www.tenable.com Open in urlscan Pro
2606:4700:4400::6812:21b6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Submission: On May 05 via manual (May 5th 2022, 7:59:00 pm UTC) from CA — Scanned from CA

Summary HTTP 208 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 44 IPs in 3 countries across 34 domains to perform 208 HTTP transactions. The main IP is 2606:4700:4400::6812:21b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tenable.com. The Cisco Umbrella rank of the primary domain is 221280.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 19th 2022. Valid for: a year.

This is the only time www.tenable.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:440... 2606:4700:4400::6812:21b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
17	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.105.36.121 104.105.36.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	2600:1400:900... 2600:1400:9000::687e:74bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.84.39.75 99.84.39.75	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.2 151.101.193.2	54113 (FASTLY) (FASTLY)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
64	13.225.213.122 13.225.213.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	3.222.34.196 3.222.34.196	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
1	52.85.61.27 52.85.61.27	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	54.175.125.242 54.175.125.242	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:440... 2606:4700:4400::ac40:9a4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.46.20 13.33.46.20	16509 (AMAZON-02) (AMAZON-02)
4	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.213.128 13.225.213.128	16509 (AMAZON-02) (AMAZON-02)
2 2	54.243.191.164 54.243.191.164	14618 (AMAZON-AES) (AMAZON-AES)
2 4	13.33.46.33 13.33.46.33	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2	99.84.126.104 99.84.126.104	16509 (AMAZON-02) (AMAZON-02)
1	54.77.142.136 54.77.142.136	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 7	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	20.36.253.92 20.36.253.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.33.46.79 13.33.46.79	16509 (AMAZON-02) (AMAZON-02)
2 2	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
5	52.203.72.45 52.203.72.45	14618 (AMAZON-AES) (AMAZON-AES)
2	13.35.73.120 13.35.73.120	16509 (AMAZON-02) (AMAZON-02)
4	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
2	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
208	44

31 2606:4700:4400::6812:21b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.105.36.121 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-36-121.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:817::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.39.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-39-75.ewr52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.225.213.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-122.ewr50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2437 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.34.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-34-196.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-27.ewr53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.101.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.125.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-125-242.compute-1.amazonaws.com

cloud.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:9a4a (United States)

ASN13335 (CLOUDFLARENET, US)

api.tenable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-20.ewr52.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.213.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-128.ewr50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.191.164 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-191-164.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.46.33 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-33.ewr52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.126.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-104.ewr52.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.142.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-136.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.36.253.92 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.46.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-79.ewr52.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.87.114 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.203.72.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-72-45.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.73.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-73-120.bos50.r.cloudfront.net

pic.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 10330	1019 KB
59	tenable.com www.tenable.com — Cisco Umbrella Rank: 221280 info.tenable.com static.tenable.com api.tenable.com — Cisco Umbrella Rank: 245872 cloud.tenable.com — Cisco Umbrella Rank: 776	13 MB
9	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 151726 trackingapi.trendemon.com — Cisco Umbrella Rank: 42318 pic.trendemon.com — Cisco Umbrella Rank: 473390	193 KB
9	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2220 insight.adsrvr.org — Cisco Umbrella Rank: 841 match.adsrvr.org — Cisco Umbrella Rank: 447	10 KB
8	vidyard.com play.vidyard.com — Cisco Umbrella Rank: 22780	99 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 11297 bootstrap.api.drift.com — Cisco Umbrella Rank: 11878	485 B
6	company-target.com 2 redirects segments.company-target.com — Cisco Umbrella Rank: 2277 api.company-target.com — Cisco Umbrella Rank: 6580	4 KB
6	clarity.ms 1 redirects j.clarity.ms — Cisco Umbrella Rank: 2780 c.clarity.ms — Cisco Umbrella Rank: 926	24 KB
6	bttrack.com cdn.bttrack.com — Cisco Umbrella Rank: 10626 bttrack.com — Cisco Umbrella Rank: 1231	7 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 899 www.linkedin.com — Cisco Umbrella Rank: 787 px4.ads.linkedin.com — Cisco Umbrella Rank: 4880	4 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 920 script.hotjar.com — Cisco Umbrella Rank: 1202 vars.hotjar.com — Cisco Umbrella Rank: 1251 in.hotjar.com — Cisco Umbrella Rank: 2229	66 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 605 c.bing.com — Cisco Umbrella Rank: 379	13 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 420	624 B
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 635	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 909	454 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 783	1019 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 7163	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	565 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	429 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 1079	541 B
2	quora.com a.quora.com — Cisco Umbrella Rank: 9468 q.quora.com — Cisco Umbrella Rank: 4116	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 478	913 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 746	18 KB
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 11978	19 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 16315	1 KB
1	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 11511	12 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1589	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	111 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1595	5 KB
1	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6945	1 KB
208	34

	Domain	Requested by
64	js.driftt.com	www.tenable.com js.driftt.com
25	www.tenable.com	www.tenable.com
17	info.tenable.com	www.tenable.com info.tenable.com
11	api.tenable.com	www.tenable.com
8	play.vidyard.com	www.tenable.com
7	www.google-analytics.com	www.tenable.com
5	trackingapi.trendemon.com	www.tenable.com
5	bttrack.com	www.tenable.com
5	static.tenable.com	www.tenable.com
4	metrics.api.drift.com	js.driftt.com
4	match.adsrvr.org	www.tenable.com js.adsrvr.org
4	segments.company-target.com	2 redirects www.tenable.com
4	j.clarity.ms	www.tenable.com
3	insight.adsrvr.org	1 redirects www.tenable.com
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.tenable.com
2	bootstrap.api.drift.com	js.driftt.com
2	pic.trendemon.com
2	ups.analytics.yahoo.com	2 redirects
2	assets.trendemon.com	www.tenable.com
2	bam-cell.nr-data.net	www.tenable.com
2	c.clarity.ms	1 redirects
2	api.company-target.com	www.tenable.com
2	id.rlcdn.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	www.google.ca	www.tenable.com
2	www.google.com	www.tenable.com
2	www.facebook.com	www.tenable.com
2	p.adsymptotic.com	1 redirects www.tenable.com
2	stats.g.doubleclick.net	www.tenable.com
2	js.adsrvr.org	www.tenable.com match.adsrvr.org
2	connect.facebook.net	www.tenable.com
1	pixel.rubiconproject.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	www.tenable.com
1	in.hotjar.com	www.tenable.com
1	vars.hotjar.com	www.tenable.com
1	scripts.demandbase.com	www.tenable.com
1	cloud.tenable.com	www.tenable.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.tenable.com
1	script.hotjar.com	www.tenable.com
1	q.quora.com	www.tenable.com
1	tracking.g2crowd.com	www.tenable.com
1	cdn.bttrack.com	www.tenable.com
1	a.quora.com	www.tenable.com
1	static.hotjar.com	www.tenable.com
1	www.upsellit.com	www.tenable.com
1	snap.licdn.com	www.tenable.com
1	www.googleadservices.com	www.tenable.com
1	www.googletagmanager.com	www.tenable.com
1	static.cloudflareinsights.com	www.tenable.com
1	munchkin.marketo.net	www.tenable.com
208	55

This site contains links to these domains. Also see Links.

Domain
cloud.tenable.com
community.tenable.com
de.tenable.com
fr.tenable.com
es-la.tenable.com
pt-br.tenable.com
zh-cn.tenable.com
zh-tw.tenable.com
jp.tenable.com
partners.tenable.com
docs.tenable.com
investors.tenable.com
twitter.com
www.facebook.com
www.linkedin.com
us-cert.cisa.gov
securityintelligence.com
threatpost.com
www.zdnet.com
lookbook.tenable.com
info.tenable.com
uptime.tenable.com
www.youtube.com
store.tenable.com
static.tenable.com

Subject Issuer	Validity	Valid
*.cloud.tenable.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-19` - `2023-02-19`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
info.tenable.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-12` - `2022-05-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
quora.com R3	`2022-04-17` - `2022-07-16`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
*.quora.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2021-06-27` - `2022-07-28`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Frame ID: 325CFDFA5574B5DD6C791A6979948271
Requests: 128 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 6D5DBCAF5F3ED495439485C149E9C360
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 55554130C03AF4F828DBB23C2CF6373D
Requests: 1 HTTP requests in this frame

Frame: https://info.tenable.com/index.php/form/XDFrame
Frame ID: 7E7CCC8BDDFC5F612B91C3167091486E
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
Frame ID: EDBF68C55F8BF1C7D0ADAE4D2F004143
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
Frame ID: B8530DDCF3F4CB6D0C6BD06E5ECF07CA
Requests: 33 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0
Frame ID: 6157731E258433A534FD2FD050BCE9E4
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=isyfy29&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=7gd51iz&upv=1.1.0
Frame ID: 78390071A12B012E2C9E31A3D18F3004
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=isyfy29&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=7gd51iz&upv=1.1.0
Frame ID: 26FBA7DD9760B0F0324086C6FAB757C9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wWIeq4JE2uIcTnmk6iV.AwOO_LELAoo-~A&gdpr=0&gdpr_consent=
Frame ID: BFBD848B5EDDB8414A641E12EA8EF14B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5&google_gid=CAESELmluGlIXiGlVCnW_Em7k-8&google_cver=1
Frame ID: 6A12A0762AC5D00FB2EC403DBE797634
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 206D16B04D3FA9441DA1545BC122F02D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Active Directory is Now in the Ransomware Crosshairs - Blog | Tenable®FacebookGoogle PlusTwitterLinkedInYouTubeRSSMenuSearchResource - BlogResource - WebinarResource - ReportResource - Eventicons_066icons_067icons_068icons_069icons_070CheckCheckTenable.ioCheckTenable.ioCheckCheckCheckCheck

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Page Statistics

208
Requests

98 %
HTTPS

29 %
IPv6

34
Domains

55
Subdomains

44
IPs

3
Countries

15160 kB
Transfer

20016 kB
Size

71
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://cloud.tenable.com/
Title: Tenable.io

Search URL Search Domain Scan URL

URL: https://community.tenable.com/login
Title: Community & Support

Search URL Search Domain Scan URL

URL: https://de.tenable.com/?tns_languageOverride=true
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://fr.tenable.com/?tns_languageOverride=true
Title: Français (France)

Search URL Search Domain Scan URL

URL: https://es-la.tenable.com/?tns_languageOverride=true
Title: Español (América Latina)

Search URL Search Domain Scan URL

URL: https://pt-br.tenable.com/?tns_languageOverride=true
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://zh-cn.tenable.com/?tns_languageOverride=true
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://zh-tw.tenable.com/?tns_languageOverride=true
Title: 繁體中文

Search URL Search Domain Scan URL

URL: https://jp.tenable.com/?tns_languageOverride=true
Title: 日本語

Search URL Search Domain Scan URL

URL: https://community.tenable.com/s/
Title: Research Community

Search URL Search Domain Scan URL

URL: https://partners.tenable.com/#/page/partner-login
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://docs.tenable.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/news-releases
Title: Financial News Releases

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs&title=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs&summary=&source=

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-265a
Title: The joint CISA, FBI and NSA alert

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-291a
Title: issued a joint alert

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/posts/lockbit-ransomware-attacks-surge-affiliate-recruitment/
Title: analyzed the new tactics used by LockBit operators

Search URL Search Domain Scan URL

URL: https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/
Title: Ryuk

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/kaseya-victim-struggling-with-decryption-after-revil-goes-dark/
Title: REvil

Search URL Search Domain Scan URL

URL: https://lookbook.tenable.com/ransomware-2021/anatomy-ransomware-e
Title: Anatomy of a Modern Ransomware Attack eBook

Search URL Search Domain Scan URL

URL: https://lookbook.tenable.com/ransomware-2021/how-to-protect-ad-ransomware
Title: How to Protect Active Directory Against Ransomware Attacks

Search URL Search Domain Scan URL

URL: https://lookbook.tenable.com/ransomware-2021/webinar-five-ways-to-strengthen-ad-to-prevent-ransomware-attacks
Title: Five Ways to Strengthen Active Directory Security and Prevent Ransomware Attacks

Search URL Search Domain Scan URL

URL: https://info.tenable.com/SubscriptionManagement.html
Title: Tenable's Subscription Center

Search URL Search Domain Scan URL

URL: http://uptime.tenable.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/stock-information/stock-quote-chart
Title: Stock Quote/Chart

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/events-and-presentations/events
Title: Investor Events

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/events-and-presentations/presentations
Title: Presentations

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/financial-information/sec-filings
Title: SEC Filings

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/financial-information/annual-reports
Title: Annual Reports

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/financial-information/quarterly-results
Title: Quarterly Results

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/corporate-governance/governance-overview
Title: Governance Highlights

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/corporate-governance/committee-composition
Title: Committee Composition

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/investor-resources/analyst-coverage
Title: Analyst Coverage

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/investor-resources/information-request
Title: Information Request

Search URL Search Domain Scan URL

URL: https://investors.tenable.com/investor-resources/email-alerts
Title: Email Alerts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Tenable.Inc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/tenableinc/

Search URL Search Domain Scan URL

URL: https://twitter.com/tenablesecurity

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCX_67IPEhqyYF9ppVRAcAwQ

Search URL Search Domain Scan URL

URL: https://store.tenable.com/1479/purl-tiotwoyear?quantity=65&x-promotion=www-webmodal-io-c
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://store.tenable.com/1479/purl-NessusOneYear?x-promotion=SEMLanding
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://static.tenable.com/training/ProServ/ds/PS_DS_NES_Fund_Course.pdf
Title: More info

Search URL Search Domain Scan URL

URL: https://store.tenable.com/1479/purl-webNessusOneYearBundle_Support?x-promotion=www-webmodal-nessus-c
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://community.tenable.com/s/products
Title: Renew an existing license

Search URL Search Domain Scan URL

URL: https://store.tenable.com/1479/?scope=checkout&cart=202710&quantity=5&x-promotion=www-webmodal-was-c
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://info.tenable.com/blog-subscription-page.html?utm_source=subscriptionbanner&utm_campaign=00021063&utm_promoter=tenable-ops&utm_medium=banner&utm_content=other-blog%20subscription&utm_source=trendemon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D44792%26time%3D1651780732336%26url%3Dhttps%253A%252F%252Fwww.tenable.com%252Fblog%252Factive-directory-is-now-in-the-ransomware-crosshairs%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true&liSync=true&e_ipv6=AQJ534SN6CjyEgAAAYCVzchPoSLPrrcOgLvK3M6vCJkvlhMEHRvT4mmtk--yhLe2QUVpCcAsCA HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae&_expected_cookie=99587c4859df54cda8f44665a42acefa

Request Chain 104

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw&verifyHash=56134394f996dcd48c13ffa579907dd0fd09fdef

Request Chain 105

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCP3Y0JMGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg&verifyHash=759bde49ef145ae926649dbf2d7aca7345f1e105

Request Chain 116

https://insight.adsrvr.org/track/up?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0

Request Chain 119

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&RedC=c.clarity.ms&MXFR=1DFF6EAA731B67702FFC7F31771B69FC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&MUID=1940EDA9C786625F20B6FC32C6AC635B

Request Chain 125

https://ups.analytics.yahoo.com/ups/55953/sync?uid=3652a20f-0226-454c-8a66-7fd70d99d3a5&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3652a20f-0226-454c-8a66-7fd70d99d3a5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wWIeq4JE2uIcTnmk6iV.AwOO_LELAoo-~A&gdpr=0&gdpr_consent=

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzY1MmEyMGYtMDIyNi00NTRjLThhNjYtN2ZkNzBkOTlkM2E1&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5&google_gid=CAESELmluGlIXiGlVCnW_Em7k-8&google_cver=1

Request Chain 127

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3652a20f-0226-454c-8a66-7fd70d99d3a5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

208 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request active-directory-is-now-in-the-ransomware-crosshairs Show response
www.tenable.com/blog/ 157 KB
41 KB 672ms
607ms Document
text/html 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bae4efe7d8c226b5954287c863835edc38f9e024be5443c619b4b6ef436bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 706c0da0b9c8ca53-YUL
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 05 May 2022 19:58:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 05 May 2022 23:58:51 GMT
last-modified: Tue, 03 May 2022 17:37:00 GMT
link: <https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs>; rel="canonical" <https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs>; rel="revision"
permissions-policy: interest-cohort=()
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Origin
x-content-type-options: nosniff
x-drupal-dynamic-cache: UNCACHEABLE
x-hiring: https://www.tenable.com/careers
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 css_DfIk0kDE_97QqZBJr5TF4iiP6Rt7nG3gWSu-Jh5AKCY.css
www.tenable.com/sites/default/files/css/ 7 KB
2 KB 39ms
38ms Stylesheet
text/css 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/sites/default/files/css/css_DfIk0kDE_97QqZBJr5TF4iiP6Rt7nG3gWSu-Jh5AKCY.css

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df224d240c4ffded0a99049af94c5e2288fe91b7b9c6de0592bbe261e402826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
vary: Accept-encoding,Origin
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Apr 2022 17:24:24 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=1209600
cf-ray: 706c0da4af67ca53-YUL
expires: Thu, 19 May 2022 18:02:24 GMT

GET
H2 200 css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
www.tenable.com/sites/default/files/css/ 943 KB
149 KB 53ms
53ms Stylesheet
text/css 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71350a60c07c59bcf73f8387e61311485bd9f851053e6288b449d755c76c8d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Accept-encoding,Origin
x-xss-protection: 1; mode=block
last-modified: Tue, 03 May 2022 13:20:52 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=1209600
cf-ray: 706c0da4af6bca53-YUL
expires: Thu, 19 May 2022 17:57:06 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 70 KB
23 KB 15ms
11ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

044924ad31fe03128f25f828f7e75e682334954261ec55910816a2875cc65fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 708361
x-cache: HIT
x-cache-hits: 1
content-length: 22901
x-served-by: cache-yul12825-YUL
x-china: 0
last-modified: Wed, 27 Apr 2022 15:08:24 GMT
etag: "4623f9dd0300fc5d288fdae9c4d146ec"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iqPFEzcZG1vUXssSkQjsb9.js Show response
play.vidyard.com/ 56 KB
14 KB 62ms
11ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/iqPFEzcZG1vUXssSkQjsb9.js?v=3.1.1&type=lightbox

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f8e3e4ea30c6e03cef4e741828c860c28f2fa2f49d2016f6e6c1d0735506595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
age: 24137
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 13911
x-served-by: cache-yul12825-YUL
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1651780732.677271,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"df26-1tUIzU81C+akGnNW2xCD622icR8"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 BBisem3UakzQgDyouBp3Lh.js Show response
play.vidyard.com/ 56 KB
14 KB 65ms
15ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/BBisem3UakzQgDyouBp3Lh.js?v=3.1.1&type=lightbox

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70585dff180f73f8b1af796da43e257e1818fd37580f8610b7fade0f7dca97d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
age: 24137
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 13928
x-served-by: cache-yul12825-YUL
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1651780732.677633,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"df1a-E0dfJJquaqkuLxgAICa17Iotj1c"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 MqRaPhQDkjTQxfHedZ6c4L.js Show response
play.vidyard.com/ 52 KB
12 KB 63ms
12ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/MqRaPhQDkjTQxfHedZ6c4L.js?v=3.1.1&type=lightbox

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b067086b86891a63bd42ab3851ed89dc9b262ef597120478585393118785b264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
age: 24137
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 12329
x-served-by: cache-yul12825-YUL
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1651780732.677478,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"d090-0umYZBmJ+iQ+kCqQiPW6i81RDjI"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ZooDLBSDd3KusYoCiCDfhH.js Show response
play.vidyard.com/ 52 KB
12 KB 71ms
20ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZooDLBSDd3KusYoCiCDfhH.js?v=3.1.1&type=lightbox

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

19e5d07091eb6553cd3a12010905f025d965befa7297b57d982b979dcd18f0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
age: 24137
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 12344
x-served-by: cache-yul12825-YUL
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1651780732.677844,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"d0c9-zc/yYHR7ZYdX3BttkS4QbKJeBp4"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pwyUta1RRdjKnhYN3gsK6d.js Show response
play.vidyard.com/ 52 KB
12 KB 73ms
23ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/pwyUta1RRdjKnhYN3gsK6d.js?v=3.1.1&type=lightbox

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

acc0a33b2a3746bf05b39014f8567c2fc4367c1c8a5748af65ce56f925e441c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
age: 24137
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 12329
x-served-by: cache-yul12825-YUL
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1651780732.677865,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"d089-Gx+xI3k/cQoq8/tRwW4vheC5UCo"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 social-twitter.png
www.tenable.com/themes/custom/tenable/img/social/ 2 KB
2 KB 48ms
44ms Image
image/png 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/themes/custom/tenable/img/social/social-twitter.png

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e566e050b230d0130abf8d9cdbc8135e7fc13d4edbbb41a5dfc2858da3aefce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
vary: Origin, Accept-Encoding
content-length: 1663
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:41:59 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558b9ca53-YUL
expires: Thu, 19 May 2022 18:02:24 GMT

GET
H2 200 social-facebook.png
www.tenable.com/themes/custom/tenable/img/social/ 1 KB
1 KB 41ms
37ms Image
image/png 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/themes/custom/tenable/img/social/social-facebook.png

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0aebf4e46d714bf3e4e15b1ccae62f714ca016e001701d370a5db92f5ff5abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
vary: Origin, Accept-Encoding
content-length: 1453
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:41:59 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558baca53-YUL
expires: Thu, 19 May 2022 18:02:24 GMT

GET
H2 200 social-linkedin.png
www.tenable.com/themes/custom/tenable/img/social/ 2 KB
2 KB 40ms
35ms Image
image/png 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/themes/custom/tenable/img/social/social-linkedin.png

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b71b0fae6c847551bc42ab9b79ff12329694cec2cf3d84dbf9af810b340f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
vary: Origin, Accept-Encoding
content-length: 1538
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:41:59 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558bbca53-YUL
expires: Thu, 19 May 2022 18:02:24 GMT

GET
H2 200 picture-11049-1619555761.jpg
www.tenable.com/sites/default/files/img/users/ 12 KB
12 KB 102ms
97ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/img/users/picture-11049-1619555761.jpg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

628610bfef68a72d91bda7eee896180e5d65337572bf9de1753bfe9a086bab3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Origin, Accept-Encoding
content-length: 12495
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Sep 2021 19:36:22 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558bdca53-YUL
expires: Thu, 19 May 2022 19:58:51 GMT

GET
H2 200 AdobeStock_248697836.jpeg
www.tenable.com/sites/default/files/images/articles/ 2 MB
2 MB 118ms
114ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/images/articles/AdobeStock_248697836.jpeg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3405fb4794342c2c457317caa92e7e032360d768804b03cb641cd72215cf4cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Origin, Accept-Encoding
content-length: 2441891
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 16:18:54 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558beca53-YUL
expires: Thu, 19 May 2022 19:58:51 GMT

GET
H2 200 picture-9425-1588868705.png
www.tenable.com/sites/default/files/img/users/ 285 KB
285 KB 52ms
48ms Image
image/png 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/img/users/picture-9425-1588868705.png

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa02665f02d2de5799b4753498b951582e36348ef03392f286f17d7728aa282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
vary: Origin, Accept-Encoding
content-length: 291654
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Sep 2021 19:36:24 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da558bfca53-YUL
expires: Thu, 19 May 2022 18:09:26 GMT

GET
H2 200 picture-11599-1630506452.jpg
www.tenable.com/sites/default/files/img/users/ 26 KB
26 KB 105ms
102ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/img/users/picture-11599-1630506452.jpg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c930b221adde5b672ebea399456b8f2b70f25d4154436d0520d30963d72b9185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Origin, Accept-Encoding
content-length: 26831
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Sep 2021 19:36:23 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da568c4ca53-YUL
expires: Thu, 19 May 2022 19:58:51 GMT

GET
H2 200 forms2.js Show response
info.tenable.com/js/forms2/js/ 563 KB
159 KB 281ms
41ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.tenable.com/js/forms2/js/forms2.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c29b8f5e24af244ef6ceba48c1744090b67c5cb70d2486110eaec4a11333219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 6
etag: "c12e4-8cc40-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 706c0da6dd263ff7-YYZ
expires: Thu, 05 May 2022 23:58:51 GMT

GET
H2 200 facebook-white.svg
static.tenable.com/marketing/icons/social/SVG/ 521 B
518 B 59ms
34ms Image
image/svg+xml 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tenable.com/marketing/icons/social/SVG/facebook-white.svg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d2d60413ece347b21e8f56a303ed9359e358b3e6b298dcb0fc61e6b7db79db

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' .tenable.com .tenablesecurity.com; style-src .tenable.com 'self' 'unsafe-inline'; img-src 'self' .tenable.com .tenablesecurity.com; font-src 'self' .tenable.com *.tenablesecurity.com; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 18:55:07 GMT
server: cloudflare
age: 2374
etag: W/"209-5bd97c9d0d6c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
content-security-policy: script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' *.tenable.com *.tenablesecurity.com; style-src *.tenable.com 'self' 'unsafe-inline'; img-src 'self' *.tenable.com *.tenablesecurity.com; font-src 'self' *.tenable.com *.tenablesecurity.com; object-src 'none';
strict-transport-security: max-age=31536000
cf-ray: 706c0da578e4ca53-YUL
x-xss-protection: 1; mode=block

GET
H2 200 linkedin-white.svg
static.tenable.com/marketing/icons/social/SVG/ 644 B
485 B 81ms
56ms Image
image/svg+xml 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tenable.com/marketing/icons/social/SVG/linkedin-white.svg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81c05525a30c59312505b6c75b2b42b3b1cc7a1481b06cb747e978642a55e4c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' .tenable.com .tenablesecurity.com; style-src .tenable.com 'self' 'unsafe-inline'; img-src 'self' .tenable.com .tenablesecurity.com; font-src 'self' .tenable.com *.tenablesecurity.com; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 18:55:26 GMT
server: cloudflare
age: 2374
etag: W/"284-5bd97caf9e11c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
content-security-policy: script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' *.tenable.com *.tenablesecurity.com; style-src *.tenable.com 'self' 'unsafe-inline'; img-src 'self' *.tenable.com *.tenablesecurity.com; font-src 'self' *.tenable.com *.tenablesecurity.com; object-src 'none';
strict-transport-security: max-age=31536000
cf-ray: 706c0da578e2ca53-YUL
x-xss-protection: 1; mode=block

GET
H2 200 twitter-white.svg
static.tenable.com/marketing/icons/social/SVG/ 835 B
787 B 57ms
33ms Image
image/svg+xml 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tenable.com/marketing/icons/social/SVG/twitter-white.svg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f716a00ed98e610465ab91f12b6d055fa55502f53537088e9171a46f115343f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' .tenable.com .tenablesecurity.com; style-src .tenable.com 'self' 'unsafe-inline'; img-src 'self' .tenable.com .tenablesecurity.com; font-src 'self' .tenable.com *.tenablesecurity.com; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 18:55:34 GMT
server: cloudflare
age: 2374
etag: W/"343-5bd97cb6be1f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
content-security-policy: script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' *.tenable.com *.tenablesecurity.com; style-src *.tenable.com 'self' 'unsafe-inline'; img-src 'self' *.tenable.com *.tenablesecurity.com; font-src 'self' *.tenable.com *.tenablesecurity.com; object-src 'none';
strict-transport-security: max-age=31536000
cf-ray: 706c0da578e8ca53-YUL
x-xss-protection: 1; mode=block

GET
H2 200 youtube-white.svg
static.tenable.com/marketing/icons/social/SVG/ 927 B
635 B 60ms
36ms Image
image/svg+xml 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tenable.com/marketing/icons/social/SVG/youtube-white.svg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4f2ed317dca64f49d9743eb7db2ea0eb1f5138b8e0241efd4785ce6a0f4ca3

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' .tenable.com .tenablesecurity.com; style-src .tenable.com 'self' 'unsafe-inline'; img-src 'self' .tenable.com .tenablesecurity.com; font-src 'self' .tenable.com *.tenablesecurity.com; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 15 Mar 2021 18:55:39 GMT
server: cloudflare
age: 7031
etag: W/"39f-5bd97cbb718b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
content-security-policy: script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' *.tenable.com *.tenablesecurity.com; style-src *.tenable.com 'self' 'unsafe-inline'; img-src 'self' *.tenable.com *.tenablesecurity.com; font-src 'self' *.tenable.com *.tenablesecurity.com; object-src 'none';
strict-transport-security: max-age=31536000
cf-ray: 706c0da578e7ca53-YUL
x-xss-protection: 1; mode=block

GET
H2 200 Tenable.io-White-RGB-logo.svg
static.tenable.com/press/logos/products/ 6 KB
2 KB 64ms
40ms Image
image/svg+xml 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.tenable.com/press/logos/products/Tenable.io-White-RGB-logo.svg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6f17afd76ff70f569422aa53ba0033a1fbdbb6d21865d64684953f18498a61

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' .tenable.com .tenablesecurity.com; style-src .tenable.com 'self' 'unsafe-inline'; img-src 'self' .tenable.com .tenablesecurity.com; font-src 'self' .tenable.com *.tenablesecurity.com; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 21:13:58 GMT
server: cloudflare
age: 7031
etag: W/"1678-5c06decae41b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
content-security-policy: script-src 'sha256-BogeDORLce8bK9ccF93GpTh+mG4fs8s+oU+oEG6QrXs=' *.tenable.com *.tenablesecurity.com; style-src *.tenable.com 'self' 'unsafe-inline'; img-src 'self' *.tenable.com *.tenablesecurity.com; font-src 'self' *.tenable.com *.tenablesecurity.com; object-src 'none';
strict-transport-security: max-age=31536000
cf-ray: 706c0da578e9ca53-YUL
x-xss-protection: 1; mode=block

GET
H2 200 js_lZKL4YPOlUpeF8eRq8wwbfZE0pv7TQMpwLEGeSuSv94.js Show response
www.tenable.com/sites/default/files/js/ 313 KB
90 KB 58ms
53ms Script
text/javascript 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/sites/default/files/js/js_lZKL4YPOlUpeF8eRq8wwbfZE0pv7TQMpwLEGeSuSv94.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95928be183ce954a5e17c791abcc306df644d29bfb4d0329c0b106792b92bfde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Accept-encoding,Origin
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 14:14:03 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 706c0da558afca53-YUL
expires: Thu, 19 May 2022 17:57:06 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 124ms
19ms Script
application/x-javascript 104.105.36.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.36.121 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-36-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 cookie.js Show response
www.tenable.com/lp/ 72 KB
21 KB 48ms
43ms Script
application/javascript 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/lp/cookie.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9547bb782ae183f7d388e3ad99cc7799aa99f80ec81583027101f49f22380d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
via: 1.1 6ff4697c5089876d94430beacc9a4d5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9481
x-cache: Miss from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 05 May 2022 17:13:04 GMT
server: cloudflare
etag: W/"702dd9d40e236051a7bd321fd0657ae7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: IAD66-C1
cf-ray: 706c0da558b4ca53-YUL
x-amz-cf-id: tvrD3S1cNVlDER5KMnUbSIaXTdyGtSLJQrSFMeXfHT_K4660DWvFSQ==
expires: Fri, 06 May 2022 19:58:51 GMT

GET
H2 200 tenable-evals.js Show response
www.tenable.com/evaluations/api/v1/ 81 KB
19 KB 160ms
154ms Script
application/javascript 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/evaluations/api/v1/tenable-evals.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da09615e068424b8049c82c35ce8c6866b5c9fa7014a6f1c8aaaa3ca53b5bd3c

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' data:;style-src 'unsafe-inline';default-src 'self';connect-src 'self' *.ziftone.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-correlation-id: 242012db-ee11-40b7-b7a8-9c21c3ab4623
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
content-encoding: br
vary: Origin, Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 14 Apr 2022 18:38:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
cache-control: max-age=0
content-security-policy: img-src 'self' data:;style-src 'unsafe-inline';default-src 'self';connect-src 'self' *.ziftone.com
cf-ray: 706c0da558b5ca53-YUL

GET
H2 200 buy.js Show response
www.tenable.com/themes/custom/tenable/js/ 29 KB
5 KB 40ms
34ms Script
application/javascript 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/js/buy.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957cf14ab21892a13bc2b47a407c1934782048d5f087c16437efcbadadf27e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Accept-Encoding,Origin
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:41:59 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 706c0da558b8ca53-YUL
expires: Thu, 19 May 2022 17:57:07 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 90ms
62ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.tenable.com/
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 706c0da5887e714b-YUL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 486 KB
111 KB 83ms
35ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBM4TM

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59b7cb2e5b9e3ca6c360fa507fefd1db7232a5027f1ebfa3c5ef04dc884c48bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113485
x-xss-protection: 0
last-modified: Thu, 05 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 May 2022 19:58:51 GMT

GET
H2 200 Site-Blog-Banner-B.aead9902.jpg
www.tenable.com/themes/custom/tenable/dist/ 147 KB
147 KB 25ms
24ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/themes/custom/tenable/dist/Site-Blog-Banner-B.aead9902.jpg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad5144ecfa7aa77a746c88146ea32e6ac05dc1637442084c63ab42f43e2955a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6498
strict-transport-security: max-age=31536000
content-length: 150473
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:32 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cf-bgj: h2pri
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da5d93dca53-YUL
expires: Thu, 19 May 2022 18:02:24 GMT

GET
H2 200 Tenable%20acquires%20Cymptom.jpeg
www.tenable.com/sites/default/files/images/articles/ 4 MB
4 MB 126ms
125ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/images/articles/Tenable%20acquires%20Cymptom.jpeg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d34dcc4059a8223e1cd8251b9768270993625f9b041777506e421dbd69426db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Origin, Accept-Encoding
content-length: 3748549
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Feb 2022 16:16:40 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da5d944ca53-YUL
expires: Thu, 19 May 2022 19:58:51 GMT

GET
H2 200 How%20Tenable%20Can%20Help%20You%20Find%20and%20Fix%20Vulnerabilities%20in%20CISA%20Directive%2022-01.jpeg
www.tenable.com/sites/default/files/images/articles/ 6 MB
6 MB 92ms
92ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/images/articles/How%20Tenable%20Can%20Help%20You%20Find%20and%20Fix%20Vulnerabilities%20in%20CISA%20Directive%2022-01.jpeg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4488ad5f693523bf50adb0b50d17582932f2a2dac6038c638e960f9f560cb10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000
content-length: 6163346
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 16:18:52 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cf-bgj: h2pri
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da5d946ca53-YUL
expires: Thu, 19 May 2022 18:27:20 GMT

GET
H2 200 How%20to%20secure%20the%20remote%20workforce%20in%20Japan.jpg
www.tenable.com/sites/default/files/images/articles/ 63 KB
63 KB 121ms
120ms Image
image/jpeg 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tenable.com/sites/default/files/images/articles/How%20to%20secure%20the%20remote%20workforce%20in%20Japan.jpg

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d995b730dc1eb8f94745e62e29f452d0bb1c2945b0d1973f547840f336164f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
vary: Origin, Accept-Encoding
content-length: 64618
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 13:08:45 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0da5d947ca53-YUL
expires: Thu, 19 May 2022 19:58:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
18ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4498
date: Thu, 05 May 2022 18:43:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 05 May 2022 20:43:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 92ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B57765234CF4A4FA53FF6D4A96D3A90 Ref B: YTO01EDGE0406 Ref C: 2022-05-05T19:58:52Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 05 May 2022 19:58:51 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 116ms
59ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14870
x-xss-protection: 0
server: cafe
etag: 5318846328053810925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 May 2022 19:58:52 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 167ms
51ms Script
application/x-javascript 2600:1400:9000::687e:74bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=9221
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 tenable.jsp Show response
www.upsellit.com/active/ 37 KB
12 KB 37ms
12ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/tenable.jsp

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

36ae2f417865635b6883a8aaa11c44530c779cc473cb2fb1b3f1d68a090fa599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
server: nginx
age: 41100
date: Thu, 05 May 2022 08:33:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11716
expires: Fri, 06 May 2022 08:33:52 GMT

GET
H2 200 hotjar-171589.js Show response
static.hotjar.com/c/ 4 KB
2 KB 86ms
20ms Script
application/javascript 99.84.39.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-171589.js?sv=5

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.39.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-39-75.ewr52.r.cloudfront.net

Software

Resource Hash

c237f6d371b4364f2e1aa877c8a189e5e3d52d6eebfdb5c973d5d52ec77d8dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1930
access-control-allow-origin: *
cache-control: max-age=60
etag: W/06272de6a496d21f31420f8e0d383caa
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: cfq_vxtIl27ePh5wdqM-1aSW7MV8qijyMMfTAgTftlGVj39mA0BElQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 68ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: NKda8q68taecICR7K2WY4Y9VreiyVjcfdKIUO3Y2da1MCFpDyTG5u23H6m0z77kuwv0sgup93+IDFbyQXYj4iA==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 05 May 2022 19:58:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 84ms
20ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 04:10:13 GMT
Via: 1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 56920
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: xPbBL_tokJerqCWlu4ASLMNwkzORX9OJOrmbhGCpQmjohJoggxlP_g==

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 46ms
15ms Script
text/plain 151.101.193.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
etag: "47078e63380c6b0cbbfb6d8508b25ee7"
age: 6070
x-cache: HIT, HIT
content-length: 14031
x-amz-id-2: Mt5ixruyZQMuz2hyMbp/KTbIH5giRHNsfo1OkmpT5XkJbFR2kZYpxLrrBKhfsMq5S8uY+UYjOac=
x-served-by: cache-iad-kjyo7100061-IAD, cache-yul12822-YUL
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
x-timer: S1651780732.125127,VS0,VE0
date: Thu, 05 May 2022 19:58:52 GMT
vary: Accept-Encoding
x-amz-request-id: TA3D3A2BNPW868DS
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 2, 1649

GET
H/1.1 200
OK analytics.min.js Show response
cdn.bttrack.com/js/15635/analytics/1.0/ 599 B
696 B 114ms
25ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/js/15635/analytics/1.0/analytics.min.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: fad196b0439b7b6f6420de47a92d5c784d951ac45c9eb6caf87b13f6d4084d1d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:52 GMT
Content-Encoding: gzip
X-HW: 1651780732.dop058.dc2.t,1651780732.cds090.dc2.shn,1651780732.dop058.dc2.t,1651780732.cds008.dc2.c
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=6320
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 369

GET
H2 200 uc5xu7xrzxrr.js Show response
js.driftt.com/include/1651780800000/ 230 KB
66 KB 153ms
53ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1651780800000/uc5xu7xrzxrr.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

5b28dd8f70d58f286c38dc3b4e1709b9d7679748903ced472faa59c9a8ad5c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: T6OEimbd0iti2TbyE0MkYDgaorC.LazT
content-encoding: gzip
etag: W/"65b0df18a37585dc155c44f92bc59d31"
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 19:13:38 GMT
server: nginx
date: Thu, 05 May 2022 19:58:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SQFon0f_-TmG-Vq9fO9i3sEnFRbzq0ZbhDULJgYPMJ4TI28n4M6FmA==

GET
H2 200 1781.gif
tracking.g2crowd.com/attribution_tracking/conversions/ 43 B
1 KB 91ms
51ms Image
image/gif 2606:4700:4400::6812:2437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1781.gif?e=&gtmcb=100725451

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2437 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: ece07b4a-9004-40d1-afa9-fd2622bb9c85
x-runtime: 0.003959
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a065920df8cc4016d67c3a464be90099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: image/gif
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 706c0da82a8dca6f-YUL

GET
H/1.1 200
OK default
bttrack.com/Pixel/Conversion/15635/ 35 B
574 B 114ms
25ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Conversion/15635/default?type=img
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName: Track002-iad
Pragma: no-cache
Date: Thu, 05 May 2022 19:58:43 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/20691cd63dc04115b586f6c311deb403/ 43 B
423 B 106ms
24ms Image
image/gif 3.222.34.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/20691cd63dc04115b586f6c311deb403/pixel?j=1&u=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&tag=ViewContent&ts=1651780732173

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.34.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-34-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,42ccc0ff9900345030d0af7433cd3a2f,10.0.0.118,59796,149.56.153.187,,28689857300,1,1651780732.270,0.001,,.,0,0,0.000,0.000,-,0,0,197,215,107,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 2048069528843197 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2048069528843197?v=2.9.58&r=stable

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9ce44b13bf658d2464fd423298d616e8150475c911c29bb891ff1d8ad1896b6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88909
x-xss-protection: 0
pragma: public
x-fb-debug: YKzFbhFEoeLUmQMMa1e/1cRs06aroNOMW9qzbNZK0lmBSRV9LzjrlvG7WsiiL7l8T0X2CN8Xx78SF1ksAQ+7ng==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Thu, 05 May 2022 19:58:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
33ms XHR
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2032522062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&ul=en-us&de=UTF-8&dt=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=949240257&gjid=334772644&cid=1977830125.1651780732&tid=UA-2024167-13&_gid=731808469.1651780732&_r=1&gtm=2wg540NBM4TM&cd19=aa1c068b-5a2b-4145-a3c9-8438af69f51d&z=937343444

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tenable.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 87ms
35ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2024167-20&cid=1977830125.1651780732&jid=901237712&gjid=1907138556&_gid=731808469.1651780732&_u=YGDAgEABAAAAAG~&z=710633692

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 May 2022 19:58:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.tenable.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
19ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2032522062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&dp=GAVirtual%2Fblog&ul=en-us&de=UTF-8&dt=GAVirtual%2Fhttps%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=901237712&gjid=1907138556&cid=1977830125.1651780732&tid=UA-2024167-20&_gid=731808469.1651780732&gtm=2wg540NBM4TM&z=1564770402

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 12:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28635
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 89ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2024167-13&cid=1977830125.1651780732&jid=949240257&gjid=334772644&_gid=731808469.1651780732&_u=YEBAAAAAAAAAAC~&z=1732777112

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 May 2022 19:58:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.tenable.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5107f832d0ffac1bd5aa.js Show response
script.hotjar.com/ 238 KB
62 KB 92ms
22ms Script
application/javascript 52.85.61.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5107f832d0ffac1bd5aa.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-27.ewr53.r.cloudfront.net

Software

Resource Hash

b420ab4da31c0bbba899c91b4d4b239d852288d430d28925375d0929a2719320

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 11:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32326
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63396
access-control-allow-origin: *
last-modified: Thu, 05 May 2022 10:59:31 GMT
etag: "c3dddda04be98988fd65482e1048e141"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iVFoPY78CnyMbgfQ4AmxgjFd5-rzmWFUuIqT_HeXlGwtjDEPfx8_kQ==

GET
H2 200 4022390.js Show response
bat.bing.com/p/action/ 1 KB
1 KB 165ms
165ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4022390.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad8f01bf08020885accb1b48c7d4690ad971ede94beffbbc6e291af0ae3c98f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2DDCAAC2ECE487592F81C0E997A3DA0 Ref B: YTO01EDGE0406 Ref C: 2022-05-05T19:58:52Z
date: Thu, 05 May 2022 19:58:52 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 934

GET
H/1.1 200
OK js Show response
bttrack.com/engagement/ 10 KB
4 KB 39ms
38ms Script
text/javascript 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/js?goalId=15635&cb=1651780732329
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: ed3db5863f10a0c09aac6f37a5c78c11d07f6dd47e2ee5a21de3cb8617a0adb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Thu, 05 May 2022 19:58:51 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 3539
Expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071437299/ 2 KB
2 KB 100ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071437299/?random=1651780732332&cv=9&fst=1651780732332&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&tiba=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eecb686f11495de742a45aba773fecfd6a679d862634bab8a228e6199d327cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D44792%26time%3D1651780732336%26url%3Dhttps%253A%252F%252Fwww.tenable.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=44792&time=1651780732336&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&cookiesTest=true&liSync=...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae&_expected_cookie=99587c4859df54cda8f44665...

43 B
142 B

75ms
75ms

Image
image/gif

104.18.101.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae&_expected_cookie=99587c4859df54cda8f44665a42acefa
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Server: 104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 706c0db2ba8f5497-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3848d603-bd7c-467c-a8d2-028a47e90bae&_expected_cookie=99587c4859df54cda8f44665a42acefa
date: Thu, 05 May 2022 19:58:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 706c0db219f25497-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 71ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2048069528843197&ev=PageView&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&rl=&if=false&ts=1651780732350&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651780732349.2108431794&it=1651780732181&coo=false&rqm=GET

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 05 May 2022 19:58:52 GMT

GET
H/1.1 200
OK event Show response
bttrack.com/engagement/ 0
595 B 94ms
25ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%22360b9e80-d00e-44d5-8955-f5ef7abbf052%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215635%22%2C%22sessionId%22%3A%22ac6a701c-2298-4eac-ae1b-3cc0e42ce961%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName: Track003-iad
Pragma: no-cache
Date: Thu, 05 May 2022 19:58:44 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/plain
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK getpixels Show response
bttrack.com/engagement/ 0
400 B 98ms
25ms XHR
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/getpixels?gid=15635
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Thu, 05 May 2022 19:58:51 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/html
Content-Length: 0
Expires: -1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 85ms
38ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2024167-13&cid=1977830125.1651780732&jid=949240257&_u=YEBAAAAAAAAAAC~&z=983054748

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 95ms
37ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2024167-13&cid=1977830125.1651780732&jid=949240257&_u=YEBAAAAAAAAAAC~&z=983054748

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 9 KB
3 KB 38ms
37ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3971&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732417&_=1651780732418
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b93e55f8a26705cd6a2fe02e81855114722873f98e1edf4a00c02838eda9a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0da9cf703ff7-YYZ
cached: true

GET
H2 200 barlow-light-webfont.0d9eafd4.woff2
www.tenable.com/themes/custom/tenable/dist/ 23 KB
23 KB 45ms
44ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-light-webfont.0d9eafd4.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b1a81fb3be0a4f9726890476c1b3e107689a756de19624b40de487de9cb60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Origin, Accept-Encoding
content-length: 23476
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0eccca53-YUL
expires: Thu, 19 May 2022 17:57:14 GMT

GET
H2 200 barlow-regular-webfont.d25ee04c.woff2
www.tenable.com/themes/custom/tenable/dist/ 23 KB
24 KB 34ms
34ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-regular-webfont.d25ee04c.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5197c665ea4b68a0b713c92a541df2f8fdbc6f314f8e684d316ac6ed713f662a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Origin, Accept-Encoding
content-length: 23944
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0ececa53-YUL
expires: Thu, 19 May 2022 17:57:15 GMT

GET
H2 200 barlow-semibold-webfont.0ee24eeb.woff2
www.tenable.com/themes/custom/tenable/dist/ 24 KB
24 KB 44ms
44ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-semibold-webfont.0ee24eeb.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7bbfe3bf76de720ac2e9a3b9967eee8fbb3524b40e70b579afb8f1fa99dd59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7032
vary: Origin, Accept-Encoding
content-length: 24324
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0ed0ca53-YUL
expires: Thu, 19 May 2022 17:57:15 GMT

GET
H2 200 barlow-lightitalic-webfont.cd89e089.woff2
www.tenable.com/themes/custom/tenable/dist/ 27 KB
27 KB 41ms
41ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-lightitalic-webfont.cd89e089.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4316eecf6a8addb2e7fed90b66080725868b04a40522b29fc8b4675019b9017e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7032
vary: Origin, Accept-Encoding
content-length: 27240
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0ed1ca53-YUL
expires: Thu, 19 May 2022 17:57:15 GMT

GET
H2 200 barlow-italic-webfont.6d98f9c5.woff2
www.tenable.com/themes/custom/tenable/dist/ 26 KB
27 KB 54ms
54ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-italic-webfont.6d98f9c5.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67a79e7c88940371624edebfd1df45a5e94a7ccb4597ad5320bffa6499869d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Origin, Accept-Encoding
content-length: 27048
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0ed2ca53-YUL
expires: Thu, 19 May 2022 17:57:15 GMT

GET
H2 200 barlow-semibolditalic-webfont.61ed8761.woff2
www.tenable.com/themes/custom/tenable/dist/ 26 KB
26 KB 38ms
38ms Font
font/woff2 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/themes/custom/tenable/dist/barlow-semibolditalic-webfont.61ed8761.woff2

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4c726be2280b8ada6cc74d3ed5458dbd8700e749cd13e7aadbabbc01d9fc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tenable.com/sites/default/files/css/css_cTUKYMB8Wbz3P4OH5hMRSFvZ-FEFPmKItEnXVcdsjRI.css
Origin: https://www.tenable.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7031
vary: Origin, Accept-Encoding
content-length: 26796
x-xss-protection: 1; mode=block
last-modified: Thu, 05 May 2022 17:43:31 GMT
server: cloudflare
x-hiring: https://www.tenable.com/careers
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: https://www.tenable.com
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 706c0daa0ed5ca53-YUL
expires: Thu, 19 May 2022 17:57:15 GMT

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 53ms
50ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3174&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732419&_=1651780732420
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5d7a8f5edd62228256d4565c926f9b5c253eab2a1d045ec42b67d2481dd1cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd03ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 77ms
76ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3504&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732421&_=1651780732422
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9715e78334af6fd9a0dfd221ceb2e574f55dbf1747239553efcd5a8590c692

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd33ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 42ms
41ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3257&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732423&_=1651780732424
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922c5c50a8763f28832c173e256e42b5180ed4eb04cf7857c3b66e29051ff8dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd43ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 52ms
51ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3258&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732425&_=1651780732426
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17dd220389c8dc301ed5dada5ed6fc082e74c9dacb90dbbc0e85a159ff912901

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd53ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 51ms
50ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3828&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732427&_=1651780732428
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5644cdbfccdb242a716aa851de5e461ad958518c8ce4ad418c2c28ea1edd8ef3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd63ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 49ms
48ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3879&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732429&_=1651780732430
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44baf67e3513d4de7fb607d535f32f43c1983004cebcb098c47b7458b4ed7e30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fd93ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 10 KB
3 KB 46ms
45ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=4178&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732431&_=1651780732432
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f306c07ea44b7cc72687191d434826147c62b3b1a0b697f2357ea8a581731e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fda3ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 10 KB
3 KB 80ms
80ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=5059&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732433&_=1651780732434
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df95041dcb113dab426b6863d0c86a18d5dc9518e566701f0cf4bb3bf47d34a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fdc3ff7-YYZ
cached: true

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 10 KB
3 KB 81ms
80ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=5992&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732435&_=1651780732436
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41af15c804fddaaf1574b580d3296f4dfa3043881a64ae62d4d7c8ce5c89dd61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0daa5fde3ff7-YYZ
cached: true

GET
H2 200 location Show response
api.tenable.com/v1/ 197 B
548 B 163ms
143ms Script
application/javascript 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/location?callback=jsonp_callback_26050

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb631a35c00075ff589fcfd374da2539e4444a9ba5f12dc776ef114ecfd055a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
via: 1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 197
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: e619f0c0-0530-4dcb-9fe8-e848be9c58a0
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjgHvLIAMFx3g=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-06f614d90ac800d811c459f5;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daa7f5cca53-YUL
x-amz-cf-id: H1Gaafh2oZ7XRrGjjyOer2qQY_UAzIjt07tE7lYeMKx96qIc8-i5DQ==

GET
H/1.1 200
OK invalid-domains Show response
cloud.tenable.com/provisioning/v1/evaluation/ 22 KB
9 KB 97ms
33ms Script
application/javascript 54.175.125.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.tenable.com/provisioning/v1/evaluation/invalid-domains?callback=jsonp_callback_60352

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.175.125.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-125-242.compute-1.amazonaws.com

Software

Resource Hash

fa15d775844f632472ccc76865bf2a501c8befcde16fa38b8dec91afb37f7dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: application/javascript
X-Gateway-Site-ID: nginx-router-ucz1z-us-east-1-prod
Connection: keep-alive
X-Request-Uuid: ab043ec45600209d35050881099c6b9c
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Path-Handler: tenable-io-eval-provisioning
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 location Show response
api.tenable.com/v1/ 174 B
993 B 205ms
166ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/location

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f628a65cbc39c43a82287999e4d596fd7cacde5585635b747043475fb127158

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 174
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: cd7a8d52-02b2-4406-9b65-8a98cca43634
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjgEo1oAMF1yg=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-1c2f39597a52e3fc26f84980;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daaac097133-YUL
x-amz-cf-id: 5k1jjQwexdVXYDfuwGOH2GViUP5S-y3-anEViV5WtodC9KQaM-dR5Q==

GET
H2 204 0
bat.bing.com/action/ 0
163 B 44ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4022390&tm=gtm002&Ver=2&mid=29883385-c838-42c3-b4d1-a1b88590a07f&sid=c9a23390ccad11ecaacd67a3f97ff301&vid=c9a27e00ccad11ecbadbf908bce6d7ba&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&p=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&r=&lt=1651&evt=pageLoad&msclkid=N&sv=1&rn=459093

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 536875A2F3A34D1E89CBA2B189F5A805 Ref B: YTO01EDGE0406 Ref C: 2022-05-05T19:58:52Z
date: Thu, 05 May 2022 19:58:52 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GTFfZFcF.min.js Show response
scripts.demandbase.com/ 67 KB
19 KB 203ms
55ms Script
application/javascript 13.33.46.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/GTFfZFcF.min.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.46.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-46-20.ewr52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1bcfbbb09e0cfc7aa78244e344702e88d79257cb317ea45eb8317c13700fb756

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:42:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1012
x-cache: Hit from cloudfront
last-modified: Thu, 03 Mar 2022 17:49:30 GMT
server: AmazonS3
etag: W/"862129236c58d620210b2e1e8a2fe7c1"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: ZvRFOe0Xs_PJau8tBHEdnCKQ_Ejjlq92
via: 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: EWR52-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 004Zfk0DJ9GACBWCe1xpYMjNwtwvSyDP8qT55BV18ymmv0sR-A8zDw==

GET
H2 200 api.js Show response
play.vidyard.com/v0/ 19 KB
7 KB 308ms
308ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v0/api.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 0
x-cache: HIT
content-encoding: gzip
content-length: 7168
x-served-by: cache-yul12825-YUL
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1651780733.650035,VS0,VE297
etag: "7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2032522062&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&ul=en-us&de=UTF-8&dt=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB%20Test&ea=Check%20Advanced%20Support%20Option%20by%20Default&el=Variation%201&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=1977830125.1651780732&tid=UA-2024167-13&_gid=731808469.1651780732&gtm=2wg540NBM4TM&cd40=Check%20Advanced%20Support%20Option%20by%20Default-Variation%201&z=2123624586

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 12:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28635
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2032522062&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&ul=en-us&de=UTF-8&dt=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB%20Test&ea=Body%20Copy%20Font%20with%20Ecomm%20Tracking&el=Control&_u=aGDAAEABAAAAAG~&jid=&gjid=&cid=1977830125.1651780732&tid=UA-2024167-13&_gid=731808469.1651780732&gtm=2wg540NBM4TM&cd18=Body%20Copy%20Font%20with%20Ecomm%20Tracking-Control&z=1797451760

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 12:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28635
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1071437299/ 42 B
64 B 82ms
38ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071437299/?random=1651780732332&cv=9&fst=1651777200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&tiba=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&async=1&fmt=3&is_vtc=1&random=2306218510&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1071437299/ 42 B
64 B 79ms
38ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1071437299/?random=1651780732332&cv=9&fst=1651777200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&tiba=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&async=1&fmt=3&is_vtc=1&random=2306218510&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.css
info.tenable.com/js/forms2/css/ 13 KB
3 KB 29ms
28ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.tenable.com/js/forms2/css/forms2.css

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1876
content-length: 2623
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "c12dd-3437-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 706c0dab58e73ff7-YYZ
expires: Thu, 05 May 2022 23:58:52 GMT

GET
H2 200 forms2-theme-round.css
info.tenable.com/js/forms2/css/ 4 KB
1 KB 34ms
34ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.tenable.com/js/forms2/css/forms2-theme-round.css

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2523
content-length: 968
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "c12dc-e46-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 706c0dab58ea3ff7-YYZ
expires: Thu, 05 May 2022 23:58:52 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 104ms
31ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:52 GMT
content-encoding: br
etag: "1d85e80e187b254"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 6D5D 2 KB
1 KB 89ms
18ms Document
text/html 13.225.213.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.213.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-128.ewr50.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1766797
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 09:12:15 GMT
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Wed, 19 Jan 2022 11:29:02 GMT
vary: Accept-Encoding
via: 1.1 110142bfecf028552c3361846a29130a.cloudfront.net (CloudFront)
x-amz-cf-id: AusmVXR4PXIVEEtLE7k2sCS2JvLRS3twfCw_L_wkroo1aWJO8aLxrw==
x-amz-cf-pop: EWR50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 cart Show response
api.tenable.com/v1/ 569 B
800 B 604ms
604ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=192663&qty=65&pricerule=regional

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59d622d8ec9ac8b5d0731999c28f7e7192fb2ef4dc3e5001c9489703564c2783

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 7dc3ea7fad289ec41f03744503a6b984.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 569
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 6b14887e-5621-4ec2-9ca2-27fca9766136
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjGCuIAMF57w=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-0783bba26753a72433de188e;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf5c7133-YUL
x-amz-cf-id: l07uV4TvvlIHH98UL9DuP2Y1lHtdVqbhPqBEF01Se4NxAM8Oh_yksQ==

GET
H2 200 cart Show response
api.tenable.com/v1/ 603 B
718 B 633ms
633ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=227513&qty=65&pricerule=regional

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898214ab56d0fe96ee1661efe0d02502c38e9f1cb88aaa75a60e2399a88c0df3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 8c40cd64e3a9ae0289558e97b8b3ef08.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 603
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 85782885-3c42-4fdd-bd74-296325208340
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjHYNIAMFmkQ=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-293f77bf36f12d0c64ccb9cd;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf5f7133-YUL
x-amz-cf-id: N7rkOVvKFoJSNb0B6Vqnsu-o5b1JIMKH01o1Q04RwLYtvWIanUpCvQ==

GET
H2 200 cart Show response
api.tenable.com/v1/ 603 B
1 KB 599ms
599ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=227514&qty=65&pricerule=regional

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96131c64358a01b83a7f141003f40901cf6eb198e72eb9aa953b54c046defece

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 8c40cd64e3a9ae0289558e97b8b3ef08.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 603
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: b3225e56-f0d1-4c30-9b69-01798bc5ed58
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjH3sIAMFrWQ=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-572187922b6c4b1c14e20ec3;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf617133-YUL
x-amz-cf-id: 2OD-O2Dtu-ULMPVkKmMup8G4J1utlGL6WBSAG5zWp7kQ6d-xnVzT8w==

GET
H2 200 cart Show response
api.tenable.com/v1/ 561 B
756 B 579ms
579ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=202710&qty=5

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001a88abc5239aa4e8c3a57b14976813db4682e25cdef79d7015af6184d6d09a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 561
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 96527d36-9f2a-4ace-b248-49febe14b8ee
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjHLzoAMFtjw=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-432a55030e172224534add34;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf627133-YUL
x-amz-cf-id: ppoXOSlNPYZ2PMnXx6iE8OzBveC6QbFGtO8kZ99MmjaY9fpohX34bw==

GET
H2 200 cart Show response
api.tenable.com/v1/ 554 B
768 B 685ms
685ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=192368&qty=1&pricerule=nessusmultiyear

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c143ae1229f929ad785261b3d0989e56bedbfcce25d1005eae00809a88d29ec9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 554
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 3464557d-72bc-4ead-9a9a-263a65ae1679
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjkHEpoAMFpIQ=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7d-7825924f39ae71f335fd6473;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf637133-YUL
x-amz-cf-id: HJbC6wFjr2svzmsMLcqpGwxGauJnE6JqvqNDXTGaJmu_ff5yg4GE5g==

GET
H2 200 cart Show response
api.tenable.com/v1/ 568 B
1 KB 676ms
674ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=214164&qty=1&pricerule=nessusmultiyear

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c49a54826facf00be5433f9e541df16a4d9101c5de71c47db7cb00e82bc53bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 568
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: ed365b4c-107b-4da0-a4f3-2f9282b529d2
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjkFUKoAMForw=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7d-75bd5ceb76787ac20a4e5445;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf647133-YUL
x-amz-cf-id: Dc4vAB85nNkzang5peXSTY79tyhXp8LIRNveaf0FBVPAt0pkcv2ZYw==

GET
H2 200 cart Show response
api.tenable.com/v1/ 568 B
794 B 450ms
450ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=214165&qty=1&pricerule=nessusmultiyear

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5565039b10bddf306215a8003f2c78fec2cc56d2cbd75809ed91d883d6a62c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 3f6eb9ff07d4d2f572d4e8e6fb935a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 568
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 1be2a794-a748-4c3c-915a-2bd05fac98c9
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjFH3IAMFu9A=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-0c11ac167ac1fabf71ef8390;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf657133-YUL
x-amz-cf-id: ZqkkYUCDREC_Hcg_kxAmdW7Be9HsTEhn_ZsrFMDGYxyCUkEqKloGDA==

GET
H2 200 cart Show response
api.tenable.com/v1/ 543 B
744 B 571ms
570ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=222331&qty=1

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a62f82b0b19e13e7cde3fdf0a8265c94f35d19346361161660c5a1e1b344445

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 543
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 835691a3-3b8b-4681-bc01-ad0bdacfc674
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjHveIAMF8vw=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-6a844d43401d7bbe3edaac30;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf667133-YUL
x-amz-cf-id: j2WznsK_pfS_A2CQaKCBbsIh_rdl_Z_zVxyJw1BL-cmqD5wmoawP_Q==

GET
H2 200 cart Show response
api.tenable.com/v1/ 569 B
763 B 609ms
608ms XHR
application/json 2606:4700:4400::ac40:9a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tenable.com/v1/cart?id=231877&qty=1

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::ac40:9a4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fada57997ddba991d0657de50f70f9063a670a37adb0bab1b0339e503fcd21a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 569
x-amz-cf-pop: EWR53-C3
x-amzn-requestid: 41fd277f-2b44-4bf3-ab0c-473d9f8ba03f
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: RqvjjGVVIAMFTVg=
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-62742c7c-07e7baf53c51b23841d0c82c;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
cf-ray: 706c0daccf677133-YUL
x-amz-cf-id: DioW5aM0GUEmGQr5Nq7A-wQ9s0hc1toHsR4PAK4Kc74fYzdKdCWD6w==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5555 0
18 B 39ms
18ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.tenable.com
Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.tenable.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 19:58:53 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 arrow-down-bk.png
info.tenable.com/js/forms2/images/ 1 KB
1 KB 28ms
27ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.tenable.com/js/forms2/images/arrow-down-bk.png

Requested by

Host: info.tenable.com
URL: https://info.tenable.com/js/forms2/css/forms2-theme-round.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://info.tenable.com/js/forms2/css/forms2-theme-round.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 6
etag: "3a1cba-415-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 706c0dad8aca3ff7-YYZ
content-length: 1045
expires: Thu, 05 May 2022 19:59:53 GMT

GET
H2 200 getForm Show response
info.tenable.com/index.php/form/ 11 KB
3 KB 39ms
39ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.tenable.com/index.php/form/getForm?munchkinId=934-XQB-568&form=3174&url=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&callback=jQuery112407369328356423586_1651780732435&_=1651780732437
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5438283cb34d57c6669ad74711f5888188ffd1b3cfaf62d76017d8a07e36d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 706c0dae2b523ff7-YYZ
cached: true

GET
H2 200 XDFrame Show response
info.tenable.com/index.php/form/ Frame 7E7C 2 KB
1 KB 54ms
54ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.tenable.com/index.php/form/XDFrame

Requested by

Host: info.tenable.com
URL: https://info.tenable.com/js/forms2/js/forms2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ae842645e0e763c894c5b51b28789a77f9c380c337d1b859f7f0fb613ee722

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 706c0daedbf73ff7-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 19:58:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw&verifyHash=56134394f996dcd48c13ffa579907dd0fd09fdef

26 B
409 B

29ms
29ms

Image
image/gif

13.33.46.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw&verifyHash=56134394f996dcd48c13ffa579907dd0fd09fdef
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Server: 13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-33.ewr52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:53 GMT
Via: 1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 64ab6ea39a8ca996
X-Amz-Cf-Id: WPf9IeHmoxzt_MynVRJUE7xOsidzZ4OcJBJp2b_MwblaWe2MLVeGRw==

Redirect headers

Date: Thu, 05 May 2022 19:58:53 GMT
Via: 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAATx07E6FkAACWasvzwsw&verifyHash=56134394f996dcd48c13ffa579907dd0fd09fdef
Connection: keep-alive
trace-id: bd6d6c0b20c91d13
Content-Length: 0
X-Amz-Cf-Id: XtydMo-3Mz5_b3TjNShoxVmJQUDuVG_FvZJuRPO38PedwTK6RLdYbg==

GET
H/1.1

204
No Content

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCP3Y0JMGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg&verifyHash=759bde49ef145ae926649dbf2d7aca7345f1e105

0
327 B

53ms
52ms

Image
text/plain

13.33.46.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg&verifyHash=759bde49ef145ae926649dbf2d7aca7345f1e105
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Server: 13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-33.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:53 GMT
Via: 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Connection: keep-alive
trace-id: 8103b9832d8ebdb3
X-Amz-Cf-Id: 5SaHnv5LkVB2EJfLGFv3XT46dtEngh5QIBE9P5rJMpCBsayKiZgnKw==

Redirect headers

Date: Thu, 05 May 2022 19:58:53 GMT
Via: 1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc1297qMn0v5b1CRX3DGczwhucJLgH7NuDLFk_t_NBwxxwtMg&verifyHash=759bde49ef145ae926649dbf2d7aca7345f1e105
Connection: keep-alive
trace-id: 759779274fcb0c59
Content-Length: 0
X-Amz-Cf-Id: 6re3kvB21uuMlNXzOfF7NuaAZM_BG7M5KSse4M3AXpUXjVATD7fPxQ==

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 432 B
923 B 271ms
191ms XHR
application/json 99.84.126.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&page_title=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&src=tag&auth=sULlUDWQrSXr5hw6PRPKafnpLQRiTypG3fWsa4jq
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-104.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
request-id: d7e63472-0bb8-41f0-81ec-a5b6b006e194
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.tenable.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 77a52be30020596b6a87a26e3dcc75e6.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JT6J6z-lKFRaLYdOiCKWPeTkeklU4odh5lXheNltojCa_t3Q099m9Q==
expires: Wed, 04 May 2022 19:58:53 GMT

GET
H2 200 progress-events.js Show response
play.vidyard.com/v1/ 14 KB
5 KB 91ms
91ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v1/progress-events.js

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 0
x-cache: MISS
content-encoding: gzip
content-length: 5481
x-served-by: cache-yul12825-YUL
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1651780733.331599,VS0,VE81
etag: "5823d0929a8e2e520236508c08ba757c"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect Show response
j.clarity.ms/ 0
70 B 36ms
36ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.tenable.com
date: Thu, 05 May 2022 19:58:52 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 forms2.min.js Show response
info.tenable.com/js/forms2/js/ Frame 7E7C 205 KB
68 KB 32ms
31ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.tenable.com/js/forms2/js/forms2.min.js

Requested by

Host: info.tenable.com
URL: https://info.tenable.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://info.tenable.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 5
etag: "4c14c4-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 706c0daf7c833ff7-YYZ
expires: Thu, 05 May 2022 23:58:53 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/171589/ 147 B
323 B 343ms
102ms XHR
application/json 54.77.142.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/171589/visit-data?sv=5
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.142.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-142-136.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8

Request headers

Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 05 May 2022 19:58:53 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2032522062&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&ul=en-us&de=UTF-8&dt=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAAEABAAAAAG~&jid=&gjid=&cid=1977830125.1651780732&tid=UA-2024167-13&_gid=731808469.1651780732&gtm=2wg540NBM4TM&cd19=aa1c068b-5a2b-4145-a3c9-8438af69f51d&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=Bot&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd15=CA&z=1044183748

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 12:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28636
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
49 B 132ms
131ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.tenable.com
date: Thu, 05 May 2022 19:58:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 core Show response
js.driftt.com/ Frame EDBF 2 KB
1 KB 213ms
213ms Document
text/html 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

6a7f66180992799b365648fd413a69bba942878fdce5ac7eebd03171dc7d6b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 19:58:54 GMT
etag: W/"8d4c7dd3bcbb5edb43f864bd854dea04"
last-modified: Wed, 04 May 2022 19:13:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
x-amz-cf-id: 5kNaVnY_vQR6WlcSpy1rzF4X-XCOH2s3PgKM0csLvqlH7iELmZjDGA==
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: i2JLC3BQYQwiS..G8E9Y6UP.FTcwSUbt
x-cache: Hit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame B853 2 KB
1 KB 1660ms
1660ms Document
text/html 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

6a7f66180992799b365648fd413a69bba942878fdce5ac7eebd03171dc7d6b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 19:58:55 GMT
etag: W/"8d4c7dd3bcbb5edb43f864bd854dea04"
last-modified: Wed, 04 May 2022 19:13:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
x-amz-cf-id: e9mKSlL_Kih4TO6hCjnLTb_MQfbUYUr9YNdkUe1hVlFuxB-uJrCJpQ==
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: i2JLC3BQYQwiS..G8E9Y6UP.FTcwSUbt
x-cache: Hit from cloudfront

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 38ms
10ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: EC4WHCV41J2PG0F8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: 07T07n8uWoNfLUHQgSr5tTGsERPb5Z6DbGl+VfImB1rTQSNe/ORDeUQvbVBUscm/WNI/Ugfb4MM=
x-served-by: cache-yul12828-YUL
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1651780734.984242,VS0,VE0
date: Thu, 05 May 2022 19:58:53 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4990

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 6157
Redirect Chain

https://insight.adsrvr.org/track/up?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0

927 B
1 KB

32ms
27ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c3757ab32ab75fe07d08aa345d3090eddf600191e5d07701f70099b40da5a2f2

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 05 May 2022 19:58:54 GMT
location: https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7839 0
183 B 76ms
25ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=isyfy29&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=7gd51iz&upv=1.1.0
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 26FB 0
182 B 73ms
26ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=isyfy29&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=7gd51iz&upv=1.1.0
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tenable.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&RedC=c.clarity.ms&MXFR=1DFF6EAA731B67702FFC7F31771B69FC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&MUID=1940EDA9C786625F20B6FC32C6AC635B

42 B
443 B

31ms
30ms

Image
image/gif

20.36.253.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&MUID=1940EDA9C786625F20B6FC32C6AC635B
Protocol: H2
Server: 20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:53 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FBBE821DEB344AD825C43331B241BFE Ref B: YTO01EDGE0406 Ref C: 2022-05-05T19:58:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F01BB969296649F8A21131A3AD72240D&MUID=1940EDA9C786625F20B6FC32C6AC635B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 rum Show response
www.tenable.com/cdn-cgi/ 0
217 B 23ms
23ms XHR
text/plain 2606:4700:4400::6812:21b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tenable.com/cdn-cgi/rum?

Requested by

Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:4400::6812:21b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VQIHU1ZaChAGUVRVDgUDUVI=
tracestate: 1402092@nr=0-1-1402092-718237559-8d9c72487424480a----1651780733981
traceparent: 00-a6b79547632cc774bd8e14c96fe45834-8d9c72487424480a-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE0MDIwOTIiLCJhcCI6IjcxODIzNzU1OSIsImlkIjoiOGQ5YzcyNDg3NDI0NDgwYSIsInRyIjoiYTZiNzk1NDc2MzJjYzc3NGJkOGUxNGM5NmZlNDU4MzQiLCJ0aSI6MTY1MTc4MDczMzk4MX19
content-type: application/json
Referer: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs

Response headers

date: Thu, 05 May 2022 19:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.tenable.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 706c0db36817ca53-YUL
vary: Origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2032522062&t=timing&_s=3&dl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&ul=en-us&de=UTF-8&dt=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3031&pdt=3&dns=25&rrt=0&srt=607&tcp=40&dit=1645&clt=1648&_gst=1158&_gbt=1274&_cst=802&_cbt=996&_u=aHDAAEABAAAAAG~&jid=&gjid=&cid=1977830125.1651780732&tid=UA-2024167-13&_gid=731808469.1651780732&gtm=2wg540NBM4TM&cd19=aa1c068b-5a2b-4145-a3c9-8438af69f51d&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=Bot&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd15=CA&z=1495439015

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 12:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28636
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5febff3e0e Show response
bam-cell.nr-data.net/1/ 49 B
1 KB 110ms
66ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/5febff3e0e?a=655794476&v=1216.487a282&to=MVBabEEHChVXU0IIXggaeVtHDwsIGXREFEEHWWRWXAIBOnVfWBVDCVlUXUE6KglSVWAIVBF2V1ZHFAsKWlVETA8QXF1P&rst=3083&ck=1&ref=https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs&ap=444&be=707&fe=3032&dc=1648&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1651780730919,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:26,%22c%22:26,%22s%22:36,%22ce%22:66,%22rq%22:66,%22rp%22:673,%22rpe%22:676,%22dl%22:678,%22di%22:1645,%22ds%22:1648,%22de%22:1651,%22dc%22:3011,%22l%22:3031,%22le%22:3054%7D,%22navigation%22:%7B%7D%7D&fp=867&fcp=867&at=HRdZGgkdGRs%3D&jsonp=NREUM.setToken
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:58:54 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvUqOEEh0P%2FQ3%2FUGvc9zljJ1dO4YfhgDiTNjoFZrfr8STECGgyTqO9fz5AYjdcp1dcxr8D9CD4ZETn4z%2Fby1nP7JpKfP1%2Fj0p4ZM76pGYQ2QpruoebFPpTTOy5ppcmprbRz1u9CR"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 706c0db3dd735407-YYZ

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 6157 487 B
964 B 28ms
28ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=n0cfh81&ref=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&upid=ltdcg05&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 07:25:40 GMT
Via: 1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 45195
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: GDKchYh-RPt9Tcwrk5yQwjALJalBt9TyZbnwbQxwJfJqCsyyEsCZqA==

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 216 KB
42 KB 101ms
20ms Script
application/javascript 13.33.46.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-79.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ae30664ee32c3fa8cf563f0e54db8d4fac1fb5f3b97a1bff75628cc7291c640

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 00:12:18 GMT
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 08:14:34 GMT
server: AmazonS3
age: 71197
etag: "7cf39d12bc5c7984584f44d575ae1b65"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 42819
x-amz-cf-id: lmNIl_YLXYW3SjdYDEpiLYkW4I5tqVpV7vmea8mgAq3-y6Oivx5-Jw==

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame BFBD
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=3652a20f-0226-454c-8a66-7fd70d99d3a5&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3652a20f-0226-454c-8a66-7fd70d99d3a5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wWIeq4JE2uIcTnmk6iV.AwOO_LELAoo-~A&gdpr=0&gdpr_consent=

70 B
587 B

25ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wWIeq4JE2uIcTnmk6iV.AwOO_LELAoo-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Thu, 05 May 2022 19:58:54 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wWIeq4JE2uIcTnmk6iV.AwOO_LELAoo-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 6A12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzY1MmEyMGYtMDIyNi00NTRjLThhNjYtN2ZkNzBkOTlkM2E1&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5&google_gid=CAESELmluGlIXiGlVCnW_Em7k-8&google_cver=1

70 B
587 B

26ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5&google_gid=CAESELmluGlIXiGlVCnW_Em7k-8&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 May 2022 19:58:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3652a20f-0226-454c-8a66-7fd70d99d3a5&google_gid=CAESELmluGlIXiGlVCnW_Em7k-8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 206D
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3652a20f-0226-454c-8a66-7fd70d99d3a5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
587 B

25ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Thu, 05 May 2022 19:58:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
content-length: 0

POST
H/1.1 200
OK 5febff3e0e Show response
bam-cell.nr-data.net/events/1/ 24 B
833 B 62ms
62ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/5febff3e0e?a=655794476&v=1216.487a282&to=MVBabEEHChVXU0IIXggaeVtHDwsIGXREFEEHWWRWXAIBOnVfWBVDCVlUXUE6KglSVWAIVBF2V1ZHFAsKWlVETA8QXF1P&rst=3222&ck=1&ref=https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 05 May 2022 19:58:54 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.tenable.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZk3h2cYSNP2rCNKguQw6mhz3CVczTn%2FD74EvVMJ%2BFOK8g4iFwhVGM0rGl29HSM2OGO4vwpiYOGwBdqjrZ33mkTxo%2FVRjhOB1cYRJla8OlxPxCPquPRsPioFdqb3nKzfgYRHm8eG"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 706c0db47e715407-YYZ
Content-Length: 24

GET
H2 200 runtime~main.8247e9e9.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 6 KB
6 KB 21ms
19ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

cf2857f405c1e79866651f240d4d7dfb5fba73e61a406d316566aed6f4a1de95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 89134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5884
last-modified: Wed, 04 May 2022 18:28:32 GMT
server: nginx
etag: "412dfbcc3258cedcf0af51ab9b4297d2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8AMOJGO1fMbrLtpNYGIk68DXyIisol0P
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TQOWZRCZDRSHjjNdvqoUa4xZTQV6J44Bcm3XXtobZNRtHdQjBvFfug==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 58 KB
20 KB 22ms
21ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iJKu-e5OJyp27Jbkzcycg2AqQk4FuICkeErLJs5myPXVBoGkWbVtcQ==

GET
H2 200 main~493df0b3.f87598de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 6 KB
3 KB 23ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.f87598de.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

27d551863c56b976030ee49aa3f4823994dce3d3cb6ac79b75de43bdd55fd254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:37 GMT
server: nginx
etag: W/"368eb1f8172917da20cc4a3a2072e54e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 84CKzKc.TpxebrV5l5OX4K68ovNqMWN7
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 90geglXUAjHap6hw2OzAZeIX-6WdQ4WgT0PhBSKUwjdz-MmTNQd0fw==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 47 KB
14 KB 21ms
21ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 4513833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2qWesIEZCjTGcg3BoRsrIp8T5edbGzsOIWFIOd-ApCothBPQHn0rWg==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 44 KB
13 KB 22ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ikT36B532rqnYA4rvCriKcv1kYkatNHhpft6YGP9N5ZKFy_pMic-Fw==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 25 KB
8 KB 23ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dRxfwOOwggXw95w1ZEDYwb8KaHov8midL8-2niSe7WoIyDxw3juLLA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 16 KB
5 KB 24ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AKh9nJ5uw0MOjT2EQjdJhE-iPURBo2wBD7nD2bxCOD0jGM4XquH3Jw==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 72 KB
22 KB 33ms
29ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ccZq7_KtlFM5yI7mifCLJWRbVoOHCX5gmKozgY6FBPV1RT1syi4CQA==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 16 KB
6 KB 36ms
33ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 33rMJ9WelsAsdJud_bBAnaqg1IX4Nga1NkdoyppgjuHWUcQVZdlCeA==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 59 KB
19 KB 37ms
32ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 1751624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rFSDzbMVp-n7UZDtnGD9a1GzCeJf61TIOJ8PL2fae3DWkl868PocaA==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 91 KB
28 KB 39ms
35ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yqXFjPKioFAkyRFiL298ivMI9Zc5anESaJyqdC77D2t3gd9yNR4NbA==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 24 KB
7 KB 39ms
34ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VN0ixRGoinS5D_iqSRPlQ5H-8ZIjJQ2dFb-eS-UFmXIXX4DTWR_rrQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 62 KB
20 KB 40ms
36ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TPtwk-jkD7NRzxAooE45FghhFtCJmd5a9ilb0uPcHP_TY8lT8GzlNQ==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 105 KB
106 KB 40ms
36ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 13:52:56 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 3218758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 107348
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: "8c7c0bf11a78a30db0b2b7f63660c3d1"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zoTn0xETtFKpw09ff7C.en3.5D4u1SCp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P00PI1F30si9UxnjEp46g9ZVhxLEMmPk5AuReULQYlAv4RdBIHPRCA==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 12 KB
4 KB 49ms
46ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZQaRM3VnJ4G2qDB3EEpw659YL-n1zfIcVicld4ge_8HqJ1cf41-2-A==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 12 KB
5 KB 50ms
47ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 1751624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZKT5PpC6lnJwspMVXlI_hASTSffZ26BdhPpOWuhSwlL6gN-mg4cfmg==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 17 KB
7 KB 51ms
48ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 03:24:52 GMT
content-encoding: gzip
age: 10686842
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 14:53:53 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Dkv_FsqLKddLKih3pJHr5tmB8OomSFr3
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qHgjVx8mmMmDeIqep5oIs5MD3UP29lY4ASViOZ6JGWQ-ijcG9tsvPg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame EDBF 11 KB
3 KB 49ms
47ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vG5HSO2tTmll7ej4MF-Z3KGRRbCRV1PBR0dVBJk9cFiWhuglKQ4ltQ==

GET
H2 200 8.dae92d26.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 70 KB
22 KB 51ms
49ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.dae92d26.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

b6dd5026112c134bd2c89b03fd9ac3342aafc5180726e8ce4644a0a9d6559db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:01:50 GMT
content-encoding: gzip
age: 1911424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 15:38:12 GMT
server: nginx
etag: W/"983e1530acf48d9af79727b31ab73b56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gWwUwTJdQ9wTA8BS7I118umxtNt906Bz
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Nqu3ttsaresrwsEY0RqM_RjwJR39DmXbP2g-1HTDLhte8VPHIRqDNA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame EDBF 24 B
667 B 51ms
50ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3N_CaG1Jvndkd_McMtvYEbP_qugEpFgmVyBratqNW4aEi134zX8vKQ==

GET
H2 200 15.f0469843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 76 KB
20 KB 53ms
52ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.f0469843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

7d848e6fa79f49c44adffad3aae51413a1c215ba74839cdcd557cba5c48eb5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"681522874ccd8ed0f6b5605a44e27ba6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xR0CEqz_058wB4BB46y4CnzgrhuB82fL
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ftC6uApzJLawiglBfePQfi7tlk546Jtvg9whuX61ACOtmNIuqGtkJg==

GET
H2 200 22.767a2fb5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 47 KB
13 KB 55ms
53ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.767a2fb5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

747d6bd06ab7fcb37d3cddd6da7a950fb64e71230b0740c4607b21845f557bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:01:50 GMT
content-encoding: gzip
age: 1911424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 15:38:11 GMT
server: nginx
etag: W/"e5733a86a7e48df75cdf6af56e304f0a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: d37XfzaqF9hzf.sWeuSyNuGI2O6SXw8k
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kwIH9A7JDs1n-ruwAXMxEAoQu6iVwhfPP27jnDPCzjSNG1VIi1CufQ==

GET
H2 200 13.08392f9c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 41 KB
41 KB 55ms
54ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.08392f9c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

aee297a105f962d408fc9c1ab351eb9813cf38ee8af191ab350534a83dafe158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 89134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 41749
last-modified: Wed, 04 May 2022 18:28:29 GMT
server: nginx
etag: "3905f70d8acf9744b0677a6c353b6e1f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oXb3kZdU0GwMiPmAhoN7ACz.nD.UGYKD
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QYYLtEZNbih6g_5eFO7_NUG1eIUnclb1zEHvn7jPhzAAHqsC66HLGg==

GET
H2 200 2110 Show response
trackingapi.trendemon.com/api/settings/ 804 B
944 B 146ms
37ms Script
application/x-javascript 52.203.72.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2110?callback=jsonp929052&vid=
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.72.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-45.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 8287b67afae06af0d0a063e72ea35e1e5e89c36421043641dfa990fbd68c1bb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:54 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 804
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 9 KB
9 KB 23ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:53:07 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 1861547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8798
last-modified: Wed, 13 Apr 2022 15:38:09 GMT
server: nginx
etag: "c5efcdc9e465604f32cf24af10fd6c13"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JuucXIuiQk7HUMRYLojCs3HxhfA0KAmL
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r5FbYSQ-1pu0GaR7N49-3haqAygJhRqDkFSfSCZN3HqtHMPU55Z8dg==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 33 KB
10 KB 23ms
23ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _sUZAE6JBt2dnGIJdPKegD8tPmnK2zZ12iC0N5BnzsBnFz3hsY70Dw==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame EDBF 8 KB
2 KB 24ms
24ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:12:42 GMT
content-encoding: gzip
age: 5442372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 03 Mar 2022 19:35:45 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: nIQWP_TNHXf6VKMh1KLKq0CMzjnrVBjf
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mfnn6NYsh-cAiuAlsKI9JzPkcF1DVsMVimTdmVBUA5-95Dps6wbkoA==

GET
H2 200 25.17da01e8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 12 KB
12 KB 24ms
24ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.17da01e8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:21 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 89133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 11896
last-modified: Wed, 04 May 2022 18:28:30 GMT
server: nginx
etag: "d395884071f100b30a64f9bd39a2f10f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04iRp8gDacN_nR2237idSokHftX5jSZO
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JsUpbcxkK6VbgR2HCWZns8pNtLiWw7ifs2rbU1D4TkVX5aKcNP39MQ==

GET
H2 200 18.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame EDBF 365 B
1008 B 25ms
25ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 13:18:53 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 1406401
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 10 Jan 2022 14:58:15 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dX8fEDSjVhDrJLDhogob.agI0VSUxVKO
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t_n5LaaYWXBVgIRgUpyjamh1Wj5qA8Kko-S2J4XEAFYcd9lQA8YACw==

GET
H2 200 18.9beb3c4d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EDBF 85 KB
24 KB 25ms
25ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9beb3c4d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

ee72aa6a604bbd98ee2551e8c910877058926b20797a2c8ce11e939a253d0b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?embedId=uc5xu7xrzxrr&region=US&forceShow=false&skipCampaigns=false&sessionId=e3ccf876-f977-420b-a11b-a19a6ec45324&sessionStarted=1651780733.932&campaignRefreshToken=02ded374-a811-4cfb-aa5a-bd70a683f153&hideController=false&pageLoadStartTime=1651780731595&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"1fcebb51686d9e3f547a2db9c53c92a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: c9UnQkQFx2ZyJGyLUY_40PoKdJeIZxY8
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7HWqUZpqITd6VZhDjEKAz9qw9lZtHV4taqPfzfcVZYErVFU3OHW5bg==

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 17 KB
6 KB 20ms
20ms Script
application/javascript 13.33.46.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-79.ewr52.r.cloudfront.net
Software: / Express
Resource Hash: 2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:45:56 GMT
content-encoding: gzip
age: 778
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
trd-ts: 2022-05-05T19:45:56.940Z
last-modified: Tue, 26 Apr 2022 08:12:59 GMT
etag: W/"46f8-18064ee46f8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
x-amz-cf-id: tiZoLl3C1CfYHwo8hi6zEMVm6zpE57O2X_LdAUijNG1Zqaga8iZ0SQ==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 94 B
507 B 33ms
33ms Script
application/x-javascript 52.203.72.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2110&DomainCookie=16517807344031271&fingerPrint=9f0b124750fc633f308c34aa85b3921c&callback=jsonp901634&vid=
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.72.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-45.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 45ba0812e2a6d109e0e71ee82bdbb1cc8810fcdbffea5b45113540ea134d9879

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:54 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 1 KB
1 KB 63ms
62ms Script
application/x-javascript 52.203.72.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2110&ClientUrl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&MarketingAutomationCookie=&ExcludeUnitsJson=%5B%5D&callback=jsonp700133&vid=2110:16517807344031271
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.72.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-45.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 447eb9b6ab97efecbd970dd756b58005381be0413edd5a29dea40695d4738ff5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:54 GMT
server: Kestrel
content-length: 1304
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
235 B 145ms
145ms Image
image/gif 52.203.72.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2110&url=aHR0cHM6Ly93d3cudGVuYWJsZS5jb20vYmxvZy9hY3RpdmUtZGlyZWN0b3J5LWlzLW5vdy1pbi10aGUtcmFuc29td2FyZS1jcm9zc2hhaXJz&cookie=16517807344031271&referral=&vid=2110:16517807344031271&r=1651780734574
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.72.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-45.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 19:58:54 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK closex.png
pic.trendemon.com/images/ 386 B
848 B 120ms
21ms Image
image/png 13.35.73.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/images/closex.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.73.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-73-120.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 01:07:21 GMT
Via: 1.1 e2591c1a99bf6b9ad500ec39436afa1e.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Apr 2019 23:23:30 GMT
Server: AmazonS3
Age: 67894
ETag: "7da2ae17c3b671047838f7b78687a56f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: BOS50-C1
Accept-Ranges: bytes
Content-Length: 386
X-Amz-Cf-Id: 2ZWko5gqzMngta9ocbF2MF5nJbMJ3p_Kev9T67Jc9xXTlUabawlTqA==

GET
H/1.1 200
OK 66cfae5ddb4e6ee5774043ae10a15cb4.png
pic.trendemon.com/tasks_logo/2110/ 138 KB
138 KB 120ms
21ms Image
image/png 13.35.73.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2110/66cfae5ddb4e6ee5774043ae10a15cb4.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.73.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-73-120.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f11792388d69686e784e5e238e58fc0bb8243b8633df998afd8c3235250a4b75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 03 May 2022 01:17:43 GMT
Via: 1.1 adc90318bc35888e7fc939b759b9628a.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Apr 2020 16:20:25 GMT
Server: AmazonS3
Age: 240072
ETag: "2cd92fd3a95d2a68872789f803cd1681"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: BOS50-C1
Accept-Ranges: bytes
Content-Length: 140966
X-Amz-Cf-Id: U_uBzSq2X6wj_46vPJcFjslELpmX8_lNPOrw2zXjJjkLXp6-0-bNtA==
Expires: Tue, 30 Apr 2030 16:20:24 GMT

GET
H2 200 personal-embedded Show response
trackingapi.trendemon.com/api/experience/ 3 KB
3 KB 34ms
34ms Script
application/x-javascript 52.203.72.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=2110&ClientUrl=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&MarketingAutomationCookie=&Ids=%5B%5D&Groups=%5B%22default_recommend%22%5D&callback=jsonp17001&vid=2110:16517807344031271
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.72.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-72-45.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: f94ee2669d48a60d79acca7001f80fb96c420189096855b0db4b6de68ecfabcf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:54 GMT
server: Kestrel
content-length: 3123
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 runtime~main.8247e9e9.js Show response
js.driftt.com/core/assets/js/ Frame B853 6 KB
6 KB 20ms
19ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

cf2857f405c1e79866651f240d4d7dfb5fba73e61a406d316566aed6f4a1de95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 89135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5884
last-modified: Wed, 04 May 2022 18:28:32 GMT
server: nginx
etag: "412dfbcc3258cedcf0af51ab9b4297d2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8AMOJGO1fMbrLtpNYGIk68DXyIisol0P
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1mNT5tdTA-O-0UEFQZd8Oi59QKSbxxxVj5-R6dXVsj5ymNdevfkjZg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 58 KB
20 KB 20ms
19ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:18 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: rlqnQvHWjB4kDZlydkAKa7LRajgzy9Gl
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZDPqXnVo3UNrP-WhPszQMjQp7-me6Z7gPSd0Awn2_w2fKoy8NVd4Sw==

GET
H2 200 main~493df0b3.f87598de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 6 KB
3 KB 21ms
20ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.f87598de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

27d551863c56b976030ee49aa3f4823994dce3d3cb6ac79b75de43bdd55fd254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:37 GMT
server: nginx
etag: W/"368eb1f8172917da20cc4a3a2072e54e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 84CKzKc.TpxebrV5l5OX4K68ovNqMWN7
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b77xvdqZO3C8JNSwwGoyw72cFBJJglV-MQRQiTd9s_sFUdJyA7EtBw==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 47 KB
14 KB 19ms
19ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:08:21 GMT
content-encoding: gzip
age: 4513834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 14 Mar 2022 13:49:23 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OHannCxOlGd-v7Vbm3O0aQYEh-_A-Ey6UX3tit89hwnigXOjYTADGA==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 44 KB
13 KB 21ms
20ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nOvxFWT5UWE_8HJZu5-LVVF65cQSY6r3movr3QjK8YjOoGOzMVddJQ==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 25 KB
8 KB 22ms
20ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: A01_.TOyslfHN6C7mHM2iYp5F_NuODuW
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wH83A5JSqpa-Wx1PzoqE1hzBvKpRjEJAqsmvkVTDfaWGqUzTtPVbPw==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 16 KB
5 KB 22ms
21ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mzB2ul0u_48ftIGEd6phwcoTfextzATL
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZNhghvNbu1H-b0sViMkPaESEy7NjmRdQmLtYWq4qDicXY4lV33izcg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 72 KB
22 KB 24ms
22ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 49qRFnyGDXmE7VzB9g8AUsJ6S-OU67HYtZYsIc8hwa4nj3kEQV8alw==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 16 KB
6 KB 24ms
23ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mkouq3KsYsSWoIiQc9v5CgSEmH0BNk8ZGrZPRajAOvH73igJbBXpbQ==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 59 KB
19 KB 24ms
23ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 1751625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6QFFV552d_qyZ9pcsgZNY8fkBisjodK4
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1cgdEpTlMBDNhuyBLKhWm6krLLjUVK9GdrZScFoiPz7zWBb2I1uf1A==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 91 KB
28 KB 25ms
24ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p_YagIEBvf.Qgp7hIJy74.J4YIszefj5
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J45tBtY7GOpsstkJMLWpmBWpmbETR3iuBeGAjEwLpOXqBBfmiyNDjg==

GET
H2 200 10.937b0755.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 24 KB
7 KB 26ms
24ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.937b0755.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:16 GMT
server: nginx
etag: W/"e9243456e8ca8af97d77d525d5367d6b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1OI8MdaO_2Zet9LQGrgpik7z8k_2AhIl
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Nq80R2aWoeAAw0_1DchYlOM63bLGGIQDdAjLoQzjXo3R2bOhkzBP_A==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 62 KB
20 KB 27ms
25ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N28UPrhRbnb3xCTOfNH2elwn09-56KFj7Efm_K9NXXWl8asiomKD_Q==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 105 KB
106 KB 38ms
37ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 13:52:56 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 3218759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 107348
last-modified: Fri, 25 Mar 2022 20:18:36 GMT
server: nginx
etag: "8c7c0bf11a78a30db0b2b7f63660c3d1"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zoTn0xETtFKpw09ff7C.en3.5D4u1SCp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gvN9zIdmIbnw0yL2BxxQHx9UDX9Jf8YkPmc0Q2jEi_TpJAslJUZZwg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 12 KB
4 KB 41ms
40ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wDOiuCZSfZ.KHqNETPwI3S2a9GU0lEIR
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VYA8VPTvoRk813JsqQOZhIh2TliVvmfdRm1cRoq-tB6Zt9s1K7yydw==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 12 KB
5 KB 41ms
40ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 13:25:10 GMT
content-encoding: gzip
age: 1751625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 14:51:25 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Kb9jiolYAspdT0T2FEuoVylYgxdOCuEs
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OsTgk4-5zyX4rCYJ1FPPI56I_nlPd7QynlVeIO4nsF8648B7LxaNWw==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 17 KB
7 KB 42ms
41ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 03:24:52 GMT
content-encoding: gzip
age: 10686843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 14:53:53 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Dkv_FsqLKddLKih3pJHr5tmB8OomSFr3
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9eaB-9UxzDVW0MOI6OQJUovDSzepKp5ZYTitipIWUDM0-if-FTDMAA==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame B853 11 KB
3 KB 42ms
41ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"a123c5b36f16fe6d3a3129e24df81443"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ma5Yo1t5i-XlMwMlY0UopBQYQD1fhQ3QV-5ua1G3RSAdtKOaAHK38g==

GET
H2 200 8.dae92d26.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 70 KB
22 KB 42ms
42ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.dae92d26.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

b6dd5026112c134bd2c89b03fd9ac3342aafc5180726e8ce4644a0a9d6559db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:01:50 GMT
content-encoding: gzip
age: 1911425
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 15:38:12 GMT
server: nginx
etag: W/"983e1530acf48d9af79727b31ab73b56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gWwUwTJdQ9wTA8BS7I118umxtNt906Bz
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QYFK7gUd3cQb9pR9YGeuUcY6qeRRDidHSWs1R8J9Dig1mcfhHV20TA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B853 24 B
667 B 43ms
43ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T8DZtI-ffSdWPuMHU4HjVeKbf6knjOUsbRO9ih6ftdpBSx113K_dAw==

GET
H2 200 15.f0469843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 76 KB
20 KB 44ms
43ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.f0469843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

7d848e6fa79f49c44adffad3aae51413a1c215ba74839cdcd557cba5c48eb5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"681522874ccd8ed0f6b5605a44e27ba6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xR0CEqz_058wB4BB46y4CnzgrhuB82fL
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6VU6U2-3KWK1BfdivKbIqI9y2ne9mb6uOO1y2BR2kisIs0YoNx48uQ==

GET
H2 200 22.767a2fb5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 47 KB
13 KB 44ms
44ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.767a2fb5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

747d6bd06ab7fcb37d3cddd6da7a950fb64e71230b0740c4607b21845f557bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:01:50 GMT
content-encoding: gzip
age: 1911425
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 15:38:11 GMT
server: nginx
etag: W/"e5733a86a7e48df75cdf6af56e304f0a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: d37XfzaqF9hzf.sWeuSyNuGI2O6SXw8k
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3ZX7l4d-cBd5IP5GIbXwDOGCijoL3bcYy9qeI_VO2Zos_rQso5rKxg==

GET
H2 200 13.08392f9c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 41 KB
41 KB 44ms
44ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.08392f9c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

aee297a105f962d408fc9c1ab351eb9813cf38ee8af191ab350534a83dafe158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 89135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 41749
last-modified: Wed, 04 May 2022 18:28:29 GMT
server: nginx
etag: "3905f70d8acf9744b0677a6c353b6e1f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oXb3kZdU0GwMiPmAhoN7ACz.nD.UGYKD
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l4InIT1LmzTS4RgBC2FOncYedgk4Pu3STYnj2rRHpepuvNhebhua-Q==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B853 3 KB
1 KB 20ms
19ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q2x1nH6H2CbV3Gd1rmybSZi1wiximwcozNW781K5FiJv0fokZcPKWw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 3 KB
2 KB 20ms
20ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:05:36 GMT
content-encoding: gzip
age: 9071599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 18:53:54 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YwQ_UP9WCExaXAEw1zyrBoB2FWdq9hkkC_MsSV2jQ99hd3v1aDmmSA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 9 KB
9 KB 19ms
18ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:53:07 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 1861548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8798
last-modified: Wed, 13 Apr 2022 15:38:09 GMT
server: nginx
etag: "c5efcdc9e465604f32cf24af10fd6c13"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: JuucXIuiQk7HUMRYLojCs3HxhfA0KAmL
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xp23Hi3uZdM2BVSQ_XubK1ts_efZiILmVokP4u3mAk7SP7J9LLnpFA==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B853 7 KB
2 KB 19ms
19ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 10469114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WdNgp3b5ANzondB59C4Zi8eEjdP79YNIEV46UPd9r_pwbwhZj1qxHg==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 54 KB
55 KB 20ms
19ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 06:53:08 GMT
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
age: 1861547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55755
last-modified: Wed, 13 Apr 2022 15:38:10 GMT
server: nginx
etag: "dc43e7dd478d83a9091a7335b8beb11d"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: brj.OXGUJBtHjhp9M8gRKa7LSVMXCGor
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Awo1ywy3Mm4wQyRqYJqpDfIG-OfcaAmMa5F0NvJAfwLwS4FWwJVb4A==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame B853 43 KB
7 KB 23ms
22ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:51:52 GMT
content-encoding: gzip
age: 4255623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 13:34:19 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PxBjSXKv2D9iu62R72tGZ7okhSAARqe8
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JRlVETxKWqSHA23gevVGFcQEMkZ9jNcsHmXWLhDtI55AI-tFUdBfuA==

GET
H2 200 1.54ef8971.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 73 KB
25 KB 24ms
23ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.54ef8971.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

edfefb99d1f823b0e2a77e287838f09a4f58d66a03b8cd45e7b89e66a559c273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:25 GMT
content-encoding: gzip
age: 854610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:34 GMT
server: nginx
etag: W/"fa95a4990482cbf524fce7417407d635"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: znIKp0RMPxyVI3bKdwFalw0oFTDj8_TM
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jbRBWTROdtyZiwDnbh29j2ifWeZ3UFZH6BHYPwGxfzKqqc_a1f-Zsg==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame B853 12 KB
3 KB 24ms
23ms Stylesheet
text/css 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:15:00 GMT
content-encoding: gzip
age: 7789434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 04 Feb 2022 14:40:27 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E4u4wa4QUaf_PUHJPCzljkUboaNRQFyAtJAfQQ2qq7U1qi5PPDdeRg==

GET
H2 200 30.304d4bf2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame B853 11 KB
5 KB 24ms
24ms Script
application/javascript 13.225.213.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.304d4bf2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.8247e9e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.213.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-213-122.ewr50.r.cloudfront.net

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1651780731595
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:35:21 GMT
content-encoding: gzip
age: 4415014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 14:29:25 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NMIjSc_O1m0oYNrwPiID10ULv1PB3Qyi
via: 1.1 158c603777b70da7a395beb589ad17da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gqU9P-DMjOU58XmXx6iJ8Lho0k9uMiPfmr0YyXKWcCI_Ky2z9NyyNQ==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame EDBF 25 B
123 B 37ms
36ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 May 2022 19:58:55 GMT
server: istio-envoy
requestid: 346f1ee3a7f29dd1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 124ms
29ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 05 May 2022 19:58:55 GMT
requestid: drift0462b9147d1a3f3fc58d9b59fb5
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame EDBF 177 B
275 B 27ms
26ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3b1b8edaa469cc01933a9ee06d826004c17edc01fe23fb0d946f308806e7117b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 May 2022 19:58:55 GMT
server: istio-envoy
requestid: 323c0089d8808a5b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 177
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 94ms
29ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 05 May 2022 19:58:55 GMT
requestid: drift6801aea4b6db284353d4bbff8e7
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 414 B
920 B 84ms
44ms Fetch
application/json 99.84.126.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=dceb2c9b0ef7fd9bf1a69c3bd0275ac3&page=https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs&page_title=Active%20Directory%20is%20Now%20in%20the%20Ransomware%20Crosshairs%20-%20Blog%20%7C%20Tenable%C2%AE&referrer=
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-104.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 5b5a9d24a13a914f332c810002410e1a6cbc797279fc55468db615c78fb62b34

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 19:58:56 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
request-id: 51de843f-6366-433a-a377-ca6befa92235
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.tenable.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V-UFjwZgtwfTxad5H_0C6sUMz70rgEytr0d3XCYonufDHTFBE7B_aA==
expires: Wed, 04 May 2022 19:58:56 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
49 B 63ms
63ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.tenable.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.tenable.com
date: Thu, 05 May 2022 19:58:55 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK event Show response
bttrack.com/engagement/ 0
595 B 26ms
26ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%22360b9e80-d00e-44d5-8955-f5ef7abbf052%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215635%22%2C%22sessionId%22%3A%22ac6a701c-2298-4eac-ae1b-3cc0e42ce961%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fwww.tenable.com%2Fblog%2Factive-directory-is-now-in-the-ransomware-crosshairs%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: www.tenable.com
URL: https://www.tenable.com/blog/active-directory-is-now-in-the-ransomware-crosshairs
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tenable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName: Track004-iad
Pragma: no-cache
Date: Thu, 05 May 2022 19:58:56 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/plain
Content-Length: 0
Expires: -1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame EDBF 25 B
87 B 42ms
41ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 May 2022 19:58:57 GMT
server: istio-envoy
requestid: 1a5a2db1d12efcf1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 27ms
27ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 05 May 2022 19:58:57 GMT
requestid: driftbb101cf43558e0663b6aae9b5e3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tenable.com/	1970-01-20 02:49:42	Name: __cf_bm Value: VAnttvL6Jykltb6h1Aqg85ScfmXtxgmFri29mETO93Q-1651780731-0-AaAH/DmJtvBvhNfIEQVPSOpqLzqsJJkQp82/z8VK50POAea1cUNRBtrHuVxiaRolacAWRTKQ6R0ioy9nt9wHXwA=
.bing.com/	1970-01-20 12:11:16	Name: MUID Value: 1940EDA9C786625F20B6FC32C6AC635B
.bat.bing.com/	1970-01-20 02:59:45	Name: MR Value: 0
.tenable.com/	1970-01-20 20:20:52	Name: _ga Value: GA1.2.1977830125.1651780732
.tenable.com/	1970-01-20 02:51:07	Name: _gid Value: GA1.2.731808469.1651780732
.tenable.com/	1970-01-20 02:49:40	Name: _gat_UA-2024167-13 Value: 1
.tenable.com/	1970-01-20 02:49:40	Name: _dc_gtm_UA-2024167-20 Value: 1
tracking.g2crowd.com/	1970-01-20 03:09:50	Name: _session_id Value: ec8ebc3ec39373e65614b78d5cbf535e
.g2crowd.com/	1970-01-20 02:49:42	Name: __cf_bm Value: dXeHMb2QhtmCAM.86zaexW_aQ1pIO_SkEpyO67osImo-1651780732-0-AQKSBPo5ZjLPwEdogzWsDCW6wJyobwnj55J4p1ixEG5QHQJrJlkHu8FAUjuEeifFsLM6v4iykYs7nzn2oWxnX4c=
.bttrack.com/	1970-01-20 04:59:16	Name: GLOBALID Value: 2uKlc8-sIBd987FnJwHFZmKCgA4GX1f7CHU4nXO3JbuKPTppcIm_0v22nGWu4_YvImr2O8DHoJQC4TM1
.tenable.com/	1970-01-20 04:59:16	Name: _fbp Value: fb.1.1651780732349.2108431794
.facebook.com/	1970-01-20 04:59:16	Name: fr Value: 0196h3U957OFLVX3E..BidCx8...1.0.BidCx8.
.linkedin.com/	1970-01-20 04:59:16	Name: li_sugr Value: 3848d603-bd7c-467c-a8d2-028a47e90bae
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:21:34	Name: bcookie Value: "v=2&0b7fa5b3-36dd-437d-823d-bbf52cbee36e"
.linkedin.com/	1970-01-20 02:51:07	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2663:u=1:x=1:i=1651780732:t=1651867132:v=2:sig=AQGHu1jLMTi7h-vslt8UahK44xsU-WZi"
.tenable.com/	1970-01-20 02:51:07	Name: _uetsid Value: c9a23390ccad11ecaacd67a3f97ff301
.tenable.com/	1970-01-20 12:11:16	Name: _uetvid Value: c9a27e00ccad11ecbadbf908bce6d7ba
www.tenable.com/	1970-01-20 07:08:52	Name: inflow_check_advanced_g_3538 Value: variation1
www.tenable.com/	1970-01-20 07:08:52	Name: inflow_remove_items_from_the_footer_2_g_3537 Value: control
www.tenable.com/	1970-01-20 03:19:55	Name: ciq_io_users Value: null
www.tenable.com/	1970-01-20 07:08:52	Name: inflow_body_copy_g_3496 Value: control
.linkedin.com/	1970-01-20 03:32:52	Name: UserMatchHistory Value: AQIWt0PdSg-w_wAAAYCVzcbQ2a2VN3zZth8J7N1x8h0EaWBS6Asyp6h1XrHp4U6RH2VtwtEoUr0kjw
.linkedin.com/	1970-01-20 03:32:52	Name: AnalyticsSyncHistory Value: AQJi5bOhQ3gKtgAAAYCVzcbQZ9vaZjRorTtP44EABeNiKAquu4zVV39B-CCtG1PJQVB8YtoTwL9KUjNPZK_Ojw
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 20:21:34	Name: bscookie Value: "v=1&20220505195852514d735d-9571-458b-8d99-8c1903cb1071AQEwPmHeIMc4EDmIaht4wfdG_nl9rab2"
.tenable.com/	1969-12-31 23:59:59	Name: tns_country Value: CA
.tenable.com/	1969-12-31 23:59:59	Name: tns_region Value: QC
.tenable.com/	1969-12-31 23:59:59	Name: tns_zip Value: J6N%201M3
.tenable.com/	1970-01-20 11:35:16	Name: _clck Value: 1amtj0z\|1\|f17\|0
info.tenable.com/	1969-12-31 23:59:59	Name: BIGipServerabmweb-nginx-app_https Value: !b4LBAzVFV6qS/VjaQbCLRqc3TBcuip76/JL6Bo6n5HmHqg8g+zI6D9XdExPnNTfWgvAIu2yU0/+nVQ==
.rlcdn.com/	1970-01-20 11:35:16	Name: rlas3 Value: ZD6p9+tYkxJvW6tAFZuAG5vyZwpaVl2yLzt1PcEF6wc=
.tenable.com/	1970-01-20 11:35:16	Name: _hjSessionUser_171589 Value: eyJpZCI6IjdlYjBlY2Q5LTVmNmUtNTc1Yy04MWQyLTg3NDAwM2I4ODVlZCIsImNyZWF0ZWQiOjE2NTE3ODA3MzI1ODMsImV4aXN0aW5nIjpmYWxzZX0=
.tenable.com/	1970-01-20 02:49:42	Name: _hjFirstSeen Value: 1
www.tenable.com/	1970-01-20 02:49:40	Name: _hjIncludedInSessionSample Value: 0
.tenable.com/	1970-01-20 02:49:42	Name: _hjSession_171589 Value: eyJpZCI6Ijk2NzlmMzlkLTBmMjAtNGIwMy1iMjY2LTNhZGU2ZWQ2Yjg3ZiIsImNyZWF0ZWQiOjE2NTE3ODA3MzMzNTIsImluU2FtcGxlIjpmYWxzZX0=
www.tenable.com/	1970-01-20 02:49:40	Name: _hjIncludedInPageviewSample Value: 1
.tenable.com/	1970-01-20 02:49:42	Name: _hjAbsoluteSessionInProgress Value: 0
.info.tenable.com/	1970-01-20 02:49:42	Name: __cf_bm Value: DYwpXGqcCGuap35UYjlUZIi.Y1A0BEitfKH3c0BWcmY-1651780733-0-AYdbX8gZu0bOJuPDlbo32SQQ6S2k7gzleKoOpbGWJf6JLakSHg+Vs0dYPJYUC9rehF/kJtfpM9DZD3GfnZaTEI8=
.tenable.com/	1970-01-20 02:51:07	Name: _clsk Value: 1a9o52p\|1651780733382\|1\|1\|j.clarity.ms/collect
.rlcdn.com/	1970-01-20 04:16:04	Name: pxrc Value: CP3Y0JMGEgUI6AcQABIGCMrdKhAA
.bidr.io/	1970-01-20 12:18:14	Name: bito Value: AAATx07E6FkAACWasvzwsw
.bidr.io/	1970-01-20 12:18:14	Name: bitoIsSecure Value: ok
.company-target.com/	1970-01-20 20:20:52	Name: tuuid_lu Value: 1651780733
.company-target.com/	1970-01-20 20:20:52	Name: tuuid Value: 2db9cce8-e26e-4d89-ba38-752a42b45a51
.adsymptotic.com/	1970-01-20 04:59:16	Name: U Value: 99587c4859df54cda8f44665a42acefa
www.tenable.com/	1970-01-20 02:49:42	Name: drift_campaign_refresh Value: 02ded374-a811-4cfb-aa5a-bd70a683f153
.adsrvr.org/	1970-01-20 11:35:16	Name: TDID Value: 3652a20f-0226-454c-8a66-7fd70d99d3a5
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: a96b7306cbb31b04
.c.bing.com/	1970-01-20 02:59:45	Name: MR Value: 0
.c.bing.com/	1970-01-20 12:11:16	Name: SRM_B Value: 1940EDA9C786625F20B6FC32C6AC635B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:11:16	Name: MUID Value: 1940EDA9C786625F20B6FC32C6AC635B
.c.clarity.ms/	1970-01-20 02:59:45	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 02:49:41	Name: ANONCHK Value: 0
.yahoo.com/	1970-01-20 11:35:38	Name: A3 Value: d=AQABBH4sdGICEKcwK4j6H3GY-fW-fan6YkgFEgEBAQF9dWJ-YgAAAAAA_eMAAA&S=AQAAAqZ4RalL5uB9qptMYP-ZljA
.doubleclick.net/	1970-01-20 20:20:52	Name: IDE Value: AHWqTUnjRaa-klUSUn62ToFnmCDFrg5fRTvLsZ_TTc0r_vFJLIuo8vQVNvBEXuiiuX8
.analytics.yahoo.com/	1970-01-20 11:35:16	Name: IDSYNC Value: 1769~24pv
.rubiconproject.com/	1970-01-20 11:35:16	Name: khaos Value: L2TFLNHZ-7-1WM5
.rubiconproject.com/	1970-01-20 11:35:16	Name: audit Value: 1\|C8L8n+0Xi9bre/jVMCSzoOMFtj8mlGjW/JbgROvNEI3WaDs14xzbSIX7Klqt0hcbdA6JRbMULLOM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLsDp3mzAww6JA0+2BIo6mCsX0YQ5kjM8tD9wsq7MJ2WdX7aVkO4r1V/XHRiEbp3BzpbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/	1970-01-20 11:35:16	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCIqe-O_2ttc6EAUSFQoGZ29vZ2xlEgsI6LLx8fa21zoQBRIWCgdydWJpY29uEgsIwpeL8Pa21zoQBRgFIAIoAzILCIqW-5yNt9c6EAVCDyINCAESCQoFdGllcjMQAVoHbjBjZmg4MWAB
.tenable.com/	1970-01-20 11:35:16	Name: trd_cid Value: 16517807344031271
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gavid_2110 Value: 16517807344031271
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_gvid Value: 16517807344031271
trackingapi.trendemon.com/	1978-01-11 21:31:40	Name: trd_vid_2110 Value: 2110%3A16517807344031271
.tenable.com/	1970-01-20 11:35:16	Name: trd_vid_l Value: 2110%3A16517807344031271
.tenable.com/	1970-01-20 11:35:16	Name: trd_vuid_l Value: 6138494408484864033
.tenable.com/	1970-01-20 11:35:16	Name: trd_first_visit Value: 1651780735
.tenable.com/	1970-01-20 11:35:16	Name: trd_pw Value: 1
.tenable.com/	1970-01-20 02:49:42	Name: trd_pws Value: 1
.tenable.com/	1970-01-20 02:49:42	Name: trd_sid Value: 16517807345729292

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
api.company-target.com
api.tenable.com
assets.trendemon.com
bam-cell.nr-data.net
bat.bing.com
bootstrap.api.drift.com
bttrack.com
c.bing.com
c.clarity.ms
cdn.bttrack.com
cloud.tenable.com
cm.g.doubleclick.net
connect.facebook.net
googleads.g.doubleclick.net
id.rlcdn.com
in.hotjar.com
info.tenable.com
insight.adsrvr.org
j.clarity.ms
js-agent.newrelic.com
js.adsrvr.org
js.driftt.com
match.adsrvr.org
match.prod.bidr.io
metrics.api.drift.com
munchkin.marketo.net
p.adsymptotic.com
pic.trendemon.com
pixel.rubiconproject.com
play.vidyard.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
script.hotjar.com
scripts.demandbase.com
segments.company-target.com
snap.licdn.com
static.cloudflareinsights.com
static.hotjar.com
static.tenable.com
stats.g.doubleclick.net
tracking.g2crowd.com
trackingapi.trendemon.com
ups.analytics.yahoo.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.tenable.com
www.upsellit.com
104.105.36.121
104.17.71.206
104.18.101.194
13.107.42.14
13.225.213.122
13.225.213.128
13.33.46.20
13.33.46.33
13.33.46.79
13.35.73.120
142.251.40.130
142.251.41.2
143.204.138.162
151.101.1.181
151.101.193.2
151.101.66.137
162.247.243.147
192.132.33.46
20.36.253.92
20.85.30.134
2600:1400:9000::687e:74bb
2606:4700:4400::6812:21b6
2606:4700:4400::6812:2437
2606:4700:4400::ac40:9a4a
2606:4700:440e::ac40:9c1a
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80e::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2003
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.222.34.196
3.33.220.150
34.117.39.58
35.190.60.146
50.16.7.188
52.203.72.45
52.85.61.27
54.147.21.139
54.175.125.242
54.175.87.114
54.243.191.164
54.77.142.136
69.16.175.10
8.43.72.98
99.84.126.104
99.84.39.75
001a88abc5239aa4e8c3a57b14976813db4682e25cdef79d7015af6184d6d09a
044924ad31fe03128f25f828f7e75e682334954261ec55910816a2875cc65fe1
04ae842645e0e763c894c5b51b28789a77f9c380c337d1b859f7f0fb613ee722
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0aa02665f02d2de5799b4753498b951582e36348ef03392f286f17d7728aa282
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d5438283cb34d57c6669ad74711f5888188ffd1b3cfaf62d76017d8a07e36d3
0df224d240c4ffded0a99049af94c5e2288fe91b7b9c6de0592bbe261e402826
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
17dd220389c8dc301ed5dada5ed6fc082e74c9dacb90dbbc0e85a159ff912901
19e5d07091eb6553cd3a12010905f025d965befa7297b57d982b979dcd18f0da
1bcfbbb09e0cfc7aa78244e344702e88d79257cb317ea45eb8317c13700fb756
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1d34dcc4059a8223e1cd8251b9768270993625f9b041777506e421dbd69426db
1f628a65cbc39c43a82287999e4d596fd7cacde5585635b747043475fb127158
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
27bae4efe7d8c226b5954287c863835edc38f9e024be5443c619b4b6ef436bbe
27d551863c56b976030ee49aa3f4823994dce3d3cb6ac79b75de43bdd55fd254
2a5818fde3ebf72d87983e461992e10484ac717b5ebb07c8735ed34fd13dc37c
2a9715e78334af6fd9a0dfd221ceb2e574f55dbf1747239553efcd5a8590c692
2d4f2ed317dca64f49d9743eb7db2ea0eb1f5138b8e0241efd4785ce6a0f4ca3
2f8e3e4ea30c6e03cef4e741828c860c28f2fa2f49d2016f6e6c1d0735506595
3405fb4794342c2c457317caa92e7e032360d768804b03cb641cd72215cf4cd4
36ae2f417865635b6883a8aaa11c44530c779cc473cb2fb1b3f1d68a090fa599
3b1b8edaa469cc01933a9ee06d826004c17edc01fe23fb0d946f308806e7117b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c49a54826facf00be5433f9e541df16a4d9101c5de71c47db7cb00e82bc53bd
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
41af15c804fddaaf1574b580d3296f4dfa3043881a64ae62d4d7c8ce5c89dd61
4316eecf6a8addb2e7fed90b66080725868b04a40522b29fc8b4675019b9017e
447eb9b6ab97efecbd970dd756b58005381be0413edd5a29dea40695d4738ff5
4488ad5f693523bf50adb0b50d17582932f2a2dac6038c638e960f9f560cb10a
44baf67e3513d4de7fb607d535f32f43c1983004cebcb098c47b7458b4ed7e30
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8
45ba0812e2a6d109e0e71ee82bdbb1cc8810fcdbffea5b45113540ea134d9879
4ae30664ee32c3fa8cf563f0e54db8d4fac1fb5f3b97a1bff75628cc7291c640
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
5197c665ea4b68a0b713c92a541df2f8fdbc6f314f8e684d316ac6ed713f662a
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
5644cdbfccdb242a716aa851de5e461ad958518c8ce4ad418c2c28ea1edd8ef3
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
57b93e55f8a26705cd6a2fe02e81855114722873f98e1edf4a00c02838eda9a7
59b7cb2e5b9e3ca6c360fa507fefd1db7232a5027f1ebfa3c5ef04dc884c48bb
59d622d8ec9ac8b5d0731999c28f7e7192fb2ef4dc3e5001c9489703564c2783
5b28dd8f70d58f286c38dc3b4e1709b9d7679748903ced472faa59c9a8ad5c1e
5b5a9d24a13a914f332c810002410e1a6cbc797279fc55468db615c78fb62b34
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
628610bfef68a72d91bda7eee896180e5d65337572bf9de1753bfe9a086bab3c
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
6a7f66180992799b365648fd413a69bba942878fdce5ac7eebd03171dc7d6b2a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90
70585dff180f73f8b1af796da43e257e1818fd37580f8610b7fade0f7dca97d6
70f306c07ea44b7cc72687191d434826147c62b3b1a0b697f2357ea8a581731e
71350a60c07c59bcf73f8387e61311485bd9f851053e6288b449d755c76c8d12
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
747d6bd06ab7fcb37d3cddd6da7a950fb64e71230b0740c4607b21845f557bcd
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
79d2d60413ece347b21e8f56a303ed9359e358b3e6b298dcb0fc61e6b7db79db
7a62f82b0b19e13e7cde3fdf0a8265c94f35d19346361161660c5a1e1b344445
7d848e6fa79f49c44adffad3aae51413a1c215ba74839cdcd557cba5c48eb5dc
7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b
7fada57997ddba991d0657de50f70f9063a670a37adb0bab1b0339e503fcd21a
8143504aa0343cd3d72cb2dc971a0c6bb7ceeb28d2f20970e24527988659139f
81c05525a30c59312505b6c75b2b42b3b1cc7a1481b06cb747e978642a55e4c4
8287b67afae06af0d0a063e72ea35e1e5e89c36421043641dfa990fbd68c1bb5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
898214ab56d0fe96ee1661efe0d02502c38e9f1cb88aaa75a60e2399a88c0df3
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8c29b8f5e24af244ef6ceba48c1744090b67c5cb70d2486110eaec4a11333219
8d4c726be2280b8ada6cc74d3ed5458dbd8700e749cd13e7aadbabbc01d9fc0d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
922c5c50a8763f28832c173e256e42b5180ed4eb04cf7857c3b66e29051ff8dd
9547bb782ae183f7d388e3ad99cc7799aa99f80ec81583027101f49f22380d29
957cf14ab21892a13bc2b47a407c1934782048d5f087c16437efcbadadf27e8e
95928be183ce954a5e17c791abcc306df644d29bfb4d0329c0b106792b92bfde
96131c64358a01b83a7f141003f40901cf6eb198e72eb9aa953b54c046defece
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad5144ecfa7aa77a746c88146ea32e6ac05dc1637442084c63ab42f43e2955a
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a7bbfe3bf76de720ac2e9a3b9967eee8fbb3524b40e70b579afb8f1fa99dd59f
acc0a33b2a3746bf05b39014f8567c2fc4367c1c8a5748af65ce56f925e441c3
ad8f01bf08020885accb1b48c7d4690ad971ede94beffbbc6e291af0ae3c98f3
aee297a105f962d408fc9c1ab351eb9813cf38ee8af191ab350534a83dafe158
b067086b86891a63bd42ab3851ed89dc9b262ef597120478585393118785b264
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3489d8ddd967153384606a9a3445e5ce147f6d895ecff15576cc011c271d395
b420ab4da31c0bbba899c91b4d4b239d852288d430d28925375d0929a2719320
b6b1a81fb3be0a4f9726890476c1b3e107689a756de19624b40de487de9cb60c
b6b71b0fae6c847551bc42ab9b79ff12329694cec2cf3d84dbf9af810b340f78
b6dd5026112c134bd2c89b03fd9ac3342aafc5180726e8ce4644a0a9d6559db8
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b9ce44b13bf658d2464fd423298d616e8150475c911c29bb891ff1d8ad1896b6
c143ae1229f929ad785261b3d0989e56bedbfcce25d1005eae00809a88d29ec9
c237f6d371b4364f2e1aa877c8a189e5e3d52d6eebfdb5c973d5d52ec77d8dc2
c3757ab32ab75fe07d08aa345d3090eddf600191e5d07701f70099b40da5a2f2
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c930b221adde5b672ebea399456b8f2b70f25d4154436d0520d30963d72b9185
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb631a35c00075ff589fcfd374da2539e4444a9ba5f12dc776ef114ecfd055a0
cf2857f405c1e79866651f240d4d7dfb5fba73e61a406d316566aed6f4a1de95
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d67a79e7c88940371624edebfd1df45a5e94a7ccb4597ad5320bffa6499869d3
d995b730dc1eb8f94745e62e29f452d0bb1c2945b0d1973f547840f336164f42
da09615e068424b8049c82c35ce8c6866b5c9fa7014a6f1c8aaaa3ca53b5bd3c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df95041dcb113dab426b6863d0c86a18d5dc9518e566701f0cf4bb3bf47d34a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e5565039b10bddf306215a8003f2c78fec2cc56d2cbd75809ed91d883d6a62c1
e566e050b230d0130abf8d9cdbc8135e7fc13d4edbbb41a5dfc2858da3aefce3
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
eb6f17afd76ff70f569422aa53ba0033a1fbdbb6d21865d64684953f18498a61
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed3db5863f10a0c09aac6f37a5c78c11d07f6dd47e2ee5a21de3cb8617a0adb3
edfefb99d1f823b0e2a77e287838f09a4f58d66a03b8cd45e7b89e66a559c273
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee72aa6a604bbd98ee2551e8c910877058926b20797a2c8ce11e939a253d0b31
eecb686f11495de742a45aba773fecfd6a679d862634bab8a228e6199d327cfc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f0aebf4e46d714bf3e4e15b1ccae62f714ca016e001701d370a5db92f5ff5abf
f11792388d69686e784e5e238e58fc0bb8243b8633df998afd8c3235250a4b75
f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f716a00ed98e610465ab91f12b6d055fa55502f53537088e9171a46f115343f1
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f94ee2669d48a60d79acca7001f80fb96c420189096855b0db4b6de68ecfabcf
fa15d775844f632472ccc76865bf2a501c8befcde16fa38b8dec91afb37f7dc4
fad196b0439b7b6f6420de47a92d5c784d951ac45c9eb6caf87b13f6d4084d1d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd5d7a8f5edd62228256d4565c926f9b5c253eab2a1d045ec42b67d2481dd1cd

www.tenable.com Open in urlscan Pro 2606:4700:4400::6812:21b6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

208 Requests

98 %HTTPS

29 %IPv6

34 Domains

55 Subdomains

44 IPs

3 Countries

15160 kBTransfer

20016 kBSize

71 Cookies

49 Outgoing links

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tenable.com Open in urlscan Pro
2606:4700:4400::6812:21b6 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

98 %
HTTPS

29 %
IPv6

34
Domains

55
Subdomains

44
IPs

3
Countries

15160 kB
Transfer

20016 kB
Size

71
Cookies

208 HTTP transactions
0 data transactions