blog.beyondsecurity.com Open in urlscan Pro
104.196.190.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Submission: On May 25 via manual (May 25th 2022, 10:17:01 am UTC) from RO — Scanned from DE

Summary HTTP 247 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 247 HTTP transactions. The main IP is 104.196.190.188, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is blog.beyondsecurity.com.
TLS certificate: Issued by R3 on May 14th 2022. Valid for: 3 months.

This is the only time blog.beyondsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
83	104.196.190.188 104.196.190.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	108.157.4.116 108.157.4.116	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.21 108.157.4.21	16509 (AMAZON-02) (AMAZON-02)
64	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.45 108.157.4.45	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
15	52.222.236.129 52.222.236.129	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.7 108.157.4.7	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.63 13.32.99.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	52.49.107.79 52.49.107.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	52.202.36.143 52.202.36.143	14618 (AMAZON-AES) (AMAZON-AES)
31	199.232.136.159 199.232.136.159	54113 (FASTLY) (FASTLY)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
4	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
247	28

83 104.196.190.188 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.190.196.104.bc.googleusercontent.com

blog.beyondsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogbeyond.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.157.4.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-116.dus51.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-21.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.222.236.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.107.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-79.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.36.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-36-143.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 199.232.136.159 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	beyondsecurity.com blog.beyondsecurity.com	2 MB
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5324	754 KB
34	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1528 pbs.twimg.com — Cisco Umbrella Rank: 702 ton.twimg.com — Cisco Umbrella Rank: 6022	846 KB
22	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3247 consent-pref.trustarc.com — Cisco Umbrella Rank: 18087 consent-st.trustarc.com — Cisco Umbrella Rank: 33780	226 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 664 syndication.twitter.com — Cisco Umbrella Rank: 954	214 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5725 bootstrap.api.drift.com — Cisco Umbrella Rank: 6045	452 B
6	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4972	11 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989 in.hotjar.com — Cisco Umbrella Rank: 1730	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	169 KB
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1727	4 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 33343	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5483	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 92	447 B
1	wpengine.com blogbeyond.wpengine.com	18 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7016	148 KB
247	19

	Domain	Requested by
82	blog.beyondsecurity.com	blog.beyondsecurity.com
64	js.driftt.com	blog.beyondsecurity.com js.driftt.com
31	pbs.twimg.com	blog.beyondsecurity.com
15	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com blog.beyondsecurity.com prefmgr-cookie.truste-svc.net
6	forms.hsforms.com	js.hsforms.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com blog.beyondsecurity.com
6	platform.twitter.com	blog.beyondsecurity.com platform.twitter.com
6	consent.trustarc.com	blog.beyondsecurity.com consent.trustarc.com
4	metrics.api.drift.com	js.driftt.com
3	www.googletagmanager.com	blog.beyondsecurity.com www.googletagmanager.com
2	bootstrap.api.drift.com	js.driftt.com
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	platform.twitter.com blog.beyondsecurity.com
2	secure.gravatar.com	blog.beyondsecurity.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	blog.beyondsecurity.com
1	prefmgr-cookie.truste-svc.net	blog.beyondsecurity.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	blog.beyondsecurity.com
1	www.google.com	blog.beyondsecurity.com
1	in.hotjar.com	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	blogbeyond.wpengine.com	blog.beyondsecurity.com
1	js.hsforms.net	blog.beyondsecurity.com
247	28

This site contains links to these domains. Also see Links.

Domain
www.helpsystems.com
www.linkedin.com
www.facebook.com
twitter.com
www.youtube.com
beyondsecurity.com
beyondsecurity.freshdesk.com
blogbeyond.wpengine.com
www.portnox.com
techjury.net
www.splunk.com
searchsecurity.techtarget.com
nvd.nist.gov
cve.mitre.org
www.beyondsecurity.com
www.scmagazine.com

Subject Issuer	Validity	Valid
blog.beyondsecurity.com R3	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.wpengine.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Frame ID: AA6A5AF0AF5E0581F09582E61FD0C2D7
Requests: 120 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fblog.beyondsecurity.com
Frame ID: D45495DFF638B13FD4E132CEAC21C0F5
Requests: 2 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: 19E69FD8035EA8DA97B7E2CC713E4598
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 32E23D4C31F501FD4A58FB6FBB23A73F
Requests: 15 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 5D8C61567B558428A793DC12D256CFB8
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html
Frame ID: 85B7C63E00C98AE974C859E3E09F1C45
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 960B7DFD8C6288159498847F707D95E5
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1527249808041590784/r2cvY5Gp?format=jpg&name=600x314
Frame ID: 98AF225D68A4C24E0588D4DA3A32EB60
Requests: 39 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 768C37B7781E9FB9ADC5FCD910474C47
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
Frame ID: 5D9433A8DA1EB6A2961FC4F38B380CD3
Requests: 33 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 0A73D7897F648D18B4846725EBE283E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Automated Detection and Network Access Control Work Together to Improve Incident Response - Beyond Security Blog

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

247
Requests

100 %
HTTPS

48 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

4355 kB
Transfer

9595 kB
Size

15
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helpsystems.com/about/news/helpsystems-acquires-beyond-security-continue-expansion-cybersecurity-portfolio
Title: READ THE PRESS RELEASE

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/beyond-security/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Beyond-Security-179028069170491/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/beyondsecurity
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCEtdTo5SMymJaD3OtRs8SeA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://beyondsecurity.freshdesk.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/contact.html
Title: Contact

Search URL Search Domain Scan URL

URL: http://blogbeyond.wpengine.com/
Title: All

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/demo_signup.html
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/solutions/besecure.html
Title: automated detection

Search URL Search Domain Scan URL

URL: https://www.portnox.com/use-cases/network-access-control/
Title: network access control

Search URL Search Domain Scan URL

URL: https://techjury.net/blog/byod/#gref
Title: increase in BYOD

Search URL Search Domain Scan URL

URL: https://www.splunk.com/pdfs/info-briefs/the-state-of-security-operations.pdf
Title: study

Search URL Search Domain Scan URL

URL: https://searchsecurity.techtarget.com/feature/Incident-response-tools-can-help-automate-your-security
Title: responding to incidents

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln-metrics/cvss
Title: CVSS

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/
Title: CVE

Search URL Search Domain Scan URL

URL: http://www.beyondsecurity.com/

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/272018/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/review/beyond-security-besecure-20-3/

Search URL Search Domain Scan URL

URL: https://beyondsecurity.com/7-best-practices-vulnerability-assessment-management-ebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

247 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/ 203 KB
34 KB 726ms
127ms Document
text/html 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 82f11d29a090e74a98c22d56f3b9482ab944803c98881149a4d0971a05a841ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 10:16:52 GMT
link: <https://blog.beyondsecurity.com/wp-json/>; rel="https://api.w.org/" <https://blog.beyondsecurity.com/wp-json/wp/v2/posts/3577>; rel="alternate"; type="application/json" <https://blog.beyondsecurity.com/?p=3577>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://blog.beyondsecurity.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 204ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-240792-9

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d890d7747a2b2b041dd841470b96a55832433522a8fb1be0b769cdeb98b39547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39473
x-xss-protection: 0
last-modified: Wed, 25 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 10:16:52 GMT

GET
H2 200 style.min.css
blog.beyondsecurity.com/wp-includes/css/dist/block-library/ 81 KB
11 KB 132ms
105ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
server: nginx
etag: W/"62443f51-145db"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 simple-line-icons.css
blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 11 KB
3 KB 135ms
109ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 15:04:04 GMT
server: nginx
etag: W/"606c7864-2d25"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/css/ 15 KB
3 KB 183ms
157ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 15:04:04 GMT
server: nginx
etag: W/"606c7864-3c15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/themes/gridlove/ 340 B
442 B 183ms
157ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove/style.css?ver=5.9.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d1c0618f43751a25c481b67ea92565eba4597079cb074a4a5dfcd9a90c3d1384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Mon, 13 Jan 2020 06:09:02 GMT
server: nginx
etag: W/"5e1c097e-154"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/themes/gridlove-child/ 12 KB
3 KB 131ms
105ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove-child/style.css?ver=1.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0296cf04d019c2ccadd5d4eb4883090577ccaf99530b013dd03ce25fd4f04784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Sat, 29 May 2021 11:37:12 GMT
server: nginx
etag: W/"60b22768-2eb4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 1 KB
898 B 199ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.9.5

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:16:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 10:16:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 10:16:52 GMT

GET
H2 200 min.css
blog.beyondsecurity.com/wp-content/themes/gridlove/assets/css/ 194 KB
35 KB 195ms
170ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove/assets/css/min.css?ver=1.9.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e42ceb96387bf7bec64a61fa542684cc07f9c1bfdb2c9c57021e95ec8445084c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Mon, 13 Jan 2020 06:09:02 GMT
server: nginx
etag: W/"5e1c097e-30697"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
blog.beyondsecurity.com/wp-includes/js/ 18 KB
5 KB 277ms
218ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-easy-ads-widget/css/ 705 B
491 B 151ms
107ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Wed, 27 Jan 2021 15:00:29 GMT
server: nginx
etag: W/"6011800d-2c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget.css
blog.beyondsecurity.com/wp-content/plugins/meks-easy-instagram-widget/css/ 752 B
509 B 144ms
98ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-instagram-widget/css/widget.css?ver=5.9.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: addbfa1028cf127b39a23057953a377e32fb30f1c97ba30f4626e8ec3d1fd3df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 15:35:14 GMT
server: nginx
etag: W/"625990b2-2f0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-simple-flickr-widget/css/ 353 B
423 B 145ms
99ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-simple-flickr-widget/css/style.css?ver=1.2
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c32f164be54b12ca8d8eb1f9aa5f2269bb6ade148ddb5314156c8470c59b2115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Thu, 05 Aug 2021 14:55:22 GMT
server: nginx
etag: W/"610bfbda-161"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-smart-author-widget/css/ 545 B
469 B 146ms
99ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-smart-author-widget/css/style.css?ver=1.1.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Tue, 10 Aug 2021 14:55:34 GMT
server: nginx
etag: W/"61129366-221"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-smart-social-widget/css/ 41 KB
6 KB 180ms
134ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-smart-social-widget/css/style.css?ver=1.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:52 GMT
content-encoding: br
last-modified: Wed, 27 Jan 2021 15:00:31 GMT
server: nginx
etag: W/"6011800f-a569"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
blog.beyondsecurity.com/wp-content/plugins/meks-themeforest-smart-widget/css/ 351 B
397 B 180ms
135ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-themeforest-smart-widget/css/style.css?ver=1.4
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Wed, 27 Jan 2021 15:00:32 GMT
server: nginx
etag: W/"60118010-15f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.css
blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/css/ 9 KB
2 KB 183ms
137ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.7
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 15:35:19 GMT
server: nginx
etag: W/"625990b7-2490"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
blog.beyondsecurity.com/wp-includes/js/jquery/ 87 KB
31 KB 192ms
147ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
blog.beyondsecurity.com/wp-includes/js/jquery/ 11 KB
4 KB 193ms
147ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-gtag.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 195ms
150ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.1
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad94ea1bc50aaf3b69323cbcc73629348c0abf5796d15ed15238ac4e01b81680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:29 GMT
server: nginx
etag: W/"6273e4ad-2e19"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 analytics-talk-content-tracking.js Show response
blog.beyondsecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 4 KB
1 KB 197ms
152ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js?ver=1.15
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 15:35:07 GMT
server: nginx
etag: W/"625990ab-f16"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 217ms
85ms Script
text/javascript 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

d8246888110e1eb3d66e3f81117fdeb1ee811e4f9b7f6bf579b468d4ef3794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.beyondsecurity.com/
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Accept-Encoding
content-length: 3680
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: kJaE3T57RbmoItWojgmuyzR7KoRwASuKU4t-tjJi9840Xsu04KEtSA==
expires: Wed, 25 May 2022 11:16:53 GMT

GET
H2 200 hs-beyond-security-logo-1.png
blog.beyondsecurity.com/wp-content/uploads/ 5 KB
5 KB 280ms
221ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/hs-beyond-security-logo-1.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71cc4e3304eb8c0400a5cc1c938a4889c919bb8927ea8d9f5c13f6ffcaa40bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Mon, 08 Nov 2021 22:35:31 GMT
server: nginx
etag: "6189a633-13a9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5033

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 586 KB
148 KB 148ms
39ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20fcf82673f4ab16e3b00d7d1493440f6485d40e0a96dd363196c443cf469a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 12:15:08 UTC
server: cloudflare
etag: W/"9c588715941d61241d284a04c28c4e65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY5hFCHIyPEykqmPQf2x9LxL20n599W1mDySAM9%2BcN%2Bf%2Fg8B14RoiaibJjR3MqUu4hVnc%2FqWJDwC6UOIFXgzGTjAau3ymbAzDaGRvxMH6400ErakX086UofTtJ1bivAGrpsoJduLbZfzh8Sh"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: mF3yXdw5MrOEYw1YNDlt.P2GEpYEs4HX
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 710d84a4dec99048-FRA
x-amz-cf-id: CSddJF4hsS1FAM7_-F0OxwG49nFIuoO7l6duopTSghwItBwiroKjtw==
x-hs-target-asset: FormsNext/static-5.499/bundles/project_with_deps.js

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 113ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:16:53 GMT
Content-Encoding: gzip
Age: 767
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:06:46 GMT
Server: ECS (frb/67DF)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 1080x1080-03.jpg
blog.beyondsecurity.com/wp-content/uploads/ 406 KB
406 KB 287ms
229ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/1080x1080-03.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 51bfbf0035a429f259b8225be89e775ccd11fc1e070e523cb136944fafed314a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Sun, 31 May 2020 17:53:56 GMT
server: nginx
etag: "5ed3ef34-65623"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 415267

GET
H2 200 hs-beyond-security-logo-white.svg
blog.beyondsecurity.com/wp-content/uploads/ 11 KB
4 KB 287ms
229ms Image
image/svg+xml 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/hs-beyond-security-logo-white.svg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b5591fe059eed688a0fa8238e765d002b87313aaf86801a1206ea4ab0d7b5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 08 Nov 2021 22:35:30 GMT
server: nginx
etag: W/"6189a632-2a51"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 laptop_network_vector_800w.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 354 KB
355 KB 287ms
229ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/laptop_network_vector_800w.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4ced6aee54a17edca482ba24c236c4d6d39479db4a542fd93d37589ac84e4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Tue, 28 Jan 2020 22:33:26 GMT
server: nginx
etag: "5e30b6b6-58860"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 362592

GET
H2 200 frontend-legacy.min.css
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/css/ 13 KB
1 KB 146ms
94ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e8e7cd4193c77cb73c879d8435af78b3fc7614181f1e7d3760641b7778b7400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-35ed"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.css
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/css/ 159 KB
20 KB 162ms
105ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 888937b853414182608e6ed76b574497748b1954de47389bf4b2018f90b9d324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-27dfe"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-3958.css
blog.beyondsecurity.com/wp-content/uploads/elementor/css/ 266 B
342 B 156ms
93ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/elementor/css/post-3958.css?ver=1652720137
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d3f66ca93473d0ccc0af08dd6f66e6c849a5d0db482f6b7d5f3ddb3af151701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 16:59:12 GMT
server: nginx
etag: W/"628282e0-10a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 elementor-icons.min.css
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 158ms
95ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-4ab8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-2986.css
blog.beyondsecurity.com/wp-content/uploads/elementor/css/ 1021 B
559 B 158ms
95ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/elementor/css/post-2986.css?ver=1640818676
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e0633349f3a7de6a9c28586d150f96cca5b9e9846c0cd095156fb1071d7e848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Wed, 29 Dec 2021 22:57:56 GMT
server: nginx
etag: W/"61cce7f4-3fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.css
blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/css/ 454 KB
43 KB 161ms
98ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7418fd166b680cf7154bde115f722441996a7f498ce9afb6933abf1ce75e843e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 20:35:53 GMT
server: nginx
etag: W/"6259d729-719d5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 animations.min.css
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 161ms
98ms Stylesheet
text/css 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-4824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 97ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca69306b0e8a13f4c2c54bcb81890ed50d98d2c5646615c8d7fb9f419c34ac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:06:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 10:16:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 10:16:53 GMT

GET
H2 200 main.js Show response
blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 161ms
99ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 15:04:04 GMT
server: nginx
etag: W/"606c7864-1d0b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm4wp-form-move-tracker.js Show response
blog.beyondsecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
577 B 161ms
99ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.15
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 15:35:07 GMT
server: nginx
etag: W/"625990ab-5a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 imagesloaded.min.js Show response
blog.beyondsecurity.com/wp-includes/js/ 5 KB
2 KB 164ms
102ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
etag: W/"5ee520a7-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 masonry.min.js Show response
blog.beyondsecurity.com/wp-includes/js/ 24 KB
8 KB 169ms
106ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
etag: W/"5ee520a7-5e4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.masonry.min.js Show response
blog.beyondsecurity.com/wp-includes/js/jquery/ 2 KB
915 B 217ms
154ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
server: nginx
etag: W/"57b604a2-71b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 min.js Show response
blog.beyondsecurity.com/wp-content/themes/gridlove/assets/js/ 87 KB
25 KB 217ms
155ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove/assets/js/min.js?ver=1.9.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2707f2daaba3aa51f9932bb90dbdc73359604d3c6bd0a5f924080517b9c99ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 13 Jan 2020 06:09:02 GMT
server: nginx
etag: W/"5e1c097e-15ca7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.js Show response
blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/js/ 551 B
531 B 218ms
156ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.7
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 15:35:19 GMT
server: nginx
etag: W/"625990b7-227"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack-pro.runtime.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 218ms
156ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1690d5d80cf38538349be620dec4824cc65f1298ddba8a5841002682590992d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 20:35:53 GMT
server: nginx
etag: W/"6259d729-1405"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack.runtime.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 219ms
157ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6d39822e34f949768c8aa5d6c99e4cde5013f2221990bf58137e8e2913d4ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-1360"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-modules.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/ 14 KB
5 KB 224ms
162ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: eebb7c9b62d8028d702b547bcef97e776ada693cbafa64161471b1f96f5d0556

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-37c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
blog.beyondsecurity.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 225ms
163ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: nginx
etag: W/"61928c41-195e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
blog.beyondsecurity.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 231ms
170ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
etag: W/"61925789-4b3d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
blog.beyondsecurity.com/wp-includes/js/dist/ 6 KB
2 KB 231ms
170ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
etag: W/"61925789-163a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
blog.beyondsecurity.com/wp-includes/js/dist/ 10 KB
4 KB 236ms
175ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
etag: W/"61925789-28a7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/ 20 KB
6 KB 237ms
177ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 054c6ffbc6f4d2a7521489ec830ba65253bdd69a31a2bba14b0b3af39b297cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 20:35:53 GMT
server: nginx
etag: W/"6259d729-50e9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 waypoints.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 239ms
179ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
blog.beyondsecurity.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 245ms
185ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
server: nginx
etag: W/"61fb1bf2-50ea"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 swiper.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
36 KB 246ms
186ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-21f91"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 share-link.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 247ms
187ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-a12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dialog.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 248ms
188ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-29ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/ 37 KB
11 KB 258ms
198ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bccb715aeac8a50b19f527b17f3a1e86142e1b8ad8711c3195ce297696feb490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-936d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 preloaded-elements-handlers.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/ 130 KB
31 KB 265ms
206ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7feea346ded7a283c4eb32eb3c5a292ed2781436b1e7eb9fcc8c42dcccb84c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 20:35:53 GMT
server: nginx
etag: W/"6259d729-2071a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 preloaded-modules.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/ 42 KB
13 KB 266ms
206ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3b168c097d61acde0e2bdf43e11db394006f4ba38f8e61b93b8c71f54af484a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Thu, 05 May 2022 14:52:07 GMT
server: nginx
etag: W/"6273e497-a980"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sticky.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 3 KB
2 KB 267ms
208ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.5
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 15 Apr 2022 20:35:53 GMT
server: nginx
etag: W/"6259d729-ca4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 underscore.min.js Show response
blog.beyondsecurity.com/wp-includes/js/ 19 KB
8 KB 275ms
216ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 21:47:13 GMT
server: nginx
etag: W/"61806061-4a7d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-util.min.js Show response
blog.beyondsecurity.com/wp-includes/js/ 1 KB
928 B 276ms
217ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-includes/js/wp-util.min.js?ver=5.9.3
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
server: nginx
etag: W/"60d5ed52-53c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
blog.beyondsecurity.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/ 754 B
607 B 276ms
217ms Script
application/javascript 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.6.4
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 10:47:29 GMT
server: nginx
etag: W/"5fdc88c1-2f2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 214ms
26ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-240792-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2527
date: Wed, 25 May 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 11:34:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
61 KB 96ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTGHXLC

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d94d5435112ff6fd5915050cc5b845ab93d643a3cbdaab097b516ba8feaa1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62702
x-xss-protection: 0
last-modified: Wed, 25 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 10:16:53 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 221ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 61724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:08:09 GMT

GET
H2 200 fontawesome-webfont.woff2
blog.beyondsecurity.com/wp-content/themes/gridlove/assets/fonts/ 75 KB
76 KB 246ms
188ms Font
font/woff2 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove/assets/css/min.css?ver=1.9.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://blog.beyondsecurity.com/wp-content/themes/gridlove/assets/css/min.css?ver=1.9.5
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Mon, 13 Jan 2020 06:09:02 GMT
server: nginx
etag: "5e1c097e-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 244ms
48ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700&subset=latin%2Clatin-ext&ver=1.9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 61724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:08:09 GMT

GET
H2 200 search-icon.png
blogbeyond.wpengine.com/wp-content/uploads/ 17 KB
18 KB 554ms
132ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogbeyond.wpengine.com/wp-content/uploads/search-icon.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-content/themes/gridlove-child/style.css?ver=1.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 04281386f1fb8cf63877a919c19f0ac691a40a32cddb5594a5debb50256b7a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Mon, 16 Dec 2019 09:37:18 GMT
server: nginx
etag: "5df7504e-45ad"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17837

GET
H2 200 warning-yellow-tape-with-text-do-not-enter-yellow-barrier-caution-tape-prohibit-access-blocking-restricted-area-copy1920x1280-1905x500.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 85 KB
85 KB 230ms
171ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/warning-yellow-tape-with-text-do-not-enter-yellow-barrier-caution-tape-prohibit-access-blocking-restricted-area-copy1920x1280-1905x500.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: be4b18db98ed3d86b16ae7834b097f03e98d60fe84c05f873025c86bff23341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Thu, 27 May 2021 13:13:12 GMT
server: nginx
etag: "60af9ae8-154b6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 87222

GET
H2 200 socicon.woff
blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/fonts/ 98 KB
99 KB 230ms
171ms Font
font/woff 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/fonts/socicon.woff
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c

Request headers

Referer: https://blog.beyondsecurity.com/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.7
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Fri, 15 Apr 2022 15:35:19 GMT
server: nginx
etag: "625990b7-18994"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 100756

GET
H2 200 0d55726e12ff90b66be7720356b85eb2
secure.gravatar.com/avatar/ 650 B
924 B 124ms
0ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0d55726e12ff90b66be7720356b85eb2?s=24&d=mm&r=g
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6867294aaf0699ffd78289ff68527e00dd97751a07cc4652228b69ea2345d636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Thu, 06 Feb 2020 15:30:49 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0d55726e12ff90b66be7720356b85eb2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0d55726e12ff90b66be7720356b85eb2?s=24&d=mm&r=g>; rel="canonical"
content-length: 650
expires: Wed, 25 May 2022 10:21:53 GMT

GET
H2 200 0d55726e12ff90b66be7720356b85eb2
secure.gravatar.com/avatar/ 3 KB
3 KB 124ms
0ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/0d55726e12ff90b66be7720356b85eb2?s=100&d=mm&r=g
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d31942dd1a88413f9a7af40b8d15ab4f382dc596d7deb5b44915881cb4160654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 25 May 2022 10:16:53 GMT
last-modified: Thu, 06 Feb 2020 15:30:49 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="0d55726e12ff90b66be7720356b85eb2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/0d55726e12ff90b66be7720356b85eb2?s=100&d=mm&r=g>; rel="canonical"
content-length: 2849
expires: Wed, 25 May 2022 10:21:53 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3478499/65d7b7a4-7e0d-4505-9df0-308ea937a975/ 61 KB
7 KB 251ms
199ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/65d7b7a4-7e0d-4505-9df0-308ea937a975/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06941c66a47db7f8b6aa705914c5367284e8a57451d04542ca565a74f476b2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://blog.beyondsecurity.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 25 May 2022 10:16:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 3f5996e6-ac58-4c51-81b3-9d83a5d505f8
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2BB9B9C7242415FDAF95EB44AEA9D7655FD8748A58000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 710d84a8ed5e8fd1-FRA
access-control-allow-headers: *

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/3478499/65d7b7a4-7e0d-4505-9df0-308ea937a975/ Frame 0
0 254ms
128ms Preflight
text/plain 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/65d7b7a4-7e0d-4505-9df0-308ea937a975/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://blog.beyondsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 710d84a79b0d5c4a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 25 May 2022 10:16:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 50b59a07-f367-4ee1-add8-b323fa05e647
x-robots-tag: none
x-trace: 2B76EBDFE9B824BFC34118C249A1418F74A292D5B8000000000000000000

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/ Frame 0
0 144ms
109ms Preflight
text/plain 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://blog.beyondsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 710d84a7cb4c5c4a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 25 May 2022 10:16:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 64201249-69d0-47cf-bd2e-47347dfdcce7
x-robots-tag: none
x-trace: 2B4A8F6B093B69334FE0669F7DA59EC772447783CD000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/ 6 KB
2 KB 237ms
187ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4bb66701b133955a9c28166bdab1891e97a025ddf7e520e492a164e953f97b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://blog.beyondsecurity.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 25 May 2022 10:16:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: bb1fc1d3-5e74-4242-8801-f1709ddd9c71
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B115A7EFFCE13FE7AAADFB32A938FCC1242484CDE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 710d84a8ed5a8fd1-FRA
access-control-allow-headers: *

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/ 6 KB
2 KB 204ms
184ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de76af63ae5d4a72867919237eb9635a0c27cb97bf9e25f7b1c666ef023ad45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://blog.beyondsecurity.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 25 May 2022 10:16:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 7936ee04-2637-4202-921f-3fa6d20bedaa
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B870373BE3807484BF419E681D266AF35DB6B261C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 710d84a8fd6a8fd1-FRA
access-control-allow-headers: *

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/ Frame 0
0 163ms
127ms Preflight
text/plain 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/d26196bb-5618-4e38-bc58-0ad285f6c76e/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://blog.beyondsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://blog.beyondsecurity.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 710d84a7eb8f5c4a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 25 May 2022 10:16:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: bc5bf569-d297-4c1d-a8da-bba38b86e2b6
x-robots-tag: none
x-trace: 2BBB0CB5E5F1592D0403AB1B9C2DD777D3F5BB6BB0000000000000000000

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 94ms
71ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LWCJ3FM7ZS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-240792-9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61be6ed1542c9263fdf43d24c256b8d596f11b4d18b05f3ad26fe19ee2dcaf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69949
x-xss-protection: 0
expires: Wed, 25 May 2022 10:16:53 GMT

GET
H2 200 hotjar-2673551.js Show response
static.hotjar.com/c/ 4 KB
2 KB 152ms
31ms Script
application/javascript 108.157.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2673551.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTGHXLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-21.dus51.r.cloudfront.net

Software

Resource Hash

e92e44f1c4bc9b93ea6bf75fcb92bc76d63a36b07b751639bd3cc9b6930a101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/3675c66bf9b4ecb6e6129c0612188ae9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: tuuD53HkU-GyT0t7drZHRFYyAKKxLwshVMM6ooU3kwBeuxL6o9Bwsg==
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)

GET
H2 200 Interior_autonomous_or_car_self-driving_car_with_HUD_blue_and_black_concept_yellow_and_green_squares-80x60.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 3 KB
3 KB 138ms
94ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/Interior_autonomous_or_car_self-driving_car_with_HUD_blue_and_black_concept_yellow_and_green_squares-80x60.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d329e7fd6547cab9c45b3331a30facd05ed817cf036efc350e0cd52770dc66c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:14:00 GMT
server: nginx
etag: "60af9b18-a59"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2649

GET
H2 200 isometric_purple_cloud_iot_network_security_rendered-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 9 KB
9 KB 142ms
97ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/isometric_purple_cloud_iot_network_security_rendered-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9271d6dd8a9db2f7226cbca48f0b684c9de3a4bd8a09ebef4fcd80c69630f9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:34 GMT
server: nginx
etag: "60af9a86-2204"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8708

GET
H2 200 cybersecurity_shield_blue_pink_network_SCANNING_rendered-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 9 KB
10 KB 143ms
98ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/cybersecurity_shield_blue_pink_network_SCANNING_rendered-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6546020407964ebeded1bc22cfffc590cb2067364ed2e12f83db7f23dc4dc1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:29 GMT
server: nginx
etag: "60af9a81-2564"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 9572

GET
H2 200 isometric_blue_network_hacker_pink_shield_rendered-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 8 KB
8 KB 144ms
98ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/isometric_blue_network_hacker_pink_shield_rendered-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a2f5f7cb1553e2661545638cfd54ea6025c4322ef8916120b963e6ca17ab51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:25 GMT
server: nginx
etag: "60af9a7d-1f59"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8025

GET
H2 200 code-testing-isometric-devices-on-blue-gradation-vector-1920X1120-80x60.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 1 KB
2 KB 144ms
99ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/code-testing-isometric-devices-on-blue-gradation-vector-1920X1120-80x60.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1b35856fec0b09e3d7ae1efa2594e3c33bf303079113ce2a2e22cd97ded31349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:13:08 GMT
server: nginx
etag: "60af9ae4-5cd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1485

GET
H2 200 shutterstock_272605655-e1617020669419-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 8 KB
8 KB 144ms
99ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/shutterstock_272605655-e1617020669419-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1b3f3f3f600f3303c786e38fedaa5c4b83a778b50461316be3e72270840ad4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:13:45 GMT
server: nginx
etag: "60af9b09-1e39"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7737

GET
H2 200 cybersecurity-data-gears-concept-on-dark-blue-gradient-background-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 7 KB
7 KB 145ms
99ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/cybersecurity-data-gears-concept-on-dark-blue-gradient-background-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 777b616a4a6124957237e75b71dbb2c2019713ce360faf414dc0e4f7f3ea1ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:13:51 GMT
server: nginx
etag: "60af9b0f-1bb5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7093

GET
H2 200 Security-Scan2000x100-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 5 KB
6 KB 145ms
100ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/Security-Scan2000x100-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9dcef8dfdfbac0c4b68fb0fd2748458e9cb25b3faa8c4bc9682cea6c58876a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Fri, 27 Aug 2021 19:11:25 GMT
server: nginx
etag: "612938dd-1594"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5524

GET
H2 200 web-app-coding-development-and-security-with-2-men-1920x-80x60.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 2 KB
3 KB 146ms
101ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/web-app-coding-development-and-security-with-2-men-1920x-80x60.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4ab1b3c6a13ce6d4f9fda30e5a4473641a9f418c2e74e1b60e4e3d3b738194d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:12:49 GMT
server: nginx
etag: "60af9ad1-9b9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2489

GET
H2 200 Zero-Day-blog-feature-image-80x60.jpg
blog.beyondsecurity.com/wp-content/uploads/ 1 KB
1 KB 146ms
101ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/Zero-Day-blog-feature-image-80x60.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26c63cc9c3510d16f5a8494d4f705c4cbc858e4df1e28161b55b305c60effc23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Wed, 15 Dec 2021 18:56:23 GMT
server: nginx
etag: "61ba3a57-51c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1308

GET
H2 200 internet-things-communication-technology-80x60.jpg
blog.beyondsecurity.com/wp-content/uploads/ 3 KB
3 KB 147ms
102ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/internet-things-communication-technology-80x60.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23849cce54ae587f6db768a62fd6ad89ba702550e2889b2345b978d19449e203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:56 GMT
server: nginx
etag: "60af9a9c-a12"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2578

GET
H2 200 GDPR_vector_800w-80x60.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 2 KB
2 KB 232ms
187ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/GDPR_vector_800w-80x60.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 72e0a7c5e70ed06f5ef4766fc307461b6f50dfe3d77c4bd5a7f13251c556dc3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:12:02 GMT
server: nginx
etag: "60af9aa2-71e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1822

GET
H2 200 rendered-1-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 7 KB
7 KB 234ms
190ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/rendered-1-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1358c5a770143cac5e8b1eae4dc5520838f58f01dd92e553806587a71502b4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:12:00 GMT
server: nginx
etag: "60af9aa0-1c2c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7212

GET
H2 200 cityscape-bg-1-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 8 KB
8 KB 236ms
191ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/cityscape-bg-1-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1201e9cbbd2703aa97869fccf1f29d413302096c724857945450653a2cfb62f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:12:09 GMT
server: nginx
etag: "60af9aa9-201c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8220

GET
H2 200 shutterstock_1145323883-80x60.jpg
blog.beyondsecurity.com/wp-content/uploads/ 2 KB
2 KB 236ms
192ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/shutterstock_1145323883-80x60.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcce9d279c9256f1469a57fd2e6a7e44c5e83669327073d61a32c6071f5ae106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:40 GMT
server: nginx
etag: "60af9a8c-6b9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1721

GET
H2 200 shutterstock_1060013681-80x60.jpg
blog.beyondsecurity.com/wp-content/uploads/ 2 KB
2 KB 236ms
192ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/shutterstock_1060013681-80x60.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2672dc0600b4d16d9f74a569432dc06ef45d6c421b6ae3d29fdff578c833e34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:41 GMT
server: nginx
etag: "60af9a8d-819"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2073

GET
H2 200 isometric_blue_vector_networks-80x60.png
blog.beyondsecurity.com/wp-content/uploads/ 7 KB
7 KB 335ms
291ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/isometric_blue_vector_networks-80x60.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 08a4bf038419fda3be1b02b1e488829dd855c70d46d8809964547a3c2bacb60f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Thu, 27 May 2021 13:11:39 GMT
server: nginx
etag: "60af9a8b-1c0c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7180

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame D454 319 KB
104 KB 17ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fblog.beyondsecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 59289
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 25 May 2022 10:16:54 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Sun, 15 May 2022 20:03:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67DF)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 v1.7-458 Show response
consent.trustarc.com/asset/notice.js/v/ 75 KB
24 KB 41ms
1ms Script
text/javascript 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-458

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

0e04f8170ba222625c05aef2e88adfae07ace87e4cf95c4370d0cbcab8046baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.beyondsecurity.com/
Origin: https://blog.beyondsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:55:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1278
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Wed, 27 Apr 2022 01:43:38 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
x-amz-cf-id: UUQEisScQRyC3zI-WnUahS_tWysYfkEPP8LYtXNPtufZSS7RDHQ4hA==
expires: Fri, 24 Jun 2022 09:55:36 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 19E6 7 KB
2 KB 19ms
11ms Document
text/html 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 601
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 25 May 2022 10:06:53 GMT
expires: Fri, 24 Jun 2022 10:06:53 GMT
pragma: public
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding Origin
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
x-amz-cf-id: l5AGr3sXJceY80AX_qRqIMHOPD-IRfxHpw8_ECYpYjVVffMVpxW7vw==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
441 B 110ms
49ms Image
image/gif 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&c=5c43

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:54 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43
x-amz-cf-id: W9e7KuU_EXsH2iMtGfDgu-N-oVHG4MS7jhLRGZGyDQ5ji3tdbwkXMg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 145ms
50ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 May 2022 10:55:08 GMT

GET
H2 200 vabs9hx29dzm.js Show response
js.driftt.com/include/1653474000000/ 230 KB
66 KB 497ms
218ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1653474000000/vabs9hx29dzm.js

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1c50edaeddd7ab7edd65f1afa7a6a50344444ba2dc30a3acaf4108dba45f9a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: moGcpK1.o51Pjwm_aZwe4n1P.xlCYfuH
content-encoding: gzip
etag: W/"8c1f4472b937a197ff43ca59aaa6ef40"
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:37:57 GMT
server: nginx
date: Wed, 25 May 2022 10:16:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kfWaxHJ3LWarvUZVSDvqaXJJtK1hXruQUAGWy44sOPnSX2EV860JHQ==

POST
H2 200 admin-ajax.php Show response
blog.beyondsecurity.com/wp-admin/ 1 B
332 B 709ms
673ms XHR
text/html 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.beyondsecurity.com/wp-admin/admin-ajax.php

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.190.196.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-powered-by: WP Engine
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://blog.beyondsecurity.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 1
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Black-Box-Fuzzer-Image-385x300.png
blog.beyondsecurity.com/wp-content/uploads/ 193 KB
194 KB 142ms
94ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/Black-Box-Fuzzer-Image-385x300.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3aceeefb780422ff1734ce050b3df2f16d15e68b079f636f51afac3c9043c467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Mon, 16 May 2022 16:06:59 GMT
server: nginx
etag: "628276a3-305f9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 198137

GET
H2 200 Zero-Day-blog-feature-image-385x300.jpg
blog.beyondsecurity.com/wp-content/uploads/ 12 KB
12 KB 146ms
97ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/Zero-Day-blog-feature-image-385x300.jpg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 698a87af01e0c08586e89a759b116e0f315693a8b88f2e5796c86a4b5b73712b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Wed, 15 Dec 2021 18:56:23 GMT
server: nginx
etag: "61ba3a57-30cc"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12492

GET
H2 200 be-secure-resolution-infographic-blog-1000x500-1-385x300.png
blog.beyondsecurity.com/wp-content/uploads/ 7 KB
8 KB 147ms
97ms Image
image/png 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/be-secure-resolution-infographic-blog-1000x500-1-385x300.png
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba185bcbee21b17673a97c23ed72b37fdd45920cfd11c6f8f7facc0133bc4f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Fri, 14 Jan 2022 15:01:41 GMT
server: nginx
etag: "61e19055-1d67"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7527

GET
H2 200 ebook_JPEG-bigger-02_300x250.jpeg
blog.beyondsecurity.com/wp-content/uploads/ 90 KB
90 KB 147ms
98ms Image
image/jpeg 104.196.190.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.beyondsecurity.com/wp-content/uploads/ebook_JPEG-bigger-02_300x250.jpeg
Requested by: Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.190.188 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.190.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87f1afbbe952bff2628984b34d0fab813ceeca45e477ee514a929718e35b8dcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
last-modified: Wed, 05 Feb 2020 11:36:25 GMT
server: nginx
etag: "5e3aa8b9-168a7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92327

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 56ms
55ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LWCJ3FM7ZS&gtm=2oe5n0&_p=298390731&_z=ccd.NNB&cid=148019777.1653473814&gdid=dZGIzZG&ul=en-us&sr=1600x1200&_s=1&sid=1653473813&sct=1&seg=0&dl=https%3A%2F%2Fblog.beyondsecurity.com%2Fautomated-threat-detection-nac-incident-response%2F&dt=How%20Automated%20Detection%20and%20Network%20Access%20Control%20Work%20Together%20to%20Improve%20Incident%20Response%20-%20Beyond%20Security%20Blog&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LWCJ3FM7ZS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.beyondsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7a321ecb93fde9f07226.js Show response
script.hotjar.com/ 243 KB
63 KB 92ms
4ms Script
application/javascript 108.157.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7a321ecb93fde9f07226.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2673551.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-45.dus51.r.cloudfront.net

Software

Resource Hash

ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81047
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63914
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 11:46:00 GMT
etag: "913be037dec49b596e1cf5ff932a2a6e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: X7aXYRCSJYNrSMGcMle1n_C4CWhevrfrWy0Mz4P7Yr3WtG6USUVH6A==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D454 278 B
461 B 201ms
111ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=14a106450f790dafe744106f2746f3794e9cb561

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fblog.beyondsecurity.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 117
date: Wed, 25 May 2022 10:16:54 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 10:16:54 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d139080f43ab6c616f91dc9c614e2c4648586fa6bfcd0adbddb8c061f97e9945
content-length: 179

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 32E2 5 KB
3 KB 141ms
0ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50606
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 24 May 2022 20:13:28 GMT
etag: W/"5147-1649735544000"
expect-ct: max-age=86400; enforce;
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-id: 75DiT5Dsy8vSZuhAmVUycfxI507emv-zxrc2lhT63ZRjP_LwU8h47w==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
539 B 71ms
30ms Image
image/gif 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.5724100563378869

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:54 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: aoB7dWezCtC9_A0yeSRV2DVmOWM7ANAysJ6cXHOwlvf8iB2zhe36Hg==
expires: Wed, 25 May 2022 11:16:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 63ms
55ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=298390731&t=pageview&_s=1&dl=https%3A%2F%2Fblog.beyondsecurity.com%2Fautomated-threat-detection-nac-incident-response%2F&ul=en-us&de=UTF-8&dt=How%20Automated%20Detection%20and%20Network%20Access%20Control%20Work%20Together%20to%20Improve%20Incident%20Response%20-%20Beyond%20Security%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=538758561&gjid=1426938232&cid=148019777.1653473814&tid=UA-240792-9&_gid=2087750413.1653473814&_r=1&gtm=2ou5n0&did=dZGIzZG&gdid=dZGIzZG&z=1115779714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.beyondsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.beyondsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
57ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=298390731&t=pageview&_s=1&dl=https%3A%2F%2Fblog.beyondsecurity.com%2Fautomated-threat-detection-nac-incident-response%2F&ul=en-us&de=UTF-8&dt=How%20Automated%20Detection%20and%20Network%20Access%20Control%20Work%20Together%20to%20Improve%20Incident%20Response%20-%20Beyond%20Security%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIhAAAAAC~&jid=776182643&gjid=941510283&cid=148019777.1653473814&tid=UA-240792-3&_gid=2087750413.1653473814&_r=1&gtm=2wg5n0WTGHXLC&z=33764060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.beyondsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.beyondsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 70ms
46ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=298390731&t=pageview&_s=2&dl=https%3A%2F%2Fblog.beyondsecurity.com%2Fautomated-threat-detection-nac-incident-response%2F&ul=en-us&de=UTF-8&dt=How%20Automated%20Detection%20and%20Network%20Access%20Control%20Work%20Together%20to%20Improve%20Incident%20Response%20-%20Beyond%20Security%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=&gjid=&cid=148019777.1653473814&tid=UA-240792-9&_gid=2087750413.1653473814&gtm=2ou5n0&did=dZGIzZG&gdid=dZGIzZG&z=418314434

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 16:56:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62405
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame 5D8C 2 KB
1 KB 98ms
0ms Document
text/html 108.157.4.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2673551.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-7.dus51.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3626869
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-id: F2bTUpE57vurNHQ5-fbwVJo2bXFOJFtuHOQIYneYx9TsyY8jcefFMw==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 32E2 5 KB
3 KB 63ms
20ms Script
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7b7c7b8c8a0e5cc06e2fac340ca7478fdb2278a73c8412c1e4654318c3a82300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:42 GMT
server: nginx
etag: W/"4867-1649735562000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: EQhXHr3r42L__Kk9jaOHlp3KDCXS669vrQrrSYEGhfRXMl0U8rR26A==
expires: Wed, 25 May 2022 10:16:54 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 32E2 20 KB
5 KB 120ms
0ms Script
text/javascript 13.32.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-63.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Fri, 20 May 2022 01:22:36 GMT
content-encoding: gzip
server: nginx
age: 464059
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
x-amz-cf-id: -40tu_hD75Uzvj8zg9Q5wWmRTGc3EyePHmg6wMftqtdUpCLOTHpdgg==
expires: Sun, 19 Jun 2022 01:22:36 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 32E2 3 KB
3 KB 47ms
0ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:27:10 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 32880
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
server: nginx
etag: W/"2608-1649735544000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: pugH0IFMv8JpKd3QlURRQv7G8XyugNf5aLRNUrIPBkb9bQkZvGo1RA==

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 37ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:16:55 GMT
Content-Encoding: gzip
Age: 59291
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (frb/6794)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 61ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:16:55 GMT
Content-Encoding: gzip
Age: 59289
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (frb/6772)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 117ms
6ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-240792-3&cid=148019777.1653473814&jid=776182643&gjid=941510283&_gid=2087750413.1653473814&_u=aGDAAUIhAAAAAC~&z=1671358955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.beyondsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 10:16:55 GMT
content-type: text/plain
access-control-allow-origin: https://blog.beyondsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 06883E9FC15D07407A218826B8D86A5B.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 85B7 139 KB
46 KB 47ms
0ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

94fa73fa4e7013e0328a5db6af226312344947163e81222b67eb8f2ce00f0850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2451179
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 27 Apr 2022 01:23:56 GMT
etag: W/"142492-1649735562000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 12 Apr 2022 03:52:42 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-id: CBIikj5PjyNwZl5_53f-QEG20zYjWjjG0yhbFg1Bp0TGBUhpx9bdhg==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2673551/ 147 B
322 B 163ms
22ms XHR
application/json 52.49.107.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2673551/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7a321ecb93fde9f07226.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.107.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-107-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer: https://blog.beyondsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 214ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-240792-3&cid=148019777.1653473814&jid=776182643&_u=aGDAAUIhAAAAAC~&z=1479604743

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 212ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-240792-3&cid=148019777.1653473814&jid=776182643&_u=aGDAAUIhAAAAAC~&z=1479604743

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:16:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 166 KB
12 KB 375ms
227ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_beyondsecurity_old&dnt=true&domain=blog.beyondsecurity.com&lang=en&screen_name=beyondsecurity&suppress_response_codes=true&t=1837193&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

b806200e7d40f646496b67a28435138758ba2c6de348e3e2e8281fc95a79e178

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=234
content-length: 12054
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 219
last-modified: Wed, 25 May 2022 10:16:55 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ", VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: ddf8bded861b38ee5b7238e7f861fc6d733fbb0b5d2900b0281482d3cc419fd3
timing-allow-origin: *
x-transaction: 2e7cd72047f91673
expires: Wed, 25 May 2022 10:21:55 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 32E2 969 B
1 KB 48ms
21ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 06883E9FC15D07407A218826B8D86A5B
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 462
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: s6lnSy4ffEQ0vqvkJt5TOqm_eAARJ1JeSxakvSjhuNB3BJRDBqiweg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 32E2 48 B
623 B 49ms
22ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a0ce140786488b89f1ee64863326618fe230da441a07cc5c8ea9a4d7d8cfafaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 06883E9FC15D07407A218826B8D86A5B
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: RDGWf0t3VUwZxIH5J6Fqkwuwil1EaFHgIV-qsFSy7kgja9iVPLCSpw==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 32E2 28 KB
7 KB 70ms
25ms Stylesheet
text/css 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
x-cache: RefreshHit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
server: nginx
etag: W/"28907-1649735544000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: m_nFUiQirGeqoo137axXoKw4VK_oNYDNs6dQ-PHmXDG48WtZUu6Z_w==
expires: Wed, 25 May 2022 10:16:54 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/ Frame 32E2 253 KB
87 KB 45ms
0ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f8bed0b716d96bff511f072717e6d3c3afc4576a4f7b89d9986c4ce3bcc964b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 01:23:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2451179
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:42 GMT
server: nginx
etag: W/"258671-1649735562000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: yKZQR4zJguBMXcBTWr9GrKh-fOiNZYKRwMaeSsNwx4dUizPN7WPl-w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/ Frame 32E2 19 KB
8 KB 35ms
0ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a593c2c62ad61742a4487de65fb5c37efc32fc8ed64544c2e9e416a8a5099bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 01:23:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2451179
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:42 GMT
server: nginx
etag: W/"19685-1649735562000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: PXPZuh60G2MUTWM5OgMc3FBPd-OYbdbRpeacytW1N0lVqaG8epipVA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame 960B 5 KB
2 KB 510ms
86ms Document
text/html 52.202.36.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.36.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-36-143.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 10:16:56 GMT
etag: W/"5014-1653297250000"
expect-ct: max-age=31536000
last-modified: Mon, 23 May 2022 09:14:10 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 32E2 718 B
892 B 52ms
20ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

94899d8c0b4377abe765a34012c015437200f684f96360ea798ed6a8b48e9c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 06883E9FC15D07407A218826B8D86A5B
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 300
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: bfKtgynKigTiwldx0tlwMF5OmZIZDRiifhU4XO7UUBiT6BF05NMSjg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 32E2 24 KB
7 KB 55ms
23ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

81ddd86005934f8391dbe682a44f228b7a5df552d61719e5c5cfca1a27c4b3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 06883E9FC15D07407A218826B8D86A5B
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 25 May 2022 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6478
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 4L5RLRA_tKRBCsl6FuzJjeOOsNIFcpuVlGn28oupreSsjaTQZQ9oMQ==

GET
H2 200 r2cvY5Gp
pbs.twimg.com/card_img/1527249808041590784/ Frame 98AF 79 KB
79 KB 40ms
8ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527249808041590784/r2cvY5Gp?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1e4a56c1b42016de72bb3d8e8319cae2d3a2b9b06c8be0e06515152161b10b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 11:26:23 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 80702
x-served-by: cache-lhr7351-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 dxTsaUaM
pbs.twimg.com/card_img/1529138751477149696/ Frame 98AF 52 KB
53 KB 56ms
24ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1529138751477149696/dxTsaUaM?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6db419d9010408a7b6d1303a78d65889990ad701e5ae68f615818f52d7fbb52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 24 May 2022 16:32:23 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 53757
x-served-by: cache-lhr7332-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 PO3TB8Aa
pbs.twimg.com/card_img/1528094227233529856/ Frame 98AF 23 KB
23 KB 55ms
24ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1528094227233529856/PO3TB8Aa?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0378955f4c38eea3ba700af4f7361b367e64339457eee61a0c7bd7c6aad96c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 19:21:49 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 23698
x-served-by: cache-lhr7358-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 _OUy8kRt
pbs.twimg.com/card_img/1527487038127218691/ Frame 98AF 49 KB
49 KB 55ms
24ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527487038127218691/_OUy8kRt?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069eb4cab992d40912af91c67c12417132f1b1a523d0d308835fd6f18767d2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 03:09:03 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 49772
x-served-by: cache-lhr6622-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 EvmHm9bd
pbs.twimg.com/card_img/1527389587919646720/ Frame 98AF 28 KB
28 KB 54ms
23ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527389587919646720/EvmHm9bd?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

304c882530527e0c90ab41a305b3d25227d6c182c761c25f24243ce9fee1b581

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:41:49 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 28198
x-served-by: cache-lhr6621-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 xnzCP9xm
pbs.twimg.com/card_img/1527075680516702210/ Frame 98AF 28 KB
28 KB 40ms
9ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527075680516702210/xnzCP9xm?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e1982f83b316e252bac246bea0241d6874141eaa4b87bd1361ba63794e20c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 18 May 2022 23:54:28 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 28187
x-served-by: cache-lhr7322-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 mpIDzIok
pbs.twimg.com/card_img/1526932519656083458/ Frame 98AF 32 KB
32 KB 15ms
13ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1526932519656083458/mpIDzIok?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a3f84fb5594211d626a0acd0f836014c5da99836c008b7196df369fb9d84e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 18 May 2022 14:25:36 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 33067
x-served-by: cache-lhr6627-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 1QojABlS
pbs.twimg.com/card_img/1527855530118553600/ Frame 98AF 40 KB
41 KB 16ms
14ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527855530118553600/1QojABlS?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e817416d931df61a85d3243a8a0e946a20459d0867dc5259bf63cdadb9a9cc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 03:33:19 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 41381
x-served-by: cache-lhr7325-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 98AF 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:16:56 GMT
Content-Encoding: gzip
Age: 59292
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 9ms
8ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:16:56 GMT
Content-Encoding: gzip
Age: 59292
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (frb/6796)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 32E2 4 KB
5 KB 9ms
9ms Image
image/png 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:38:52 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56285
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
server: nginx
etag: W/"4197-1649735544000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: hQOTjEHW22wWwlzE7C50GIkqGNqi16_cuKRCgiQizuWcBbc1lKK-9w==

GET
H2 200 9PYaRmbY_normal.jpg
pbs.twimg.com/profile_images/1407072801538912266/ Frame 98AF 2 KB
2 KB 29ms
27ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1407072801538912266/9PYaRmbY_normal.jpg

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a6255bcb2dcca47a50c5e8d6ca94f9813bfc4d523abb213b5f4ebf9436b1a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 20:25:52 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 1883
x-served-by: cache-lhr7372-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 nmBv6xEn_normal.jpg
pbs.twimg.com/profile_images/892756154551382021/ Frame 98AF 2 KB
2 KB 30ms
28ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/892756154551382021/nmBv6xEn_normal.jpg

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ec003f045b916d64deb5c283dc4c3336f860b3f0b83e0e01f5190633b50b9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 02 Aug 2017 14:35:08 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 2035
x-served-by: cache-lhr7375-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 hCJBvw0U_normal.png
pbs.twimg.com/profile_images/1361601105201881088/ Frame 98AF 1 KB
1 KB 14ms
12ms Image
image/png 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1361601105201881088/hCJBvw0U_normal.png

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

070f259282e1fb1710d4e85937e7668c8a5d8de118d574f5a94798edcac4143d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 08:57:35 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 1123
x-served-by: cache-lhr7345-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 FDcw4kDWYAQ5HWF
pbs.twimg.com/media/ Frame 98AF 18 KB
18 KB 18ms
16ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FDcw4kDWYAQ5HWF?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c96f5a75d02296c62daf90b28f3976d6f2f556bbdcb41a7a7a893c2e1c68d5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 18:14:00 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 18433
x-served-by: cache-lhr7351-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 FCtSPv2X0AMdIKO
pbs.twimg.com/media/ Frame 98AF 8 KB
8 KB 32ms
30ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FCtSPv2X0AMdIKO?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70f886dd3a8da7f4ab9b9fc6d1cb8699dedd6e9d6ad6543f236456187d9d19b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 27 Oct 2021 12:57:59 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 8245
x-served-by: cache-lhr7383-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 FCEIWdOXoAUMuWv
pbs.twimg.com/media/ Frame 98AF 7 KB
7 KB 88ms
87ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FCEIWdOXoAUMuWv?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04142dc4e0b099480470fb8da82ba6ce903c9399ace74a55b5ee940b30a0e1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 13:10:19 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 7538
x-served-by: cache-lhr7326-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 FAUBZeYXEAQgz8P
pbs.twimg.com/media/ Frame 98AF 6 KB
6 KB 18ms
16ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FAUBZeYXEAQgz8P?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6607d02af3291dfe071444b56320e2239b678dec90ddf4aee8f0450d47f4ce0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 18:42:29 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 6074
x-served-by: cache-lhr7354-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E_LCCX1XIAUO_BQ
pbs.twimg.com/media/ Frame 98AF 9 KB
9 KB 30ms
28ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E_LCCX1XIAUO_BQ?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0813502a9c92d24844e9d354063c0273e29be56b08d61e95a123ab1ce6e06ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 14:32:59 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 8967
x-served-by: cache-lhr7365-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E-ttOZMX0Acs0Lx
pbs.twimg.com/media/ Frame 98AF 4 KB
4 KB 30ms
28ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E-ttOZMX0Acs0Lx?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2fae1f10073bf95ef8bce18ce0dd6aa61f78e75ba175a9306df4b1fb2f9bd6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 21:53:04 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 3669
x-served-by: cache-lhr7335-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E5UKN9bWUAAbNdR
pbs.twimg.com/media/ Frame 98AF 12 KB
12 KB 18ms
16ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E5UKN9bWUAAbNdR?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fa9ab8d5957edc00c44b46ed87ff37464f1eed288c036c23c313e4d3a586738

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 02 Jul 2021 19:31:08 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 12295
x-served-by: cache-lhr6620-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E1CLibtXsAsLYuV
pbs.twimg.com/media/ Frame 98AF 11 KB
11 KB 29ms
28ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E1CLibtXsAsLYuV?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c1f8c79e97a1e952d53bb8d639214e95a6c61a77a6357c17d73371404dbb8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 14:40:57 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 11165
x-served-by: cache-lhr7368-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E0OzrH-XMAAfNqE
pbs.twimg.com/media/ Frame 98AF 9 KB
10 KB 30ms
29ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0OzrH-XMAAfNqE?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95652de29b804ad490f51933347ab7cbaf2261599aa97dc07780cd9a9a57877f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 15:16:03 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 9663
x-served-by: cache-lhr7342-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E0dhoBEXIBATIlk
pbs.twimg.com/media/ Frame 98AF 11 KB
11 KB 32ms
30ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0dhoBEXIBATIlk?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c2b93c19d90bc779984c5055c157792e3b1a937c3a6deb55c09d4a26e70f664

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:51:30 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 11165
x-served-by: cache-lhr6623-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E0cvJ-2WUAAt6KK
pbs.twimg.com/tweet_video_thumb/ Frame 98AF 7 KB
7 KB 31ms
30ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/E0cvJ-2WUAAt6KK?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d98d92f320aedc51051a22a08e7a70ca9d4936d77572907bc9c5ca9cf321d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 08:11:00 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 7106
x-served-by: cache-lhr7373-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 E0ZG2egXMAMM2RW
pbs.twimg.com/media/ Frame 98AF 10 KB
10 KB 33ms
31ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0ZG2egXMAMM2RW?format=jpg&name=240x240

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e44471224c71eeb0f4a2508088b7a6cacdde560d98029fbd2fbfe638d798d69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sun, 02 May 2021 15:16:02 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 10277
x-served-by: cache-lhr6627-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 98AF 44 KB
7 KB 45ms
11ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514115
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: c7239bedce82cc36994fbd24d265ff381a6fecb3ea51c183902271f7f0cde0fc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 01 Jun 2022 10:16:56 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 45ms
12ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514115
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: c7239bedce82cc36994fbd24d265ff381a6fecb3ea51c183902271f7f0cde0fc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 01 Jun 2022 10:16:56 GMT

GET
DATA 200
OK truncated
/ Frame 98AF 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 98AF 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 98AF 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 98AF 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 98AF 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 98AF 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 r2cvY5Gp
pbs.twimg.com/card_img/1527249808041590784/ Frame 98AF 79 KB
79 KB 47ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527249808041590784/r2cvY5Gp?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1e4a56c1b42016de72bb3d8e8319cae2d3a2b9b06c8be0e06515152161b10b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 11:26:23 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 80702
x-served-by: cache-lhr7351-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 dxTsaUaM
pbs.twimg.com/card_img/1529138751477149696/ Frame 98AF 52 KB
53 KB 46ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1529138751477149696/dxTsaUaM?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6db419d9010408a7b6d1303a78d65889990ad701e5ae68f615818f52d7fbb52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Tue, 24 May 2022 16:32:23 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 53757
x-served-by: cache-lhr7332-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 PO3TB8Aa
pbs.twimg.com/card_img/1528094227233529856/ Frame 98AF 23 KB
23 KB 45ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1528094227233529856/PO3TB8Aa?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0378955f4c38eea3ba700af4f7361b367e64339457eee61a0c7bd7c6aad96c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 19:21:49 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 23698
x-served-by: cache-lhr7358-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 _OUy8kRt
pbs.twimg.com/card_img/1527487038127218691/ Frame 98AF 49 KB
49 KB 47ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527487038127218691/_OUy8kRt?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069eb4cab992d40912af91c67c12417132f1b1a523d0d308835fd6f18767d2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Fri, 20 May 2022 03:09:03 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 49772
x-served-by: cache-lhr6622-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 EvmHm9bd
pbs.twimg.com/card_img/1527389587919646720/ Frame 98AF 28 KB
28 KB 46ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527389587919646720/EvmHm9bd?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

304c882530527e0c90ab41a305b3d25227d6c182c761c25f24243ce9fee1b581

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:41:49 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 28198
x-served-by: cache-lhr6621-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 xnzCP9xm
pbs.twimg.com/card_img/1527075680516702210/ Frame 98AF 28 KB
28 KB 48ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527075680516702210/xnzCP9xm?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e1982f83b316e252bac246bea0241d6874141eaa4b87bd1361ba63794e20c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 18 May 2022 23:54:28 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: MISS, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 28187
x-served-by: cache-lhr7322-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 mpIDzIok
pbs.twimg.com/card_img/1526932519656083458/ Frame 98AF 32 KB
32 KB 40ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1526932519656083458/mpIDzIok?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a3f84fb5594211d626a0acd0f836014c5da99836c008b7196df369fb9d84e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 18 May 2022 14:25:36 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 33067
x-served-by: cache-lhr6627-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 1QojABlS
pbs.twimg.com/card_img/1527855530118553600/ Frame 98AF 40 KB
41 KB 56ms
0ms Image
image/jpeg 199.232.136.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1527855530118553600/1QojABlS?format=jpg&name=600x314

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e817416d931df61a85d3243a8a0e946a20459d0867dc5259bf63cdadb9a9cc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 03:33:19 GMT
date: Wed, 25 May 2022 10:16:56 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 41381
x-served-by: cache-lhr7325-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 165ms
113ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fblog.beyondsecurity.com%2Fautomated-threat-detection-nac-incident-response%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_creator_screen_name%22%3A%22https%3A%2F%2Ftwitter.com%2Fbeyondsecurity%22%2C%22widget_data_source%22%3A%22profile%3Abeyondsecurity%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653473816362%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=14a106450f790dafe744106f2746f3794e9cb561

Requested by

Host: blog.beyondsecurity.com
URL: https://blog.beyondsecurity.com/automated-threat-detection-nac-incident-response/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.beyondsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Wed, 25 May 2022 10:16:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d139080f43ab6c616f91dc9c614e2c4648586fa6bfcd0adbddb8c061f97e9945
x-transaction: ecb6995bd557439f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 768C 2 KB
1 KB 235ms
188ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653474000000/vabs9hx29dzm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 10:16:56 GMT
etag: W/"c5cc57446c6edb7be259f5a4ab764fe9"
last-modified: Tue, 24 May 2022 18:37:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-id: -omgxwP18JxwzDsEY4yPEFMECV39DHQJu1Tnkxb3bYZKcbOVkQzV0Q==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: S6c.gJrO9DnuwacTy8e5ygVGr5qL0FQc
x-cache: RefreshHit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 5D94 2 KB
1 KB 411ms
365ms Document
text/html 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1653474000000/vabs9hx29dzm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blog.beyondsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 10:16:56 GMT
etag: W/"c5cc57446c6edb7be259f5a4ab764fe9"
last-modified: Tue, 24 May 2022 18:37:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-id: XdDjWNR1Xrx3yXrHODC8KrlJkUf5cFNMTV7m6EisItojpIJU_wdf8A==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: S6c.gJrO9DnuwacTy8e5ygVGr5qL0FQc
x-cache: RefreshHit from cloudfront

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/ Frame 32E2 7 KB
4 KB 40ms
0ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/06883E9FC15D07407A218826B8D86A5B/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c4de9175d5380ff78bd9d531e54e6b1e9973e2dedd16a7f5a7328e58476334bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 01:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2451179
x-cache: Hit from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:42 GMT
server: nginx
etag: W/"7220-1649735562000"
expect-ct: max-age=86400; enforce;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: TuEMFzk5LT65jXlQOnIk3vxCZz9XHISAAVoiuMEO5EzWC6JIWIIDxg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame 32E2 9 KB
9 KB 40ms
0ms Image
image/svg+xml 108.157.4.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=hslogo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-116.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

81837bb647b79c1e159b440fd593ab3f081fda2e018ca5b7b3a537b28fc3bd3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 25 May 2022 10:15:43 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
server: nginx
age: 73
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 9071
x-amz-cf-id: jL23I7mOUFZuXStklXIW-xsU168XIBi-oX7HsvB-1gqmvFt-9H0dHQ==
expires: Fri, 24 Jun 2022 10:15:43 GMT

GET
H2 200 runtime~main.56de3028.js Show response
js.driftt.com/core/assets/js/ Frame 768C 6 KB
3 KB 99ms
88ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:39 GMT
content-encoding: gzip
age: 56357
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:20 GMT
server: nginx
etag: W/"c9f879fed0dfb2c4aa2179531702d502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oP.rHtSPpLjoOFTGdvIM9rDFSYBUJPCT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o2zrAhST56-YNs7LfVFuVWuvUQ7m3cSrQYmP3HvmwZwswh1vZba1sg==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 58 KB
20 KB 111ms
91ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2800412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1DcXxXeOfu6Z3lurwW4ZlFhwUupXwz1NiwiSUFswx0pWL1GtUbY8NA==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 6 KB
3 KB 114ms
94ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H5CteYY36TlEBKrRZ86sgDYF_XeLn33EZqbvLOJIXbJDfsrvlY24AQ==

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 0A73 2 KB
1 KB 31ms
0ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https://www.helpsystems.com/privacy-policy&cookieLink=https://www.helpsystems.com/cookie-policy&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75241
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 24 May 2022 13:22:55 GMT
etag: W/"2008-1649735544000"
expect-ct: max-age=86400; enforce;
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-id: H_gptwhh45OMjRDbNDSr6g7n45jIlBzmB_PP1aXonDYcgSceVDxpEg==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 47 KB
14 KB 132ms
87ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3842843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b-XNxAkmO9CQgrjrn1_4UglWOIdBI9euRd1jB4_0W_qd9HPfJ-GAZg==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 44 KB
13 KB 136ms
90ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2547691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qOdHCA406PW6HcGm8jqfn1kUpI-vwps3Rz7emOcBkJ_C_UHDqssH6Q==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 25 KB
8 KB 141ms
94ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FvSxSxk3dMajujTae5xHE5b3KskYo_DI
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6vByvc8hpRUxT4L1ASrS_2oPmb2pzEUT_ULOd9K728N_CqGK9PnevA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 16 KB
5 KB 144ms
97ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vwxCWEwo7RovQ3UAyZecb5O_E62HpsfMwGAkjKuMnicGYEPWZjlEMg==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 72 KB
22 KB 152ms
106ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4349403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hkSymoAhkGUzOhJKXWiIo9vnjD61mYG3DGY4SXEUyOXC2j24hBpG4w==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 16 KB
6 KB 158ms
112ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:28 GMT
content-encoding: gzip
age: 1241969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3ma7YjTnicgcTIV2PS9EoPnP6QCkvEd
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g8mM0IAESe_V8MGFxSC0ZOXYXpBQahKuVpXhJBYFz5q9OtDG_YmxkA==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 59 KB
19 KB 207ms
161ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 1970267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6rC0nBd4b0JZtmBMJXfHrN5G-8oyr2RrIqkgteJRAfe2IVABq0iIZg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 91 KB
28 KB 215ms
169ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5019171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gucNKmRClZYyU95pkhFHngK3KLAdEH0isaUDp-pnTwzB8KTt66Vi3Q==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 23 KB
7 KB 223ms
177ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1095641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cX8dZW233oQzGvrBdPV5Sm6845A6td6FGgq13y2K4RV3A8r6vzrO4Q==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 62 KB
20 KB 230ms
184ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12162196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lYPIgHcL3bC5PQkklEgLob0hrLvLm8nuFAMPVQsmiflgUO_4Pq70ZA==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 105 KB
34 KB 237ms
191ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3842843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J271KuPzzpT8ghDITrXdku-0oWTGY3NYU-KLhHWq6Kx8mSrbsKd-HQ==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 12 KB
4 KB 244ms
198ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: muy.29k3ZOCYL.f1.WJ4kYW4R838qdz9
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nksQ-bH0tC1CtSZdi4OuPCvuHUrhkqGJgiNfl3W8Hw4usNIxbOOxCw==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 12 KB
5 KB 245ms
199ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 1241968
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GYfIY61BFBvkIYT9g1cm33KBxDw2-46dp7rJr0aQiK8w2QqTs2WrOA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 17 KB
7 KB 247ms
202ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v1zpTNosdAeFMiFDu3iYGsF0q8UT9nekM0RldfIWWrARpjcTb2vEZQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 768C 11 KB
3 KB 128ms
82ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5019171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WGtg4hUjsASkTJkZPY5UecFXsORQPbqwsvDrjA8-Zpg9zG07q0IfCw==

GET
H2 200 8.8e3b3a7f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 71 KB
22 KB 251ms
206ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.8e3b3a7f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:07 GMT
server: nginx
etag: W/"45dc590878796b9b88476ebcc9b9d3b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmX6mBr67Bd69RMnY4ee.6RCkJcoZI8v
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aB_qynp0G40kBPz1OWVvTd1d7eomUHcZX1df3OaSzMDjX4qLVXsUyA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 768C 24 B
666 B 128ms
83ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age: 12162196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5Bys0-ytzvTcrQAHX8j0D8pQvKajsxrEdjN1gsPr36AP8f7JRAAkag==

GET
H2 200 15.b05dc660.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 78 KB
20 KB 257ms
212ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b05dc660.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"a58ddbf68856497e42c8020066e03bae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LENnMtbvszMAu5pFIofHC0pAI3btFnLS
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VVOo_io2BvW3UrqcJ5ePaxUSIWnLlpsWDklHOhYaP7IugEu7ndImAQ==

GET
H2 200 22.60abd8a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 47 KB
13 KB 262ms
217ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.60abd8a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"285512dbd5a26d7c7928dbb0c2be7b44"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5LiOvAGy9icMMpwC4P8ASiCnJMXQGSFn
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HF60KRPWqVy8IhbN-tLMFKH3T9J_ya4bjk9q9tDhSY8xsosF465V8A==

GET
H2 200 13.243fc5bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 40 KB
13 KB 302ms
256ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.243fc5bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:40 GMT
content-encoding: gzip
age: 56357
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:17 GMT
server: nginx
etag: W/"9b71f6ea4adab29da59549f4ecfc67ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: arck4mGVURGvcibtQLCrC4zg7336hS_N
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4_i7OWRFJIHKb9rJIjwuur2abUoC7lThGLmXNClSe8Gv4bNWnXG0Hg==

GET
H2 200 runtime~main.56de3028.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 6 KB
3 KB 246ms
205ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:39 GMT
content-encoding: gzip
age: 56358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:20 GMT
server: nginx
etag: W/"c9f879fed0dfb2c4aa2179531702d502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: oP.rHtSPpLjoOFTGdvIM9rDFSYBUJPCT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1DWJfU00OWWEx0yv7gVm2zGonVgTLLn_9dpnNWhgAp4UTVA67oX6TQ==

GET
H2 200 5.b4ccdd57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 58 KB
20 KB 247ms
205ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:23:24 GMT
content-encoding: gzip
age: 2800413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"bf2b7dc96b40587d388df8918a276f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: maOqxpaNnzt0tyNj0PV8pU.OmUMXI5V_
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WL8AJ2U6OkLbV8dGP8o1cWYidIVY6XOLXTrq078vywK_9cjMWfHV2A==

GET
H2 200 main~493df0b3.e4b52ccf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 6 KB
3 KB 255ms
214ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e4b52ccf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:08 GMT
server: nginx
etag: W/"69362f73a04491df20548a6acabbd746"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2zxmXJCeUVcrAdxDs6oDiJa7iJ7fH8N.
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LdlEkzj0vLYmuYe0NU4-56wZJJwjeYk2Dmksqp8xv0LHKitcSAUdxQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 32E2 4 KB
5 KB 44ms
5ms Image
image/png 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/06883E9FC15D07407A218826B8D86A5B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystemstest&site=helpsystems.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.helpsystems.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.helpsystems.com%2Fcookie-policy&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:38:52 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56286
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 03:52:24 GMT
server: nginx
etag: W/"4197-1649735544000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: XB8m2wtpTdbVf1WQYg812wibwJmx5jUh5nVBGot0R5j_d3diypEkDg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 9 KB
3 KB 129ms
81ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 1241963
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5xump3usEjfMNbbCNdkHy8i3OxsR5Ur7fJZm2Xya2t1n3DCAviKcCA==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 33 KB
10 KB 133ms
85ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 4363471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3-MxfXxx1Alzm39yMRgT1DMPQygu7VcTP5rxG9C0gtIltm1vrWIyXw==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 768C 8 KB
2 KB 129ms
82ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:03:47 GMT
content-encoding: gzip
age: 1969990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04aQHx2ofXtXe_tgJCUmZiRKP7xQdJel
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -x3duKj8oVcVS5LQyBSOqt9rQUI3IpIlrNrAJ_iYPN3a-aryasVkng==

GET
H2 200 25.17da01e8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 12 KB
5 KB 134ms
87ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.17da01e8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:13:20 GMT
content-encoding: gzip
age: 1782217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 18:28:30 GMT
server: nginx
etag: W/"d395884071f100b30a64f9bd39a2f10f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04iRp8gDacN_nR2237idSokHftX5jSZO
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h6V9BH8KoXwUKyNDWDIq6nYNPVSBlEmYwCPoSDle0aTAT0RCnG59cw==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 768C 365 B
1009 B 129ms
82ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QxQ-Tf8vgM4rwzt-5JQOlT9AsVAWLIy3IpNIJ4HonPo41nxBQkCULQ==

GET
H2 200 17.0057716c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 768C 86 KB
24 KB 138ms
91ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.0057716c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

466e779f85a3564bff7af2474f05fb2b70e2535805e3f707c7d521c24fbad241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=3fe66a5e-d1aa-4480-8a9c-e84882369e3f&sessionStarted=1653473816.586&campaignRefreshToken=3fd66a95-f901-4a54-9d59-da415bd484e0&hideController=false&pageLoadStartTime=1653473812875&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:58:21 GMT
content-encoding: gzip
age: 411516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 15:32:34 GMT
server: nginx
etag: W/"7f01e823ee3c09f0ede254bc3383b747"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ag_VnHQVWHWsdFwJ39hYWanc.pHSCCnB
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T6Bn3TgW7282kUi-vvHbT-PlkleHfALXsFOR6XNMQ1JR7WwyNPPcDQ==

GET
H2 200 44.36014458.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 47 KB
14 KB 122ms
84ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3842843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"f3141bda9ba639e2d01218d7e7cd8311"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B5nQx62kfGixFNs6i7158XuE6Q0q4UA8
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 27vX6a5HF8XThbRdIzWSRqt2MgMmI3vEob-lNWhm4MSm3mwfVSoTsg==

GET
H2 200 19.c2c4ec2d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 44 KB
13 KB 131ms
96ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.c2c4ec2d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:35:26 GMT
content-encoding: gzip
age: 2547691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 25 Apr 2022 20:45:35 GMT
server: nginx
etag: W/"ca27a219f5babe50f6eb7c982fa61d4a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GP6AWJ95Oeeek71gysVMlYSExP067DB1
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zNsyFisgzWLrX956nD_BAE_RfbZB9WDelFN1cgSzSAz4BRQFIN61qA==

GET
H2 200 37.dc112dfd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 25 KB
8 KB 203ms
168ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"391f6f28819c5b154653979d5154c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FvSxSxk3dMajujTae5xHE5b3KskYo_DI
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TP3Cl4CaJqbKr46vhG9Mv01FPWVdbmmkclwoRlRRJ4zJTIpWuY2AWA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 16 KB
5 KB 203ms
168ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4XxmCuvQm5Ht1ipmRvE79xKmg8NLDLcvqEmHUZ-1BYQEwg7o3gzMDw==

GET
H2 200 21.8ac5d777.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 72 KB
22 KB 204ms
170ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:06:54 GMT
content-encoding: gzip
age: 4349403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ilpiiyhlyh6s3iuNf.37uZlW5ugPpx91
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sTx2cCLtZSyACVkbdLIr4tWzwD9WvbA_wtlFoft7Aa2wBOyrfRfSpQ==

GET
H2 200 34.801d3c89.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 16 KB
6 KB 207ms
172ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:28 GMT
content-encoding: gzip
age: 1241969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fa218b0849860dbc5ceda153316c9c38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: H3ma7YjTnicgcTIV2PS9EoPnP6QCkvEd
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OLaxiRLcwbtsmTRTTfHhz9os00P9h5Xp1k5tnZ7Zw_OC83IbsDHPEg==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 59 KB
19 KB 211ms
176ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 1970267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qzm1dv2QrIckBITGJYIzn9WDW8oZSYV_DUQ8HAMMn-kZW8OgQ_FuSw==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 91 KB
28 KB 216ms
181ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5019171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U7qrEak7nSx8YEPRk3_A4Oc595zBfjXGWX5JfgQ6LtrfS8KsV9ocNQ==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 23 KB
7 KB 220ms
186ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 1095641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OE5_FltP2s_OUBHAGjTFwOr280iPqlLpGDWlHBq2pdbWxDx11L5gmQ==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 62 KB
20 KB 225ms
191ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 12162196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LFLNqP3eHkqutduE3lgLUWrxyLRrGtcjBqBSo30y25cg1WBxMJSbgA==

GET
H2 200 42.85bf5aa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 105 KB
34 KB 229ms
195ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 22:49:34 GMT
content-encoding: gzip
age: 3842843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 08 Apr 2022 15:57:16 GMT
server: nginx
etag: W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mxBFWZx1wZ1xN.1nj_wZKtLvuDeu4lk_
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aEJ2NJQ30KoD9YMBtM7kvEHskD55z5TG4yG5kIaT1PDTVtDPt7XSbg==

GET
H2 200 35.0810b4b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 12 KB
4 KB 234ms
200ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 2800362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:56 GMT
server: nginx
etag: W/"4a61646db5420cc31cb60b9287d9f544"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: muy.29k3ZOCYL.f1.WJ4kYW4R838qdz9
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _d1S7LRXHVvWDR7hQVoU3nsGJxALQIGXheUVFzJB42tozNdZjRydNg==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 12 KB
5 KB 236ms
201ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 1241968
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTCpTi2bpnlfbS3VrZCn22V7Gj7mGzLks10sLHk3MAeXXpyfEnFDTA==

GET
H2 200 18.3ca2a055.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 17 KB
7 KB 240ms
206ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.3ca2a055.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"4cfccba39f0ab35f70bc772f1d0eb4c2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AOsH7T1Yo.NhD3RTtLUBAEdTLdlQFzkv
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O-gQ9hzaAfMLV6BGEH31SDvMbhNBZplcN4XOpmKJpAXo2utgms16xQ==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 11 KB
3 KB 117ms
83ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 5019171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lM70AAO1T1Zx4vxQ6aJpu85N6tfOSkJnDu9K-5_fgWXUCy7IXbWSzg==

GET
H2 200 8.8e3b3a7f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 71 KB
22 KB 244ms
210ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.8e3b3a7f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:07 GMT
server: nginx
etag: W/"45dc590878796b9b88476ebcc9b9d3b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: OmX6mBr67Bd69RMnY4ee.6RCkJcoZI8v
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iLlwY8oHaEgFiajEEtvk1roPko4nRpvc5ROtTS3ZHZF8XddJ89ZfmA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 24 B
667 B 117ms
84ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
age: 12162196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gH1rAGCAGq3KIiOgceDJ0YeTqRNCZRUhtAsCYsYLGRI095SGlRtdxA==

GET
H2 200 15.b05dc660.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 78 KB
20 KB 246ms
213ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.b05dc660.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"a58ddbf68856497e42c8020066e03bae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LENnMtbvszMAu5pFIofHC0pAI3btFnLS
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LWxE-YKA-h9f92_x5nG56jj9RoSMYjXnKfyW61qcGN2gzA1ZtAD2lA==

GET
H2 200 22.60abd8a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 47 KB
13 KB 251ms
217ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.60abd8a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"285512dbd5a26d7c7928dbb0c2be7b44"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5LiOvAGy9icMMpwC4P8ASiCnJMXQGSFn
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GR-SG3A7xh9S5Dks8r7wGlMD5wkSA7WmsCrYIQdwx7NxYCjf8AwyxQ==

GET
H2 200 13.243fc5bc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 40 KB
13 KB 254ms
221ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.243fc5bc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:37:40 GMT
content-encoding: gzip
age: 56357
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:26:17 GMT
server: nginx
etag: W/"9b71f6ea4adab29da59549f4ecfc67ba"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: arck4mGVURGvcibtQLCrC4zg7336hS_N
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aluicQomJ4QKdMA7ylKv-5qVWBHNcU0Oai6hYFHLvniaVLkdrCaCew==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 3 KB
1 KB 125ms
84ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:16 GMT
content-encoding: gzip
age: 2800361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zafhXzyL2Oqiwkpju.1_.RysXhnH6Str
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qy6-mQ_NotTkRnAvex0gk3L73fGKOTSAqsVxCnag878fXVhPhIrr6Q==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 3 KB
2 KB 122ms
81ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 02:03:42 GMT
content-encoding: gzip
age: 375195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 18:01:28 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4EWTvHeOdhIntYjosic7AFXOX_tcgSBK
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fcp7K1uzz6Ajra0FyxLxnnegA8GA9u-Pa2Q6SuvIEVAdlRmNsR6ekQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 9 KB
3 KB 122ms
83ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 1241963
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XzMhF8pRnaDLfBjezFY1CvCA3q4WigmfNOVTJiUE0Ylj-c9k2_rlZw==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 7 KB
2 KB 121ms
83ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:55:13 GMT
content-encoding: gzip
age: 462104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EYaActPVD3Au4y9ezb93snVitJpekZ.W
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AyoRU9jVcet28rM8D-ZIuqoFDZeZb1bdMkw7e6p6hOsxkdV9_gaEkw==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 54 KB
16 KB 127ms
89ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:30:53 GMT
content-encoding: gzip
age: 4617964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:22 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk3GS24HgDEmPXUslSsjyTbGLAUWg7zo
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IgpmNRq6DSvxUVWoPwrtPNVO-FjED5TtyRyb-74Vi3dj-SXDfG708Q==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 43 KB
7 KB 123ms
85ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 1970074
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PWkw_sh1aQRfDV_5IiZ237I923ZMbNwgl-2ftNkwf2karbC6rlOBfQ==

GET
H2 200 1.af2c0498.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 73 KB
25 KB 132ms
94ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.af2c0498.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e1e4797eacb227503cef66a6fbd3d16197aacdcfb52b915c9dd5de35d20973ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:05 GMT
server: nginx
etag: W/"06c00cd10988050423566fb804ecaca2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bkKzkpW1r..rd9z2pPD3kv.guYN7Upim
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UXkS4Z52jUwXgqTroCyC1mLrMT56HIVqyw0voVjOfjwySCeNl5QE8w==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 5D94 12 KB
3 KB 123ms
86ms Stylesheet
text/css 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:53:21 GMT
content-encoding: gzip
age: 473016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:04 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1lpzVvOGjxttW0f_QbstumkkNbSGGIAD
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PzldkUsVnHmaLbndAeRoo5Yy2XC4yZHh8-3o3KtUcvdpz_QW2EJLbA==

GET
H2 200 30.c3864c88.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D94 11 KB
5 KB 135ms
97ms Script
application/javascript 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.c3864c88.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.56de3028.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1653473812875
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
content-encoding: gzip
age: 577187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:06 GMT
server: nginx
etag: W/"38d96c6ccd18212a914f55851e7dea75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: C5YkLjESeiAIo2wT8c7vzTOlJV8QbN5A
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 354gvPxqUNhOvSohWgZkWXPpVqdi8HPPOAVYTfv1SSbfIIgXDMOCkw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 768C 25 B
123 B 140ms
106ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 10:16:58 GMT
server: istio-envoy
requestid: 9b97b657cf0e40f7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 403ms
94ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 25 May 2022 10:16:58 GMT
requestid: drift74caa1d44e59fea4082a717437b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 768C 145 B
242 B 126ms
92ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

9b5359238d57cdbe8517719984ec740bb68fcd47e561649b9fed92aaddddd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 10:16:58 GMT
server: istio-envoy
requestid: 32a9071d5e5a14a0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 145
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 351ms
89ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 25 May 2022 10:16:58 GMT
requestid: drifteafcfc6451e92a4c5f31a6f6a64
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 768C 25 B
87 B 133ms
103ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/44.36014458.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 May 2022 10:17:00 GMT
server: istio-envoy
requestid: a583e2ede2242583
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 134ms
94ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 25 May 2022 10:17:00 GMT
requestid: drift120c43446cb8500adecf533fde3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.blog.beyondsecurity.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.beyondsecurity.com/	1970-01-20 03:19:20	Name: _gid Value: GA1.2.2087750413.1653473814
.beyondsecurity.com/	1970-01-20 20:49:05	Name: _ga_LWCJ3FM7ZS Value: GS1.1.1653473813.1.0.1653473813.0
.beyondsecurity.com/	1970-01-20 03:17:53	Name: _gat_gtag_UA_240792_9 Value: 1
.beyondsecurity.com/	1970-01-20 20:49:05	Name: _ga Value: GA1.2.148019777.1653473814
.beyondsecurity.com/	1970-01-20 03:17:53	Name: _gat_UA-240792-3 Value: 1
.beyondsecurity.com/	1970-01-20 12:03:29	Name: _hjSessionUser_2673551 Value: eyJpZCI6ImFlNjhkOGJiLTMyMDQtNWY5Yy1hZjJlLWFiYWFhZDkxYzkzNiIsImNyZWF0ZWQiOjE2NTM0NzM4MTUzMTAsImV4aXN0aW5nIjpmYWxzZX0=
.beyondsecurity.com/	1970-01-20 03:17:55	Name: _hjFirstSeen Value: 1
blog.beyondsecurity.com/	1970-01-20 03:17:53	Name: _hjIncludedInSessionSample Value: 0
.beyondsecurity.com/	1970-01-20 03:17:55	Name: _hjSession_2673551 Value: eyJpZCI6IjVkZjdjMDdhLWRiNTUtNDE3Mi1hMGM4LTk5N2UwZTJkOTFhYSIsImNyZWF0ZWQiOjE2NTM0NzM4MTU0NzcsImluU2FtcGxlIjpmYWxzZX0=
blog.beyondsecurity.com/	1970-01-20 03:17:53	Name: _hjIncludedInPageviewSample Value: 1
.beyondsecurity.com/	1970-01-20 03:17:55	Name: _hjAbsoluteSessionInProgress Value: 0
prefmgr-cookie.truste-svc.net/	1970-01-20 03:17:53	Name: cookie_3rdparty Value: enabled
blog.beyondsecurity.com/	1970-01-20 03:17:55	Name: drift_campaign_refresh Value: 3fd66a95-f901-4a54-9d59-da415bd484e0
consent-pref.trustarc.com/	1970-01-20 03:17:53	Name: token_test Value: Wed May 25 2022 10:16:56 GMT+0000 (GMT)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.beyondsecurity.com
blogbeyond.wpengine.com
bootstrap.api.drift.com
cdn.syndication.twimg.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
in.hotjar.com
js.driftt.com
js.hsforms.net
metrics.api.drift.com
pbs.twimg.com
platform.twitter.com
prefmgr-cookie.truste-svc.net
script.hotjar.com
secure.gravatar.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.196.190.188
104.244.42.136
108.157.4.116
108.157.4.21
108.157.4.45
108.157.4.7
13.32.99.63
18.66.112.118
199.232.136.159
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5505
2606:4700::6811:b949
2a00:1450:4001:800::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
2a04:fa87:fffe::c000:4902
3.94.218.138
52.202.36.143
52.222.236.129
52.49.107.79
54.147.21.139
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
0296cf04d019c2ccadd5d4eb4883090577ccaf99530b013dd03ce25fd4f04784
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0378955f4c38eea3ba700af4f7361b367e64339457eee61a0c7bd7c6aad96c10
04142dc4e0b099480470fb8da82ba6ce903c9399ace74a55b5ee940b30a0e1cd
04281386f1fb8cf63877a919c19f0ac691a40a32cddb5594a5debb50256b7a39
054c6ffbc6f4d2a7521489ec830ba65253bdd69a31a2bba14b0b3af39b297cad
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
06941c66a47db7f8b6aa705914c5367284e8a57451d04542ca565a74f476b2f7
069eb4cab992d40912af91c67c12417132f1b1a523d0d308835fd6f18767d2dc
070f259282e1fb1710d4e85937e7668c8a5d8de118d574f5a94798edcac4143d
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
08a4bf038419fda3be1b02b1e488829dd855c70d46d8809964547a3c2bacb60f
0a2f5f7cb1553e2661545638cfd54ea6025c4322ef8916120b963e6ca17ab51f
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0a6255bcb2dcca47a50c5e8d6ca94f9813bfc4d523abb213b5f4ebf9436b1a6c
0e04f8170ba222625c05aef2e88adfae07ace87e4cf95c4370d0cbcab8046baf
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
1201e9cbbd2703aa97869fccf1f29d413302096c724857945450653a2cfb62f9
1358c5a770143cac5e8b1eae4dc5520838f58f01dd92e553806587a71502b4eb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b35856fec0b09e3d7ae1efa2594e3c33bf303079113ce2a2e22cd97ded31349
1b3f3f3f600f3303c786e38fedaa5c4b83a778b50461316be3e72270840ad4d7
1c50edaeddd7ab7edd65f1afa7a6a50344444ba2dc30a3acaf4108dba45f9a9d
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1d98d92f320aedc51051a22a08e7a70ca9d4936d77572907bc9c5ca9cf321d17
1e1982f83b316e252bac246bea0241d6874141eaa4b87bd1361ba63794e20c76
20fcf82673f4ab16e3b00d7d1493440f6485d40e0a96dd363196c443cf469a18
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
23849cce54ae587f6db768a62fd6ad89ba702550e2889b2345b978d19449e203
24caab840126c1089470704d65dcbb1dadc8ace5328b28de54b297e482ac3c3f
2672dc0600b4d16d9f74a569432dc06ef45d6c421b6ae3d29fdff578c833e34f
26c63cc9c3510d16f5a8494d4f705c4cbc858e4df1e28161b55b305c60effc23
2707f2daaba3aa51f9932bb90dbdc73359604d3c6bd0a5f924080517b9c99ac1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2ec003f045b916d64deb5c283dc4c3336f860b3f0b83e0e01f5190633b50b9ce
2fae1f10073bf95ef8bce18ce0dd6aa61f78e75ba175a9306df4b1fb2f9bd6d7
304c882530527e0c90ab41a305b3d25227d6c182c761c25f24243ce9fee1b581
397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433
3aceeefb780422ff1734ce050b3df2f16d15e68b079f636f51afac3c9043c467
3bb9514ceb027af58b76354d0fcf9f53eb457263d0a3fe4b4a4bd0a316f6eefe
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
466e779f85a3564bff7af2474f05fb2b70e2535805e3f707c7d521c24fbad241
48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4ab1b3c6a13ce6d4f9fda30e5a4473641a9f418c2e74e1b60e4e3d3b738194d3
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4c2b93c19d90bc779984c5055c157792e3b1a937c3a6deb55c09d4a26e70f664
4e8e7cd4193c77cb73c879d8435af78b3fc7614181f1e7d3760641b7778b7400
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4fa9ab8d5957edc00c44b46ed87ff37464f1eed288c036c23c313e4d3a586738
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
51bfbf0035a429f259b8225be89e775ccd11fc1e070e523cb136944fafed314a
55fb68243c9520bf2bffd5ea09e103c9ed3627f2ccf4a097518e2227d00ed453
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
5a3f84fb5594211d626a0acd0f836014c5da99836c008b7196df369fb9d84e47
5c1f8c79e97a1e952d53bb8d639214e95a6c61a77a6357c17d73371404dbb8dc
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5dad1cd9bd8a255538159566f3a5621e4dbe821ab334c23acd443810b950bb88
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61be6ed1542c9263fdf43d24c256b8d596f11b4d18b05f3ad26fe19ee2dcaf37
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
6546020407964ebeded1bc22cfffc590cb2067364ed2e12f83db7f23dc4dc1ff
6607d02af3291dfe071444b56320e2239b678dec90ddf4aee8f0450d47f4ce0d
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6867294aaf0699ffd78289ff68527e00dd97751a07cc4652228b69ea2345d636
698a87af01e0c08586e89a759b116e0f315693a8b88f2e5796c86a4b5b73712b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da17efdd329929b537064639b37368da51734209944097eaebd4ab6e2acd3ce
6db419d9010408a7b6d1303a78d65889990ad701e5ae68f615818f52d7fbb52d
70f886dd3a8da7f4ab9b9fc6d1cb8699dedd6e9d6ad6543f236456187d9d19b0
71cc4e3304eb8c0400a5cc1c938a4889c919bb8927ea8d9f5c13f6ffcaa40bed
72e0a7c5e70ed06f5ef4766fc307461b6f50dfe3d77c4bd5a7f13251c556dc3e
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
7418fd166b680cf7154bde115f722441996a7f498ce9afb6933abf1ce75e843e
75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba
777b616a4a6124957237e75b71dbb2c2019713ce360faf414dc0e4f7f3ea1ef1
79c254652bb96247b5470d8d7d30bdef4ae96a7e61743ac4ef6b423502cd8c51
79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c
7b7c7b8c8a0e5cc06e2fac340ca7478fdb2278a73c8412c1e4654318c3a82300
7d3f66ca93473d0ccc0af08dd6f66e6c849a5d0db482f6b7d5f3ddb3af151701
7e0633349f3a7de6a9c28586d150f96cca5b9e9846c0cd095156fb1071d7e848
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
7feea346ded7a283c4eb32eb3c5a292ed2781436b1e7eb9fcc8c42dcccb84c84
81837bb647b79c1e159b440fd593ab3f081fda2e018ca5b7b3a537b28fc3bd3e
81ddd86005934f8391dbe682a44f228b7a5df552d61719e5c5cfca1a27c4b3f2
82f11d29a090e74a98c22d56f3b9482ab944803c98881149a4d0971a05a841ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
87f1afbbe952bff2628984b34d0fab813ceeca45e477ee514a929718e35b8dcc
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
888937b853414182608e6ed76b574497748b1954de47389bf4b2018f90b9d324
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9271d6dd8a9db2f7226cbca48f0b684c9de3a4bd8a09ebef4fcd80c69630f9d5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94899d8c0b4377abe765a34012c015437200f684f96360ea798ed6a8b48e9c8d
94fa73fa4e7013e0328a5db6af226312344947163e81222b67eb8f2ce00f0850
95652de29b804ad490f51933347ab7cbaf2261599aa97dc07780cd9a9a57877f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b5359238d57cdbe8517719984ec740bb68fcd47e561649b9fed92aaddddd628
9b5591fe059eed688a0fa8238e765d002b87313aaf86801a1206ea4ab0d7b5f6
9cd7629d2e66537eb15542646bfd16cd461aaf18592c35f19ce7d67ada586635
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
9dcef8dfdfbac0c4b68fb0fd2748458e9cb25b3faa8c4bc9682cea6c58876a93
a0ce140786488b89f1ee64863326618fe230da441a07cc5c8ea9a4d7d8cfafaf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a593c2c62ad61742a4487de65fb5c37efc32fc8ed64544c2e9e416a8a5099bd5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad94ea1bc50aaf3b69323cbcc73629348c0abf5796d15ed15238ac4e01b81680
addbfa1028cf127b39a23057953a377e32fb30f1c97ba30f4626e8ec3d1fd3df
b1e4a56c1b42016de72bb3d8e8319cae2d3a2b9b06c8be0e06515152161b10b2
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
b6d39822e34f949768c8aa5d6c99e4cde5013f2221990bf58137e8e2913d4ba7
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b806200e7d40f646496b67a28435138758ba2c6de348e3e2e8281fc95a79e178
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
ba185bcbee21b17673a97c23ed72b37fdd45920cfd11c6f8f7facc0133bc4f7a
bccb715aeac8a50b19f527b17f3a1e86142e1b8ad8711c3195ce297696feb490
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be4b18db98ed3d86b16ae7834b097f03e98d60fe84c05f873025c86bff23341f
bf942312193ba098f5fc8278e57109d4f338d400c3dbb202d93f8ebef2815ea4
c0813502a9c92d24844e9d354063c0273e29be56b08d61e95a123ab1ce6e06ff
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba
c32f164be54b12ca8d8eb1f9aa5f2269bb6ade148ddb5314156c8470c59b2115
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ced6aee54a17edca482ba24c236c4d6d39479db4a542fd93d37589ac84e4f0
c4de9175d5380ff78bd9d531e54e6b1e9973e2dedd16a7f5a7328e58476334bd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c96f5a75d02296c62daf90b28f3976d6f2f556bbdcb41a7a7a893c2e1c68d5e9
c983bccbfa3aeec262e4469747aaf9d860d93fedcf3ba263c84bd7ef21430234
ca69306b0e8a13f4c2c54bcb81890ed50d98d2c5646615c8d7fb9f419c34ac66
ca7362fcc0e9111db58886105f1f991c5090eeed7b08e2892612704f3be1c4c1
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d1c0618f43751a25c481b67ea92565eba4597079cb074a4a5dfcd9a90c3d1384
d31942dd1a88413f9a7af40b8d15ab4f382dc596d7deb5b44915881cb4160654
d329e7fd6547cab9c45b3331a30facd05ed817cf036efc350e0cd52770dc66c0
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff
d8246888110e1eb3d66e3f81117fdeb1ee811e4f9b7f6bf579b468d4ef3794cc
d862322f40f2d63eca24e2e6188d0a164bf431db27369bedebb31c357985f7f9
d890d7747a2b2b041dd841470b96a55832433522a8fb1be0b769cdeb98b39547
d94d5435112ff6fd5915050cc5b845ab93d643a3cbdaab097b516ba8feaa1015
dcce9d279c9256f1469a57fd2e6a7e44c5e83669327073d61a32c6071f5ae106
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de76af63ae5d4a72867919237eb9635a0c27cb97bf9e25f7b1c666ef023ad45d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1e4797eacb227503cef66a6fbd3d16197aacdcfb52b915c9dd5de35d20973ad
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e42ceb96387bf7bec64a61fa542684cc07f9c1bfdb2c9c57021e95ec8445084c
e44471224c71eeb0f4a2508088b7a6cacdde560d98029fbd2fbfe638d798d69a
e4bb66701b133955a9c28166bdab1891e97a025ddf7e520e492a164e953f97b6
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e817416d931df61a85d3243a8a0e946a20459d0867dc5259bf63cdadb9a9cc9e
e92e44f1c4bc9b93ea6bf75fcb92bc76d63a36b07b751639bd3cc9b6930a101b
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee667207ac60603f3c61f3b703583aace2b20211971808fa86f4e4c93619d958
eebb7c9b62d8028d702b547bcef97e776ada693cbafa64161471b1f96f5d0556
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f12e00e6750c744bb34c0b007ef96948e24c6dcf77a34c78c0c4f1263c81ebdd
f1690d5d80cf38538349be620dec4824cc65f1298ddba8a5841002682590992d
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f3b168c097d61acde0e2bdf43e11db394006f4ba38f8e61b93b8c71f54af484a
f8bed0b716d96bff511f072717e6d3c3afc4576a4f7b89d9986c4ce3bcc964b7
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa13488c9b73ba13025d70340a5b217bf283b0287fe26ec639e199aa5354a034
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

blog.beyondsecurity.com Open in urlscan Pro 104.196.190.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

247 Requests

100 %HTTPS

48 %IPv6

19 Domains

28 Subdomains

28 IPs

4 Countries

4355 kBTransfer

9595 kBSize

15 Cookies

22 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.beyondsecurity.com Open in urlscan Pro
104.196.190.188 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

100 %
HTTPS

48 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

4355 kB
Transfer

9595 kB
Size

15
Cookies

247 HTTP transactions
6 data transactions