-trip-id: 1850256238
date: Mon, 17 Feb 2020 16:28:40 GMT, Mon, 17 Feb 2020 16:28:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1431
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Mon, 17 Feb 2020 17:04:49 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D29329%26url%3Dhttps%253A%252F%252Fcqureacademy.com%252Fblog%252Fserver-monitoring...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268&liSync=true

0
58 B

122ms
122ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268&liSync=true
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: fh6NDXA99BUggyT8VSsAAA==

Redirect headers

date: Mon, 17 Feb 2020 16:28:40 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: gMm+B3A99BUgr+KgkysAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=29329&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&time=1581956920268&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5PDKTRJ&t=gtm2&cid=1696303758.1581956920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

661365d8d26850d9541b6a900ab0eeeb1d16cc37f6e2d11d9d5919743faac16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24146
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Feb 2020 16:28:40 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1394566312&t=pageview&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_gid=1649266350.1581956920&gjid=1754017305&_v=j81&z=1150758221
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221&slf_rd=1&random=2138551702

42 B
478 B

29ms
17ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221&slf_rd=1&random=2138551702

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 16:28:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 16:28:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1696303758.1581956920&jid=930938136&_v=j81&z=1150758221&slf_rd=1&random=2138551702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 170ms
137ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvhhf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Mon, 17 Feb 2020 16:28:40 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 681847904f31e1df897bf89dc2d20e26
x-transaction: 00e79f72002c0ca9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=903227543120584&ev=PageView&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&rl=https%3A%2F%2Fwww.google.com%2F&if=false&ts=1581956920300&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581956920300.965100061&it=1581956920207&coo=false&rqm=GET

Requested by

Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT, Mon, 17 Feb 2020 16:28:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 17 Feb 2020 16:28:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 31 Jan 2020 00:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1526909
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 00:20:11 GMT

GET
H2 200 load.gif
optassets.ontraport.com/opt_assets/images/ 13 KB
13 KB 36ms
36ms Image
application/octet-stream 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optassets.ontraport.com/opt_assets/images/load.gif
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882

Request headers

Referer: https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS&ver=5.3.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
cf-cache-status: HIT
age: 160426
x-op-release: 2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 566922c22dc3ce23-LHR
expires: Mon, 17 Feb 2020 17:28:40 GMT

GET
H2 200 raleway-bold-webfont.woff2
4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/ 18 KB
18 KB 19ms
18ms Font
application/octet-stream 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/fonts/raleway-bold-webfont.woff2
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 61d919573a1cf2539b7e2033dd8a8d9cca1363e429d20b52178dafc676f8b2e9

Request headers

Referer: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-content/themes/cqure/style.css?ver=2.22
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 08:59:59 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"5a1d258f-48e4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/octet-stream
status: 200
cache-control: public, max-age=31536000

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 64ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: d71a828d2769c2523c75e1a0a13f9d91400cd571fda65a80f72e39fde2d8cf0d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 6F1D9E35DF9F1863
status: 200
cdn-cachedat: 2020-02-04 17:02:48
cdn-pullzone: 53731
x-amz-id-2: y4OR73YF/ru3wbyqRbwdyr86eDbZuBmtZcQ8NoBaeRk2VGw/yO6lj4jVb4TbWODKnJIlwLeKedo=
last-modified: Tue, 04 Feb 2020 17:02:27 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 9efc7eebde9693519871a7e13a58d96b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/ 259 KB
93 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32303ef7ad0a14c7c2b4f4af7211c93ab5b1f17b7804027861c1829e727e1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 10 Feb 2020 18:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Feb 2020 05:05:24 GMT
server: sffe
age: 598056
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 95032
x-xss-protection: 0
expires: Tue, 09 Feb 2021 18:21:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e60faaaeee27ab07575cc0f39f7d5b79&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80bb0475bd7756ba23a4a9e910ea36769a4b8f981d8d16a78e40cd0e64029f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UwZbavlfFVWhC8vDtIfW6g==
status: 200
date: Mon, 17 Feb 2020 16:28:40 GMT, Mon, 17 Feb 2020 16:28:40 GMT
expires: Tue, 16 Feb 2021 15:14:57 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59543
x-fb-debug: AxhIG2fOVj1HB22O8PDm1yY8Rq7YAiaDefF5KF3yKGitnYNNhmBWSib5aDfl9KvWYaYXMctFsIZDOkEGcH2hhw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 53e169ae4b17798acfc610d7a49d6845
etag: "2583681a876b47cc22932334ca938b0b"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
650 B 163ms
129ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvhhf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Mon, 17 Feb 2020 16:28:40 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3cbbcb345ecd9cf714481906d92e1f52
x-transaction: 00692b1700231a48
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame 76B8 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fcqureacademy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.3.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 994164
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Feb 2020 16:28:40 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Wed, 05 Feb 2020 23:46:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

POST
H2 200 / Show response
cqureacademy.com/ 210 B
555 B 324ms
323ms XHR
application/json 104.198.110.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cqureacademy.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.110.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.110.198.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 16:28:40 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: WP Engine
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cqureacademy.com
cache-control: no-transform, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 210
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
944 B 22ms
22ms Script
application/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BK3X4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
66 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 04:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1165426
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 04:44:54 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 6E39 0
0 25ms
25ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=aiv5khibn5w1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5upKp4ffujlRTIniMq/lRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeAW7YUAAAAAKMkVww0wWJLeHX4HspK47pMgqGQ&co=aHR0cHM6Ly9jcXVyZWFjYWRlbXkuY29tOjQ0Mw..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=aiv5khibn5w1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cqureacademy.com/blog/server-monitoring/sysmon
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=198=sFKTqqRU4GJK6yCc8AhwVaT_Nshm0KhK_bXeSESUIzFzwEbsyY1o_urVlxtX_B0eGluey-OXzqBw_tcDWQko2hwmS_3Ta4xALlkYRuNK3r7NrB_RRsYmBWvPwCDZn8oxm-aYsu6ANmjpOC_3DfE8h-mQqLe9B-uXsDigX5vi-OU; CONSENT=WP.283b32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 Feb 2020 16:28:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-5upKp4ffujlRTIniMq/lRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9824
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 72.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 131 KB
44 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 15BC747152554C60
status: 200
cdn-cachedat: 2020-02-04 17:02:49
cdn-pullzone: 53731
x-amz-id-2: dfET3Wc5znOHJRtcSD5bIx+RotG11cJwCZwuOSOK8wmXrnnaqEXeW4CV1wKEFzNT8rao3PYB3PQ=
last-modified: Tue, 04 Feb 2020 17:02:09 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2182c7f1a772aff70920c2ab0e653274
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 289 KB
100 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 2E38E04EB5BE2E03
status: 200
cdn-cachedat: 2020-02-07 06:58:49
cdn-pullzone: 53731
x-amz-id-2: NH419aQbH3l84jvOGdG2I7qZHC/gD9B0ue6ip3wo8CqoYpEambFrf6o6ic+pEmRvQrXjeUrn4MI=
last-modified: Tue, 04 Feb 2020 17:02:09 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ad84d3b28c18812281b819fc5965361d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/ 27 KB
10 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 13:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98900
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 00:53:13 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 24 Feb 2020 13:00:20 GMT

GET
H2 200 / Show response
forms.ontraport.com/v2.4/include/minify/ 170 KB
46 KB 43ms
42ms Script
application/x-javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b6d171f42062c6baad092a0c7e586e815437c7e6faacaec0e66f93dd5430cb

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:40 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 160427
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Wed, 08 Jan 2020 21:27:42 GMT
server: cloudflare
etag: W/"pub1578518862;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 566922c33865ce23-LHR
expires: Mon, 17 Feb 2020 17:28:40 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 01 Feb 2020 00:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1441426
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jan 2021 00:04:55 GMT

GET
H2 200 moonrayform.paymentplandisplay.js Show response
app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/ 286 KB
101 KB 51ms
40ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/moonrayform.paymentplandisplay.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genjs-v3.php?html=false&uid=p2c104117f5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d013e13923d87a879dbfe78c9358c7d13d9bbd8d91db3ec1a493386641abeb

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:41 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 73
x-op-release: 2
cf-polished: origSize=292400
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cf-bgj: minify
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 19 Dec 2019 17:05:18 GMT
server: cloudflare
etag: W/"5dfbadce-47630"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 566922c51ce2ce23-LHR
expires: Mon, 17 Feb 2020 16:48:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
677 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48387d8ce499219bcdf0339ea3b536610f5135ef8394d733b0b8e4d6d4494301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 16:28:41 GMT
server: ESF
date: Mon, 17 Feb 2020 16:28:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 16:28:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 18ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin
Origin: https://cqureacademy.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 00:39:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1439371
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:39:10 GMT

GET
DATA 200
OK truncated
/ 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 proof.js Show response
cdn.getmoreproof.com/embed/latest/ 6 KB
2 KB 45ms
7ms Script
application/javascript 2600:9000:20eb:e400:a:6697:8180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getmoreproof.com/embed/latest/proof.js?1581956921276
Requested by: Host: cqureacademy.com
URL: https://cqureacademy.com/blog/server-monitoring/sysmon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:e400:a:6697:8180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 543c7142a0625b3ae2e5dcfa6226b98f498cc81503c526b5a36948be087ebb5f

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Jan 2020 23:34:02 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 19:54:45 GMT
server: AmazonS3
age: 3948880
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=315360000, no-transform, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gYVaDUQ91gW8s6UIU-eqlI5KaoGSsWtZUtoiSd4sSpTV6ENbXDqG3w==
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)

GET
H/1.1 200
OK track.php Show response
cqure.ontraport.com/ 847 B
1 KB 776ms
276ms Script
text/html 209.170.211.179
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://cqure.ontraport.com/track.php?mid=104117_1_2&llc=https://cqureacademy.com/blog/server-monitoring/sysmon&first_visit=1&referral_page=https%253A%252F%252Fwww.google.com%252F&s=vs4r413rwyrf66vdnbs1&l=cqureacademy.com/blog/server-monitoring/sysmon&ti=Sysmon:%20how%20to%20set%20up,%20update%20and%20use?%20%7C%20CQURE%20Academy&forms%5Bp2c104117f5%5D=0&is_unique=0
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js?ver=5.3.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: e9e851223ba959dd311e6a67983855ea258cc6d5bda5a6a62b97fccaaa8b5365

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 16:28:41 GMT
Content-Encoding: gzip
Server: ONTRAport
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-release: 2
Connection: keep-alive
Transfer-Encoding: chunked
X-op-class: hosted
Access-Control-Allow-Credentials: true
Content-Type: text/html
X-op-ca: 81.92.202.16

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 7DFB
Redirect Chain

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqur...
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacad...
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacad...

0
0

64ms
63ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e60faaaeee27ab07575cc0f39f7d5b79&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cqureacademy.com/blog/server-monitoring/sysmon
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0YHKr2CqvJ0TANWFD..BeSr84...1.0.BeSr84.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
vary: Accept-Encoding
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: Nhm7TcURG0RXzMHVvN2qqiE+JOv/cDyb7bBHFh1Z38q0dQZR280eGXTGkKBmAjP0yeKetrzN1n12HQne4A+SAA==
date: Mon, 17 Feb 2020 16:28:41 GMT Mon, 17 Feb 2020 16:28:41 GMT
alt-svc: h3-24=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df143b96ce44097%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=9&count=true&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&sdk=joey&version=v2.6&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: UvMEHGFQvfnhisJAPaOyEjJh5hlXpbuKybOt0rrsEfXO66TydGWd+S9xAq0nsMug/vcWiK4liKXULz9YcgO/pg==
content-length: 0
date: Mon, 17 Feb 2020 16:28:41 GMT Mon, 17 Feb 2020 16:28:41 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 3713
Redirect Chain

https://www.facebook.com/v2.6/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqur...
https://www.facebook.com/plugins/comments.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacad...
https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacad...

0
0

85ms
85ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e60faaaeee27ab07575cc0f39f7d5b79&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cqureacademy.com/blog/server-monitoring/sysmon
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0YHKr2CqvJ0TANWFD..BeSr84...1.0.BeSr84.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
vary: Accept-Encoding
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 3FTAaB3xXzCt+bNe+JVyi7YH/aCgDyxg4J57FPdRV4ic2E5vhTHqH1omwgpu+/ITc17mYX+L/Ns1zsMAngp/6Q==
date: Mon, 17 Feb 2020 16:28:41 GMT Mon, 17 Feb 2020 16:28:41 GMT
alt-svc: h3-24=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id=505499516319698&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df154b7531475ca%26domain%3Dcqureacademy.com%26origin%3Dhttps%253A%252F%252Fcqureacademy.com%252Ff16ff86da59f58%26relation%3Dparent.parent&container_width=781&height=100&href=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&locale=en_US&numposts=5&sdk=joey&version=v2.6
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xze+UMrHatZKRindWDvRmgV+59+8eM3gKEle54QctMtBvNMOKJhahDtQ5vmPmmwBvShM8YSA40MB/OhNQKNeXA==
content-length: 0
date: Mon, 17 Feb 2020 16:28:41 GMT Mon, 17 Feb 2020 16:28:41 GMT
alt-svc: h3-24=":443"; ma=3600

POST
H2 200 / Show response
sumo.com/api/load/ 879 B
1 KB 518ms
172ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

214dffe3bbe65e849e8da1769a242d175de232f7b79f3cc7f2cae47292b97054

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 Feb 2020 16:28:41 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 879

GET
H2 200 /
www.facebook.com/tr/ 44 B
227 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=903227543120584&ev=Microdata&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&rl=https%3A%2F%2Fwww.google.com%2F&if=false&ts=1581956921820&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sysmon%3A%20how%20to%20set%20up%2C%20update%20and%20use%3F%20%7C%20CQURE%20Academy%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581956921819.1662830893&it=1581956920207&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 16:28:41 GMT, Mon, 17 Feb 2020 16:28:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 17 Feb 2020 16:28:41 GMT

OPTIONS
H2 204 services Show response
sumo.com/ 0
257 B 163ms
163ms XHR
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://cqureacademy.com
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Mon, 17 Feb 2020 16:28:41 GMT
server: nginx/1.14.1
access-control-allow-origin: https://cqureacademy.com
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

POST
H2 200 services Show response
sumo.com/ 37 KB
6 KB 211ms
210ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

d26940a2d5f47b33084cb759bc6ffaecc33a8cf9606dfb3e584c234fcd1a4a7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: AY6MXS3QvFlAOBAZZS1OfaQ4
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 7.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 97 KB
33 KB 6ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 913B6BF387DC2113
status: 200
cdn-cachedat: 2020-02-04 17:02:48
cdn-pullzone: 53731
x-amz-id-2: YtmcRi+T2OEdUUEvmeHMW0hzvKKcjeqPfKul9bcDyMEqc1rD+04Olv4FCO+U+cNi1wTNswb3pSY=
last-modified: Tue, 04 Feb 2020 17:02:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: f8def55273142938ca5e227852cadc96
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 5 KB
3 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 6667EF83CC6D80B8
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: X6FcCwK2TKnpHEc+ML9zDIpvloNX4MF/4gn/2oX/gdu71WOb3Tz7Hwh4NSU2o0ZsywzBo2reM3M=
last-modified: Tue, 04 Feb 2020 17:01:47 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ebe127271ae5a202a48e25af96d62288
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 8BCD4B347918736D
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: WdF6lEMyw3AmW6dM3uFM+Hc4CxzUt7Ii/TTm7Kt171g9WwSWYAxnNHJBztsmsSynMmz/OKL00C8=
last-modified: Tue, 04 Feb 2020 17:01:33 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6a43e54a15a0fb2021a6548410d110f4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 11 KB
5 KB 6ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: BE5AB6480FD6A7D9
status: 200
cdn-cachedat: 2020-02-15 10:03:24
cdn-pullzone: 53731
x-amz-id-2: GpLxVzNDpvnUwA+255xzHdKy6ri6nRwHiw66WYSVMEBuSfKJdgO7NC/Y+saqARgGkIfd+Mb+o6U=
last-modified: Tue, 04 Feb 2020 17:01:22 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 082fd72303bf6e3981febd4fac7345f2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 92 KB
25 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 596D5E73B729D427
status: 200
cdn-cachedat: 2020-02-15 15:19:08
cdn-pullzone: 53731
x-amz-id-2: CSdqdjeKyqIzEHTqiDbTwbRmzkTGvqtBjvUzbZu0NRLxee+VH917L/GM476O760RrNlVdeBgVso=
last-modified: Tue, 04 Feb 2020 17:01:35 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4754ff85d262bc6f52437647788da2ea
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 329 KB
94 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: BC5E814C8D41E917
status: 200
cdn-cachedat: 2020-02-04 17:02:48
cdn-pullzone: 53731
x-amz-id-2: dQZaUV+u5mQj2RGaDVsDto9xht1KPuTaTolJ1btG5tsTpGGz3wzrWMZFRcHImIO7iZjgUYZQWXg=
last-modified: Tue, 04 Feb 2020 17:01:36 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: b24a8040faba990eb81a74114e5873a2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 179 KB
51 KB 41ms
40ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 4FC8A8B286CAD9F7
status: 200
cdn-cachedat: 2020-02-04 17:02:49
cdn-pullzone: 53731
x-amz-id-2: Q3V86cvEmSVPacU8bAt5qbS71uVCcu5gTKberfRVpn43VfcYG7Shkvvt8PmFSxkd24CZTr/jNxw=
last-modified: Tue, 04 Feb 2020 17:01:35 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 9134760280af5a0e858d6508e3a81de0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 1 KB
1 KB 41ms
40ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 35D7D872E392EE0A
status: 200
cdn-cachedat: 2020-02-15 18:15:56
cdn-pullzone: 53731
x-amz-id-2: GlXk8QB1qu+SmITT34ttDS5eSnPVsAu3J959CqMP9KujkvzqIBPsBTUqOxv5KZXd48FnWKU1CnA=
last-modified: Tue, 04 Feb 2020 17:02:04 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c621a05dc460f310a67afc7e4ba37495
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 0.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 5 KB
3 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: E679B743FE7D8153
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: P8yIvTTNZ30b5cS/9O+HCxF8wLbzFS0DSHqLdYFZCR1MDk5i5TTAR7Gu3KzzKrmIQHAm15iMvLo=
last-modified: Tue, 04 Feb 2020 17:01:20 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: eb6607865dbb94639488fb826752bb55
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 1.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 1 KB
2 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: BAD870CEF4208E02
status: 200
cdn-cachedat: 2020-02-15 14:25:17
cdn-pullzone: 53731
x-amz-id-2: CKDKaDbeal82SwvZnB6OD/TzHuNuXxHxt/1STWRt8TJyxNM3CUQMaxxvzecG8o0Cj+orpSWkQXs=
last-modified: Tue, 04 Feb 2020 17:01:21 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c896e4026f20afabff3b5e5ad17b496a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 3.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 5 KB
2 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: C7E0FA93BCD3682D
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: YbDS9jc9a7S1H4VvhY5vVOgvqJusjLyb13YrX43QmO/55j1Phd7smbHa0FLEqmoDBXdGd9B4p5A=
last-modified: Tue, 04 Feb 2020 17:01:40 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: bc58eb2a15cee9bf003ac199603e8b7c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 11.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 438 KB
129 KB 7ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: eaaefbca2283bedab9a98643940aa07798981345886a5e1a78a82d91a4aae668

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: DC3D668CA8EF8D83
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: 0TSVmBnYBiFALTyLen43enjhxa1kkSJxHmnijIcwZ8sSsSMOuOtQ4M3BpuXpTxCKBUjUX3sV2hQ=
last-modified: Tue, 04 Feb 2020 17:01:27 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 5a4a9c7643881a2ee4b401d10f7419fb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 15.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 711 KB
53 KB 7ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 71AE7EB5F5C51550
status: 200
cdn-cachedat: 2020-02-04 17:02:50
cdn-pullzone: 53731
x-amz-id-2: eUBhS7t1OS8jCyeRmirWcZQcRB9P35YbM0qtC4ttgd/EgnOyqnwoRITR5ZDlwsTCk2EOWM1Cpfs=
last-modified: Tue, 04 Feb 2020 17:01:30 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6535fd60589e5cc7341cbc409781515b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 1 MB
79 KB 6ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: 3CC3A00D1F77A8EB
status: 200
cdn-cachedat: 2020-02-04 17:02:49
cdn-pullzone: 53731
x-amz-id-2: co2IDx5+r8+u2zNEWN39Ex4XqupQimqcK2gdKlAraWWqrgy+u4/wpwEBAFmngXG7mU7pD8VaDp8=
last-modified: Tue, 04 Feb 2020 17:02:24 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 9284c9f9ecdf98468444be1f08dd4644
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.bc3f82df537ecf5350b6.js Show response
load.sumo.com/ 221 B
853 B 11ms
11ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.bc3f82df537ecf5350b6.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
content-encoding: br
cdn-cache: HIT
cdn-edgestorageid: 481
x-amz-request-id: B2FA1D6204E6CFB9
status: 200
cdn-cachedat: 2020-02-04 17:02:49
cdn-pullzone: 53731
x-amz-id-2: glAlJMhDU4Y5gasrBHrry3ocF43x7f1pVBVQkb5C1TJAkLOYnSGnK+Uc/EUeSu5xltPBxaL0Ack=
last-modified: Tue, 04 Feb 2020 17:02:24 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 5110f0ca2fcfb708bdc078364929560e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/0.bc3f82df537ecf5350b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 16:28:42 GMT
server: ESF
date: Mon, 17 Feb 2020 16:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 16:28:42 GMT

GET
H2 200 / Show response
graph.facebook.com/ 118 B
572 B 50ms
37ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&callback=jQuery110203330683802597836_1581956920891&_=1581956920892

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fd4147bc7da0494eb02f805bbca45739043548a50b01c3273d39c43c468470f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Mon, 17 Feb 2020 16:28:42 GMT, Mon, 17 Feb 2020 16:28:42 GMT
x-fb-rev: 1001721249
alt-svc: h3-24=":443"; ma=3600
content-length: 118
pragma: no-cache
x-fb-debug: r2Qa0djl3gI/ovRO3sr+EKEMyLrMFbytl6BpGfg0xqZK40e/50WncgGHAzDJtsPY0medFmbUCeQVWaGi2D5M4Q==
x-fb-trace-id: BZB12cvEQeq
etag: "094fe0db97eeede11e8ce278557827744d63d5df"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A2uuAUIrWVPXJqZULdApAEd
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 420 B
611 B 43ms
30ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&format=json&callback=jQuery110203330683802597836_1581956920893&_=1581956920894

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb69989b22ec56bffcf0a2d7050fb38affdbb168868968c7aebaf1c52075762f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
status: 200
x-fb-rev: 1001721249
content-length: 248
pragma: no-cache
x-fb-debug: fNiBE5oyzpWGo4lK/vX+FgOxv4Z1xu/oDj4hvZl9OhQ0TKuSegh5McFI4yvQLNbr06J2T0YAc1enaBFah8mRVQ==
x-fb-trace-id: GjWGSAEGh4w
date: Mon, 17 Feb 2020 16:28:42 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AOyzu-naGd9xF82wRha8XyB
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 166ms
166ms Script
text/html 2a05:f500:11:101::b93f:9001
LINKEDIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?format=jsonp&url=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&callback=linkedinjsonpcallbackwxkqpf&_=1581956920895
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9001 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f8dc7d01741f0ce36869304c3879f39798277cd03bba4c2f6ab49d72d890258

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/0.bc3f82df537ecf5350b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 16:28:42 GMT
server: ESF
date: Mon, 17 Feb 2020 16:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 16:28:42 GMT

OPTIONS
H2 204 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 0
257 B 2071ms
2071ms XHR
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://cqureacademy.com
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
server: nginx/1.14.1
access-control-allow-origin: https://cqureacademy.com
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

OPTIONS
H2 204 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 0
257 B 2072ms
2072ms XHR
text/plain 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://cqureacademy.com
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Mon, 17 Feb 2020 16:28:42 GMT
server: nginx/1.14.1
access-control-allow-origin: https://cqureacademy.com
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

GET
H2 200 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 3 KB
1 KB 177ms
176ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Sumo-Auth: AY6MXS3QvFlAOBAZZS1OfaQ4

Response headers

date: Mon, 17 Feb 2020 16:28:44 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-1421097924"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H2 200 features Show response
sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/ 3 KB
1 KB 177ms
176ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f/features?site_id=14aa09968f25ac1426603e806201f1f26659bb4aac41f177fdf4541a6650356f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
Origin: https://cqureacademy.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Sumo-Auth: AY6MXS3QvFlAOBAZZS1OfaQ4

Response headers

date: Mon, 17 Feb 2020 16:28:44 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-1421097924"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cqureacademy.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET sumo-convert
micro-cdn.sumo.com/image-resize/ 0
0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1394566312&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcqureacademy.com%2Fblog%2Fserver-monitoring%2Fsysmon&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_gid=1754055836.1581956930&gjid=241906344&_v=j81&z=1402029966
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966&slf_rd=1&random=276598973

42 B
478 B

28ms
16ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966&slf_rd=1&random=276598973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cqureacademy.com/blog/server-monitoring/sysmon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 16:28:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 16:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80845917-1&cid=1070547604.1581956930&jid=1062071248&_v=j81&z=1402029966&slf_rd=1&random=276598973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: micro-cdn.sumo.com
URL: https://micro-cdn.sumo.com/image-resize/sumo-convert?uri=//media.sumo.com/6f9668e1f5ac369380dff7f0c9d3b7864cca7c0a49d4eb8ca6acfec44765ddc7&supported=webp,webp.alpha,webp.animation,webp.lossless&hash=901cc679984630adf26971d38804cd72802cdbfbd6cae0cdbc2b44ba596dc3a4&format=webp

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-25 20:05:16	Name: CONSENT Value: WP.283b32
.twitter.com/	1970-01-20 00:57:08	Name: personalization_id Value: "v1_YeIupd4J6HAoUi9bUErIbg=="
.youtube.com/	1970-01-19 07:25:58	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6F40OjUlUOQ
.youtube.com/	1970-01-19 11:45:08	Name: VISITOR_INFO1_LIVE Value: fAAKWvSa8y0
.cqureacademy.com/	1970-01-19 07:25:56	Name: _gat_UA-80845917-1 Value: 1
cqureacademy.com/	1970-01-25 20:29:45	Name: vid Value:
.google.com/	1970-01-19 11:49:28	Name: NID Value: 198=sFKTqqRU4GJK6yCc8AhwVaT_Nshm0KhK_bXeSESUIzFzwEbsyY1o_urVlxtX_B0eGluey-OXzqBw_tcDWQko2hwmS_3Ta4xALlkYRuNK3r7NrB_RRsYmBWvPwCDZn8oxm-aYsu6ANmjpOC_3DfE8h-mQqLe9B-uXsDigX5vi-OU
.cqureacademy.com/	1970-01-19 07:27:23	Name: _gid Value: GA1.2.1649266350.1581956920
cqureacademy.com/	1970-01-25 20:29:45	Name: sess_ Value: vs4r413rwyrf66vdnbs1
cqureacademy.com/	1970-01-25 20:29:45	Name: lastvisit Value: 1581956920
.cqureacademy.com/	1970-01-19 09:35:32	Name: _fbp Value: fb.1.1581956920300.965100061
cqureacademy.com/	1970-01-25 20:29:45	Name: referral_page Value: https://www.google.com/
.cqureacademy.com/	1970-01-19 09:35:32	Name: _gcl_au Value: 1.1.1918743592.1581956920
cqureacademy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fafd92114da0dba314e7ca1214b51443
.cqureacademy.com/	1970-01-20 00:57:08	Name: _ga Value: GA1.2.1696303758.1581956920
cqureacademy.com/blog/server-monitoring	1970-01-19 08:09:08	Name: __smVID Value: f67c7ef8003a1f46fdf5fe17bcc4ae82279638cde8405ee660c6395e5e8161ac

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://load.fomo.com/api/v1/D0-mndMM1SvdX5rGnwAssw/load.js(Line 3) Message: Fomo site is not active - contact support via hello@fomo.com. [ref: 03]
console-api	log	URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js(Line 26) Message: Query variable %s not found sumotoken
console-api	error	URL: https://cdn.getmoreproof.com/embed/latest/proof.js?1581956921276(Line 1) Message: You are using an old version of the Proof pixel which is no longer supported. Please replace this code with the new version https://help.useproof.com/setup/how-to-switch-to-the-new-pixel
console-api	log	URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.bc3f82df537ecf5350b6.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.bc3f82df537ecf5350b6.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: linkedin
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.bc3f82df537ecf5350b6.js(Line 1) Message: yummly

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f2bcn3u2m2u2z7ghc17a5jm-wpengine.netdna-ssl.com
a.quora.com
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
api.facebook.com
app.ontraport.com
cdn.getmoreproof.com
cdn.onesignal.com
connect.facebook.net
cqure.ontraport.com
cqureacademy.com
fonts.googleapis.com
fonts.gstatic.com
forms.ontraport.com
graph.facebook.com
load.fomo.com
load.sumo.com
micro-cdn.sumo.com
optassets.ontraport.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
q.quora.com
s.ytimg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sumo.com
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
micro-cdn.sumo.com
104.16.20.19
104.198.110.226
104.244.42.133
104.244.42.3
151.101.112.157
151.101.13.2
209.170.211.179
2600:9000:20eb:e400:a:6697:8180:93a1
2606:2800:133:7403:4a68:7eff:710b:1ddf
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3035::6812:23a2
2606:4700::6812:e134
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:815::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9c
2a00:f48:2000:1023::3
2a02:26f0:eb:3a3::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
3.225.77.184
34.196.237.80
52.38.14.212
94.31.29.96
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
049671e5dbf4cdc724fc31dc9aa4bed70e5ae67c1f503923ad1bb926785785f7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
080809ddd5787387961416ee9e961e51066246556e47836c8b385630a80dd8be
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
094eff0a09fcc78bcb5e5372b63d56d89be7c33108539196b242fbb3443cdbb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
17e806417f302ed4a74c980ffde96df0d7535af0f215e97214a1cb8ee3a017ed
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ef0a96be1cfde52782ee9ddc0ef36f4bc1a72943c5de56fcf2a5ce677ec8a70
202bb2bfeeed811976fcdcc5c4a46b560e6ec23e22f82be7b290f43f2b82f8e0
214dffe3bbe65e849e8da1769a242d175de232f7b79f3cc7f2cae47292b97054
22b5a9e86f9a851d747b1e8603edb757c8e683423ff1270fc9a0cbad21bf30f9
27f8d23dd70a3b1ad1483724c8efc1f118c66a5db72b1a61593f4af0e82bcc20
29af56b62112eef5e5b0547812f2b093b6a8db2be7bc31fa9a1ae634026f4c1a
2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277
2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c
2cc358f06dc7a068cc0b177cfdbea09cf517681bb4fdca354b8ba13268b60851
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc
308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6
313cb0bad9c891576003622a3c6a02ae96a9e1a68debc7c627ea5fddc206752d
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3f3cd545367485ba660229234b213f845bea2841f41c580b005cb46e26605987
40637dfc895c22deeb30c31fc5a1ffe749363eae48b7169ba4f861b9a1cb694e
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4247ca4589d8dff06d232dfd0e803a4843e1d954bd0773cc65f444bee33847f2
43c064d14e69fdef6336b9aa086a123b2967634c31f541a6afaa1452ad0d96bd
43cfd18499dc36719f7dd66b2b30aa62fbfc7dcd6861817d19a61c0a159c7403
449703d6a077b08f95a3847455f9dcb2a4b54b4c04025ac0d38a64f48dbbaaf6
48387d8ce499219bcdf0339ea3b536610f5135ef8394d733b0b8e4d6d4494301
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4f8dc7d01741f0ce36869304c3879f39798277cd03bba4c2f6ab49d72d890258
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
52c7be1524d5311090e08f0510b1a93a7446e280ecf5238609ed8f7d5bf876e3
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
5423a8eb065ad74539056dcd00ec57a155f134a6bb94338bac06167d517db2cb
543c7142a0625b3ae2e5dcfa6226b98f498cc81503c526b5a36948be087ebb5f
5487a6f59506a25686adc1bdad7ff4be9545349ddc7aadb0bfaa515ae3cf1244
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f4e8f7ceafc93c411bcb29e2c7000c742ee678a64c079a6b8739e2af5653b2a
60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa
61d919573a1cf2539b7e2033dd8a8d9cca1363e429d20b52178dafc676f8b2e9
631c218ee8cc86cbda0e35bfc60160c509ef3f188413d8a83940d7b8b0511689
661365d8d26850d9541b6a900ab0eeeb1d16cc37f6e2d11d9d5919743faac16a
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6e796da2a1b9bbbdc24bf2e2dc1b8f960f531bfe1033c0f073a4bbfe73e54a84
6fd4147bc7da0494eb02f805bbca45739043548a50b01c3273d39c43c468470f
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73551d0994d74d845b5f90b5f61a7bf566767ff53949592082a2b5cd55e02e19
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
77a5ec27e758b7c9bff23ef4f45200fe298fb51fe8ad87c008edc51b73442e33
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
80bb0475bd7756ba23a4a9e910ea36769a4b8f981d8d16a78e40cd0e64029f6f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8289ed784e4285911ff9a7026d0edd50cab5adb0888824ce5e0e39b83816068d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
960e24e9e5f4092f9c8b53c2c552f94f4fa6ded3d2e27c382504f1047a3ca8db
96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
96dfa580986db416a0669725412182121c477c7fd7a164bfe79ba17bfbcdb078
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
a2b113be19e119bb84d4d396edf9926101dd13fbd381ca857af13037f4976d29
a58e758d1eb914f8b0fc5fa29a3cacce5b32efed93453fff26032f1b24c5ce83
a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3
a6d7139525d10396d0bcfe78a5344154db567ab3806eeeef89a16ba3e9848697
a7260c89998dba51ffa677ea4292848fa9a3d364b013cb5ed5808976b42e02ec
a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882
abbd792e20f71ea64e99928b3b9eac8c4052f3c4cbf6841e819aedadf19dd777
ac212158a335abe8eed52a0950981a4aba012d70032cd0486835046a3fc0df53
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b195b421eafc80f00471e0357daf039b5b1452ad7eef28fd4c5dfa1dc927c845
b2b6d171f42062c6baad092a0c7e586e815437c7e6faacaec0e66f93dd5430cb
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
b6c039052d065fc4e58f96e772e79c7af291bdff45f7f0a63811d988a0d4bec4
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b950f2899a41a8d45990d37c200c61641f5a79fbc007bf478b5144e96f0fadb9
babd36a2da0a94172346873c11e2eb098205dfa23b553eda3d3fc7c180b1dc13
bb69989b22ec56bffcf0a2d7050fb38affdbb168868968c7aebaf1c52075762f
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd536bda12f3412d79f47f4aab0d693fd32cfa3fcbefbebcecde78c8116274bf
bde640de5fbcb53d6cf5bfaf352427d6371c08ae925c1ef74d18631852c4fba4
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
c06d3388152ecac303ec82b605cfa5768e404668e0fc92cb0f66d31025e1d832
c0f29cac3312e48b03fcf3091eabdf7388c01b354e95fdf399c1f26d137560fe
c2e273d2979485e959a68f54d1b5454697230d55f60dd40f12f416f591451cd5
c32303ef7ad0a14c7c2b4f4af7211c93ab5b1f17b7804027861c1829e727e1ad
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c527c4d3abbf05ff59ccd224cab31deb51951e871271f8fd9c141ed1e91b885a
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
cdc32aafdb46e903c85c178df5f250e8d90f88007643e1e492788d39fe4902b0
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9
d26940a2d5f47b33084cb759bc6ffaecc33a8cf9606dfb3e584c234fcd1a4a7d
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d43d91fe7a63061274c03685a82d12a2f1e15fce24fe4699231fcab4038a56b3
d6d013e13923d87a879dbfe78c9358c7d13d9bbd8d91db3ec1a493386641abeb
d71a828d2769c2523c75e1a0a13f9d91400cd571fda65a80f72e39fde2d8cf0d
d72fffd7048cdacc445b4eb23520df4a1c824f8cfe4495ca086fc1b2e36a6de5
d7cab659e3400afdb91ad13d5fea2fcd51025c85c1f25be6945a8e66429902d5
d7ec787d9eba3ef677beff408069f4f42d667b778efc828ea1e191921fa92c2b
d97cf2705367e6c1fde89bbcbba44cec9da5b1a7f3dc16133278fcdbc4b7f0dd
dcbbf43562c4706b7646cddf34ee2f45e86b70dcff680f65287a15391bb0f272
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e2210d6ac94a06c7a1f14dff4babd1971a6a45e0f8691e807d0df8c595a8137f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a7af0f19adf1cf7d67e8fbecad6713ec9cde539f7dc5d134544366679e521
e5cd5c6afc45bab3a8dd7a1645b94a8b4598d03e0607bb145478deae02928cf4
e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716
e9e851223ba959dd311e6a67983855ea258cc6d5bda5a6a62b97fccaaa8b5365
ea8ffa3971189c57e251c5e941f9a88a1a2f4255b79994fcd2ab160d76fc1f03
eaaefbca2283bedab9a98643940aa07798981345886a5e1a78a82d91a4aae668
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3
ecc2dc58ccbe0c654faa36f6c86de15eb09b7b0e99820d1b2c4efa5c317d5f3b
ef00d67e59b19eea79a2e8bf067d8910c6697de339adaee79d2856e2fdd0d760
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f4b43899402b4c787457e1275ad825ff389fb54fc3fe146f9203e727d4aded61
f9feb528c188eb14df91967708310b893b8b9ed5bad0dd994828bd173bf3d3cf
fa768817b962146f574bf507b3f5a5a3bf552fe2bd9593591fcfc8fe1fc6080c
fac45de63ec3c660924ca7340b2d2a1d9074eb5b17bf7f97e8177cb5f50b94a9
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

cqureacademy.com Open in urlscan Pro 104.198.110.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

99 %HTTPS

68 %IPv6

25 Domains

38 Subdomains

34 IPs

6 Countries

6064 kBTransfer

11614 kBSize

17 Cookies

11 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cqureacademy.com Open in urlscan Pro
104.198.110.226 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

99 %
HTTPS

68 %
IPv6

25
Domains

38
Subdomains

34
IPs

6
Countries

6064 kB
Transfer

11614 kB
Size

17
Cookies

150 HTTP transactions
13 data transactions