www.bitsight.com Open in urlscan Pro
2606:4700:10::6816:4af2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Submission: On April 30 via api (April 30th 2023, 1:37:04 am UTC) from CA — Scanned from CA

Summary HTTP 196 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 56 IPs in 3 countries across 42 domains to perform 196 HTTP transactions. The main IP is 2606:4700:10::6816:4af2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bitsight.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2022. Valid for: a year.

This is the only time www.bitsight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:10:... 2606:4700:10::6816:4af2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
3	13.226.34.109 13.226.34.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:89ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:806e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1400:900... 2600:1400:9000::687e:74bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
5	23.205.76.198 23.205.76.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.8.49.100 65.8.49.100	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.34 18.164.96.34	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.139.29.82 108.139.29.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:c9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:4e:1... 2620:1ec:4e:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:226... 2600:9000:2269:9c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	13.226.22.31 13.226.22.31	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.230.18.106 54.230.18.106	16509 (AMAZON-02) (AMAZON-02)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2600:1f18:612... 2600:1f18:612b:4232:46b0:1c11:22b9:17b9	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	18.202.10.197 18.202.10.197	16509 (AMAZON-02) (AMAZON-02)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:97de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:24f... 2600:9000:24f1:a600:2:7dc7:8f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
12	2606:4700:440... 2606:4700:4400::6812:2422	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.5.159.70 52.5.159.70	14618 (AMAZON-AES) (AMAZON-AES)
1	52.16.111.74 52.16.111.74	16509 (AMAZON-02) (AMAZON-02)
1	54.67.78.58 54.67.78.58	16509 (AMAZON-02) (AMAZON-02)
2	34.218.219.143 34.218.219.143	16509 (AMAZON-02) (AMAZON-02)
6	108.138.106.85 108.138.106.85	16509 (AMAZON-02) (AMAZON-02)
1	54.77.112.208 54.77.112.208	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
65	13.249.141.55 13.249.141.55	16509 (AMAZON-02) (AMAZON-02)
5	50.16.7.188 50.16.7.188	() ()
196	56

23 2606:4700:10::6816:4af2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.34.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-109.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:806e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.205.76.198 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-76-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.49.100 (Ft. Pierce, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-100.ord52.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-34.jfk50.r.cloudfront.net

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-82.jfk50.r.cloudfront.net

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2008 (New York, United States)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2269:9c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.22.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-22-31.ord51.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.18.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-18-106.ord51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:46b0:1c11:22b9:17b9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.10.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-10-197.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:97de (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:a600:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:2422 (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.5.159.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-159-70.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.111.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-111-74.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.67.78.58 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-78-58.us-west-1.compute.amazonaws.com

tracking.intentsify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.218.219.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-219-143.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.106.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-85.jfk50.r.cloudfront.net

pic.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.112.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-112-208.eu-west-1.compute.amazonaws.com

csmetrics.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 13.249.141.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-55.ord51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 50.16.7.188 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	driftt.com js.driftt.com — Cisco Umbrella Rank: 10855	1 MB
23	bitsight.com www.bitsight.com	3 MB
15	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 9005 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 5073 analytics.audioeye.com — Cisco Umbrella Rank: 7273	277 KB
14	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 219971 trackingapi.trendemon.com — Cisco Umbrella Rank: 165559 pic.trendemon.com — Cisco Umbrella Rank: 590057	947 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 x.clarity.ms — Cisco Umbrella Rank: 9293 c.clarity.ms — Cisco Umbrella Rank: 1901	22 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 ssl.google-analytics.com — Cisco Umbrella Rank: 453	38 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	17 KB
5	drift.com bootstrap.api.drift.com customer.api.drift.com metrics.api.drift.com	7 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	4 KB
5	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1405	7 KB
5	company-target.com api.company-target.com — Cisco Umbrella Rank: 7525 s.company-target.com — Cisco Umbrella Rank: 3483 segments.company-target.com — Cisco Umbrella Rank: 2935	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 519 c.bing.com — Cisco Umbrella Rank: 413	13 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171 in.hotjar.com — Cisco Umbrella Rank: 2738 csmetrics.hotjar.com — Cisco Umbrella Rank: 20563	73 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 37767 ibc-flow.techtarget.com — Cisco Umbrella Rank: 47960	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	991 B
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 4128 forms.hubspot.com — Cisco Umbrella Rank: 7052	3 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8003	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 16	515 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 1007	773 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	168 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	intentsify.io tracking.intentsify.io — Cisco Umbrella Rank: 160433	214 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7215	161 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 477	390 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 447	774 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1698	392 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	394 B
1	t.co t.co — Cisco Umbrella Rank: 584	377 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	376 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 9097	2 KB
1	affec.tv go.affec.tv — Cisco Umbrella Rank: 11152	386 B
1	truste.com consent.truste.com — Cisco Umbrella Rank: 11511	578 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 10349	20 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	49 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 6922	87 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3866	23 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3809	64 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	8 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4130	895 B
196	42

	Domain	Requested by
65	js.driftt.com	www.bitsight.com js.driftt.com
23	www.bitsight.com	www.bitsight.com
12	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
6	pic.trendemon.com
6	trackingapi.trendemon.com	assets.trendemon.com
6	js-agent.newrelic.com	www.bitsight.com
5	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com www.bitsight.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.bitsight.com
3	x.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.bitsight.com bat.bing.com
3	api.company-target.com	www.bitsight.com tag.demandbase.com js.driftt.com
2	customer.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	analytics.audioeye.com	wsv3cdn.audioeye.com
2	assets.trendemon.com	www.bitsight.com assets.trendemon.com
2	c.clarity.ms	1 redirects
2	www.google.ca	www.bitsight.com
2	www.google.com	www.bitsight.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	id.rlcdn.com	2 redirects
2	www.clarity.ms	www.bitsight.com www.clarity.ms
2	ssl.google-analytics.com	www.bitsight.com
2	www.googletagmanager.com	www.bitsight.com www.googletagmanager.com
1	metrics.api.drift.com	js.driftt.com
1	fonts.gstatic.com
1	csmetrics.hotjar.com	static.hotjar.com
1	tracking.intentsify.io	www.bitsight.com
1	content.hotjar.io	script.hotjar.com
1	bam.nr-data.net	js-agent.newrelic.com
1	forms.hubspot.com	js.hsleadflows.net
1	c.bing.com	1 redirects
1	track.hubspot.com
1	wsmcdn.audioeye.com	www.bitsight.com
1	in.hotjar.com	script.hotjar.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	script.hotjar.com	static.hotjar.com
1	segments.company-target.com	www.bitsight.com
1	s.company-target.com	tag.demandbase.com
1	analytics.twitter.com	www.bitsight.com
1	t.co	www.bitsight.com
1	px4.ads.linkedin.com	www.bitsight.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	trk.techtarget.com	www.bitsight.com
1	ws.zoominfo.com	www.bitsight.com
1	go.affec.tv	www.googletagmanager.com
1	consent.truste.com	www.googletagmanager.com
1	tag.demandbase.com	www.bitsight.com
1	static.ads-twitter.com	www.bitsight.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	cdn.jsdelivr.net	www.bitsight.com
1	js.hs-scripts.com	www.bitsight.com
196	62

This site contains links to these domains. Also see Links.

Domain
service.bitsighttech.com
bitsight.wd1.myworkdayjobs.com
www.facebook.com
twitter.com
www.linkedin.com
www.reuters.com
www.c4isrnet.com
cyber.dhs.gov
info.bitsight.com
www.cyberscoop.com
www.zdnet.com
www.cisa.gov
academy.bitsight.com
help.bitsighttech.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
affec.tv Amazon RSA 2048 M02	`2023-02-28` - `2023-09-03`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.company-target.com R3	`2023-04-19` - `2023-07-18`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-04-03` - `2023-07-03`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2022-07-12` - `2023-06-26`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.intentsify.io Amazon RSA 2048 M01	`2023-02-10` - `2023-08-04`	6 months	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Frame ID: 96E1E0D458CDD85D62373946E52A4548
Requests: 120 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: A7210D0A24921A0EB9E97F1D083680AE
Requests: 4 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=d0d1644d-c63a-4e00-acbf-1144b55850b9&no_iframe=1&mt_adid=222552&mt_lim=20&source=mathtag
Frame ID: ECF5CC7BDE89F4F4A1E6D898D0CE937E
Requests: 2 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2731c93
Frame ID: C129924D49CB3CE112E7914FF936D976
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
Frame ID: 1FF3A02C21EBCD309F3BD06754B7B1C7
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
Frame ID: 5D906E432376EF26CF3261F561BC15AB
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SolarWinds Orion Breach — BitSight Analysis Part 1close carousel

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

196
Requests

97 %
HTTPS

47 %
IPv6

42
Domains

62
Subdomains

56
IPs

3
Countries

6265 kB
Transfer

15324 kB
Size

88
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://service.bitsighttech.com/
Title: Login

Search URL Search Domain Scan URL

URL: https://bitsight.wd1.myworkdayjobs.com/Bitsight
Title: Open Positions

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-usa-cyber-treasury-exclsuive-idUSKBN28N0PG
Title: cyber attack targeting SolarWinds

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/12/14/reported-russian-hack-of-us-systems-has-implications-for-dod-network-security-plans/
Title: national security

Search URL Search Domain Scan URL

URL: https://cyber.dhs.gov/ed/21-01/
Title: presumed to be at risk

Search URL Search Domain Scan URL

URL: https://info.bitsight.com/reporting-cybersecurity-to-the-board-ciso-guide
Title: clear, concise language

Search URL Search Domain Scan URL

URL: https://www.cyberscoop.com/solarwinds-supply-chain-treasury-commerce-espionage/
Title: still emerging

Search URL Search Domain Scan URL

URL: https://info.bitsight.com/solarwinds
Title: SolarWinds hack

Search URL Search Domain Scan URL

URL: https://info.bitsight.com/solarwinds#solarwinds-breach-timeline
Title: SolarWinds hack timeline

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/sec-filings-solarwinds-says-18000-customers-are-impacted-by-recent-hack/
Title: 18,000 of its customers

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network
Title: emergency order

Search URL Search Domain Scan URL

URL: https://info.bitsight.com/enable-vendor-access-datasheet#:~:text=Bitsight%20helps%20organizations%20transform%20the,management%20a%20more%20collaborative%20process.
Title: freely share critical cybersecurity information

Search URL Search Domain Scan URL

URL: https://academy.bitsight.com/learn/dashboard
Title: BitSight Academy

Search URL Search Domain Scan URL

URL: https://help.bitsighttech.com/hc/en-us
Title: BitSight Knowledge Base

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BitSight
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitsight/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitsight/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/BitSight
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQK4819a_k18f2GGC3Fkv8g
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26304%26time%3D1682818618084%26url%3Dhttps%253A%252F%252Fwww.bitsight.com%252Fblog%252Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liSync=true&e_ipv6=AQKGGwovIGK75AAAAYfPzlPZs29OE5zsbpgw--r69fM8jkTJ87pkBbneiTpehCFcButtjCsS

Request Chain 55

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLqMt6IGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297mvHmL962gyMx1LG_OK7OlaHHfJ81NDlFwtMxbfbaYQA

Request Chain 67

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe&C=1

Request Chain 82

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&RedC=c.clarity.ms&MXFR=1A440217B8CD62162EE31114BCCD6C61 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&MUID=3056B499DA9E670D39AEA79ADB4866A3

196 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bitsight-analysis-of-solarwinds-orion-part-1-prevalence Show response
www.bitsight.com/blog/ 138 KB
30 KB 732ms
677ms Document
text/html 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1069ae8a4dd8262d5701ea0024150b1045d8d25213f8d0d87d9109308b629023

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 0
cache-control: must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7bfc0e832a535401-YYZ
content-encoding: gzip
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:57 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding,Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-7e55fa9a-e6f7-11ed-965c-071dea11ccbd
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 google_tag.script.js Show response
www.bitsight.com/sites/default/files/google_tag/bitsight/ 348 B
486 B 31ms
29ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/google_tag/bitsight/google_tag.script.js?rtw4u7

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f41db1648664b6ec69954758811a2b698c9757916d3ad62221b525829e7854aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 24
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 14323
x-cache: HIT
x-ah-environment: prod
content-length: 281
x-request-id: v-3c0a3b74-e6c0-11ed-8cef-ffee7fb2f667
last-modified: Sat, 29 Apr 2023 19:01:20 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e877a8d5401-YYZ
expires: Sat, 13 May 2023 19:01:23 GMT

GET
H2 200 css_pdHKvbbmVHAlMGRW4UUtTca0enEeF7hnBtlg_h96kSU.css
www.bitsight.com/sites/default/files/css/ 11 KB
3 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/css/css_pdHKvbbmVHAlMGRW4UUtTca0enEeF7hnBtlg_h96kSU.css

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d1cabdb6e6547025306456e1452d4dc6b47a711e17b86706d960fe1f7a9125

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 306
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 14323
x-cache: HIT
x-ah-environment: prod
content-length: 2771
x-request-id: v-6c0f55d6-df1b-11ed-843b-bb351ad50d2d
last-modified: Thu, 20 Apr 2023 00:07:55 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e877a8f5401-YYZ
expires: Thu, 04 May 2023 01:33:58 GMT

GET
H2 200 css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css
www.bitsight.com/sites/default/files/css/ 120 KB
19 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f1c9aed3c3c9b67bbf7b03e51358697e98f9168bb5acd6ca41147b76fcb4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 83
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 14323
x-cache: HIT
x-ah-environment: prod
content-length: 19409
x-request-id: v-80d34306-e52e-11ed-a7ef-ffd8b51a74d9
last-modified: Thu, 27 Apr 2023 19:00:57 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e877a915401-YYZ
expires: Thu, 11 May 2023 19:05:41 GMT

GET
H2 200 fontawesome.min.js Show response
www.bitsight.com/libraries/fontawesome/js/ 53 KB
15 KB 59ms
49ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/libraries/fontawesome/js/fontawesome.min.js?v=6.1.0

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

791f5f661d30aef948f1a01d9fc1a61efa5db0ef0d90d40fe569afea7ea38e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 274
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 274854
x-cache: HIT
x-ah-environment: prod
content-length: 15421
x-request-id: v-6c12aad8-df1b-11ed-a227-abfa861e2b40
last-modified: Thu, 20 Apr 2023 00:04:06 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb075401-YYZ
expires: Thu, 04 May 2023 01:33:58 GMT

GET
H2 200 light.min.js Show response
www.bitsight.com/libraries/fontawesome/js/ 3 MB
1 MB 42ms
32ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/libraries/fontawesome/js/light.min.js?v=6.1.0

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed407657a620cbe7b7c5f6902a7dd572861de8ead70bf55431bc39b07050f293

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 206
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 439588
x-cache: HIT
x-ah-environment: prod
content-length: 1117373
x-request-id: v-6c124de0-df1b-11ed-90d9-7370b7bd953e
last-modified: Thu, 20 Apr 2023 00:04:06 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb095401-YYZ
expires: Thu, 04 May 2023 01:33:58 GMT

GET
H2 200 thin.min.js Show response
www.bitsight.com/libraries/fontawesome/js/ 4 MB
1 MB 56ms
48ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/libraries/fontawesome/js/thin.min.js?v=6.1.0

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc04c5f8ea97db372e695c91f745ab070155bfc4e0d704672de6901ade01b475

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 271
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 256165
x-cache: HIT
x-ah-environment: prod
content-length: 1270073
x-request-id: v-a91b6562-df18-11ed-8791-7f0bfa4d4f5a
last-modified: Thu, 20 Apr 2023 00:04:06 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb0a5401-YYZ
expires: Thu, 04 May 2023 01:14:12 GMT

GET
H2 200 v4-shims.min.js Show response
www.bitsight.com/libraries/fontawesome/js/ 25 KB
7 KB 67ms
59ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/libraries/fontawesome/js/v4-shims.min.js?v=6.1.0

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af4257f5e28935108eabf2394776d13f306877b78fd92f31e5f828495d9b9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 159
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 439588
x-cache: HIT
x-ah-environment: prod
content-length: 7370
x-request-id: v-6c12f16e-df1b-11ed-b965-0399828ac736
last-modified: Thu, 20 Apr 2023 00:04:06 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb0c5401-YYZ
expires: Thu, 04 May 2023 01:33:58 GMT

GET
H2 200 shutterstock_1007122360_1.jpg
www.bitsight.com/sites/default/files/styles/16_9_large_2x/public/migration/images/ 70 KB
70 KB 164ms
156ms Image
image/jpeg 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/sites/default/files/styles/16_9_large_2x/public/migration/images/shutterstock_1007122360_1.jpg?itok=LlLj5xWM

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689af9d211c4e2e1552a50165b56eb7ed7bb88330cf13361147f73dfdcf84434

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 27
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: HIT
x-ah-environment: prod
content-length: 71925
x-request-id: v-a03e480a-df50-11ed-99a6-bb0a69a820e8
last-modified: Fri, 05 Nov 2021 16:24:40 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb0e5401-YYZ
expires: Thu, 04 May 2023 07:54:49 GMT

GET
H2 200 pic1.png
www.bitsight.com/hubfs/ 84 KB
84 KB 168ms
162ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/hubfs/pic1.png

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d1b24bdda63bff8ff597f1a6391a263718ca41e7e92ebcb6edfec6445aafe09

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 1
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: HIT
x-ah-environment: prod
content-length: 85782
x-request-id: v-750f147e-e65e-11ed-9b54-4f78ff376aa5
last-modified: Wed, 16 Dec 2020 14:31:16 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb0f5401-YYZ
expires: Sat, 13 May 2023 07:21:28 GMT

GET
H2 200 pic2.png
www.bitsight.com/hubfs/ 95 KB
95 KB 159ms
153ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/hubfs/pic2.png

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12901213a1782ef5387ce495b8785fd617e2b957b0cd4a4ade518bbf990c3428

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 2
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: HIT
x-ah-environment: prod
content-length: 96850
x-request-id: v-7516133c-e65e-11ed-a518-478152dfe5b5
last-modified: Wed, 16 Dec 2020 14:31:18 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb135401-YYZ
expires: Sat, 13 May 2023 07:21:28 GMT

GET
H2 200 pic3.png
www.bitsight.com/hubfs/ 40 KB
40 KB 187ms
181ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/hubfs/pic3.png

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

598c4c3a475bcf8b9230ad4ea26ec6b0656f5a2231e35e8cd7575528260283c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: MISS
x-ah-environment: prod
content-length: 41021
x-request-id: v-7ec6e5ac-e6f7-11ed-8f21-2bfa327a5160
last-modified: Wed, 16 Dec 2020 14:31:14 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87db295401-YYZ
expires: Sun, 14 May 2023 01:36:57 GMT

GET
H2 200 pic4.png
www.bitsight.com/hubfs/ 146 KB
146 KB 219ms
213ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/hubfs/pic4.png

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883dc48e1cf4dc2d9fc9c8812ee3078295235c41185a43368b113e64cb3237c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: MISS
x-ah-environment: prod
content-length: 149340
x-request-id: v-7ec5e120-e6f7-11ed-bdbf-677534fb6c33
last-modified: Wed, 16 Dec 2020 14:31:16 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87db2a5401-YYZ
expires: Sun, 14 May 2023 01:36:57 GMT

GET
H2 200 pic5.png
www.bitsight.com/hubfs/ 65 KB
66 KB 231ms
226ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/hubfs/pic5.png

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7824470d18bc5d1d1861c8920a7ae7f0793b6c879a5a5c904d613807540416b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: MISS
x-ah-environment: prod
content-length: 66921
x-request-id: v-7ec8eec4-e6f7-11ed-9777-178c63bcd8f3
last-modified: Wed, 16 Dec 2020 14:31:16 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87db2c5401-YYZ
expires: Sun, 14 May 2023 01:36:57 GMT

GET
H2 200 required.svg
www.bitsight.com/themes/custom/bitsight_theme/src/assets/ 480 B
540 B 73ms
69ms Image
image/svg+xml 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/themes/custom/bitsight_theme/src/assets/required.svg

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e21f327a574306998a0bf0d5b1157085ba79b646138be2a59d2311447d460dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 341
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
age: 18965
x-cache: HIT
x-ah-environment: prod
x-request-id: v-95750cac-df18-11ed-bc97-bbf254a3f7bb
last-modified: Thu, 20 Apr 2023 00:04:12 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7bfc0e87db2d5401-YYZ
expires: Thu, 04 May 2023 01:13:39 GMT

GET
H2 200 js_m89Qf8Hjnz_g1U_RhWiqpY0MwN8i9-a2GzfaD5TVk2Y.js Show response
www.bitsight.com/sites/default/files/js/ 110 KB
38 KB 72ms
62ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/js/js_m89Qf8Hjnz_g1U_RhWiqpY0MwN8i9-a2GzfaD5TVk2Y.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcf507fc1e39f3fe0d54fd18568aaa58d0cc0df22f7e6b61b37da0f94d59366

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 180
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 394021
x-cache: HIT
x-ah-environment: prod
content-length: 38937
x-request-id: v-cc6b1abe-df1b-11ed-851b-0fa2c660e807
last-modified: Tue, 04 Apr 2023 19:46:25 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87baf85401-YYZ
expires: Thu, 04 May 2023 01:36:40 GMT

GET
H2 200 277648.js Show response
js.hs-scripts.com/ 1 KB
895 B 120ms
90ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/277648.js
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee4479d8470930ef02efc09078409d8d0183ad4caefdbdf2fdb43d499345d2bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 30 Apr 2023 00:50:45 GMT
server: cloudflare
x-hubspot-correlation-id: f32bb61c-dd59-4aa0-9efc-4dd9fd3cd56c
x-trace: 2B819D7414EAD10C4BD7B88CA0ABB0739D66F69A00000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.bitsight.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7bfc0e87d999ca4f-YUL
expires: Sun, 30 Apr 2023 01:37:57 GMT

GET
H2 200 js_AYphaJOG2PF6B5lLqmStz2XYFkbkUsReYUWDNHD_FAg.js Show response
www.bitsight.com/sites/default/files/js/ 81 KB
19 KB 38ms
28ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/js/js_AYphaJOG2PF6B5lLqmStz2XYFkbkUsReYUWDNHD_FAg.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

018a61689386d8f17a07994baa64adcf65d81646e452c45e6145833470ff1408

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 371
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 14323
x-cache: HIT
x-ah-environment: prod
content-length: 18867
x-request-id: v-dbd30520-df16-11ed-926f-5f1e554abaea
last-modified: Thu, 20 Apr 2023 00:07:41 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb015401-YYZ
expires: Thu, 04 May 2023 01:01:18 GMT

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 23 KB
8 KB 44ms
10ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 01:36:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4296037
x-jsd-version: 1.17.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8057
x-served-by: cache-fra-eddf8230098-FRA, cache-yul12825-YUL
x-jsd-version-type: version
etag: W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js_qtR4-Mjrt7rfgnAcxIm8IMgiL-Lb0HlifA1hykq7Ld8.js Show response
www.bitsight.com/sites/default/files/js/ 102 KB
24 KB 57ms
46ms Script
application/javascript 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/sites/default/files/js/js_qtR4-Mjrt7rfgnAcxIm8IMgiL-Lb0HlifA1hykq7Ld8.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad478f8c8ebb7badf82701cc489bc20c8222fe2dbd079627c0d61ca4abb2ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 378
date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=2592000; includeSubDomains
age: 14323
x-cache: HIT
x-ah-environment: prod
content-length: 24771
x-request-id: v-34ddb14c-df17-11ed-b6ae-f3b40b72c059
last-modified: Thu, 20 Apr 2023 00:08:46 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e87bb055401-YYZ
expires: Thu, 04 May 2023 01:03:48 GMT

GET
H2 200 NeueHaasDisplay-Roman.ttf
www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/ 98 KB
35 KB 66ms
65ms Font
application/font-sfnt 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/NeueHaasDisplay-Roman.ttf

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8850e5c69afc0252ea35a9b1f7c93d837c9c2297bf03ba9365fb093bc71805e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 439
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
age: 439588
x-cache: HIT
x-ah-environment: prod
x-request-id: v-d09c1f98-df16-11ed-8229-97b066874dd6
last-modified: Thu, 20 Apr 2023 00:04:12 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=1209600
cf-ray: 7bfc0e87db335401-YYZ
expires: Thu, 04 May 2023 01:01:00 GMT

GET
H2 200 NeueHaasDisplay-Mediu.ttf
www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/ 100 KB
36 KB 81ms
81ms Font
application/font-sfnt 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/NeueHaasDisplay-Mediu.ttf

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d09a5cb0efb9f6a674aab7ecae5d67d511082ae544f143c3e65cb4317826b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 462
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
age: 439588
x-cache: HIT
x-ah-environment: prod
x-request-id: v-d09b3dda-df16-11ed-a22e-3fb9664853db
last-modified: Thu, 20 Apr 2023 00:04:12 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=1209600
cf-ray: 7bfc0e87db355401-YYZ
expires: Thu, 04 May 2023 01:01:00 GMT

GET
H2 200 NeueHaasDisplay-Light.ttf
www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/ 99 KB
36 KB 58ms
58ms Font
application/font-sfnt 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/NeueHaasDisplay-Light.ttf

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede302635e4d536cd009def38ee53d05a9d85220cb84c8b605c8f47fd10d5b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 474
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
age: 439588
x-cache: HIT
x-ah-environment: prod
x-request-id: v-d09bba94-df16-11ed-bf39-63be976b396e
last-modified: Thu, 20 Apr 2023 00:04:12 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=1209600
cf-ray: 7bfc0e87db385401-YYZ
expires: Thu, 04 May 2023 01:01:00 GMT

GET
H2 200 SPM%20Tablet.png
www.bitsight.com/sites/default/files/styles/cta/public/2022/12/15/ 48 KB
48 KB 179ms
151ms Image
image/png 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bitsight.com/sites/default/files/styles/cta/public/2022/12/15/SPM%20Tablet.png?itok=o8CCKqvY

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd636105f2873462d5c1577ce3f621565da8570429b3d80fffc7a8b8f3ee6003

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 95
date: Sun, 30 Apr 2023 01:36:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: HIT
x-ah-environment: prod
content-length: 48989
x-request-id: v-4405d8a2-df17-11ed-9781-471632c5ca96
last-modified: Thu, 15 Dec 2022 20:58:51 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e882c085401-YYZ
expires: Thu, 04 May 2023 01:04:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
87 KB 96ms
48ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/google_tag/bitsight/google_tag.script.js?rtw4u7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

109e1792b15ee6828c303c03b1dc70e0467cf5bfc95fb669bc26d35d55428226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88205
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 01:36:57 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 442 B
940 B 156ms
45ms Fetch
application/json 13.226.34.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?auth=vyk2k4RgjVPHflQ5uSvAvboHy4i1D3g2JWHgBUGp
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/js/js_AYphaJOG2PF6B5lLqmStz2XYFkbkUsReYUWDNHD_FAg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-109.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: 3749a386-6d55-43ee-a145-9a1acf076c71
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitsight.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4o-DKV9ZIg12xHhj-wlRsU0dbJoLxa_Pgp5vX4_l7Q4_1qCsuLWPfw==
expires: Sat, 29 Apr 2023 01:36:58 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/277648/ 208 KB
64 KB 119ms
87ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/277648/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c4c32431df2f542c1c79e2eda056731040a51704ef6e63da706ba2cac7f1bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
x-amz-version-id: 87vh1fOS7AaQiCH2k1uz65TeV0PixTuc
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 7WJDDR38WGG2HSNM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 88
x-amz-id-2: /+XJjL+N6OSW4X0Zu9csZQ0vfoRj9PYMHRGfW+KKWejxN8rAwJIvMT22fhUWbdpKXwvNd0api1U=
x-evy-trace-listener: listener_https
x-request-id: 5a10ca65-5ef8-43b5-9400-b940e0ee2460
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 14:56:56 GMT
server: cloudflare
etag: W/"09e8f12423193529288b3436240dff17"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.bitsight.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b586b4cf9-4mrg7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7bfc0e89f9283401-YUL
expires: Sun, 30 Apr 2023 01:41:57 GMT

GET
H2 200 277648.js Show response
js.hs-analytics.net/analytics/1682818500000/ 84 KB
23 KB 133ms
95ms Script
text/javascript 2606:4700::6810:89ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1682818500000/277648.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 031a0ee01580fd4dbdd5ef7608b259062cd42f1621fb12ed4f95e885fe21cc10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BBQ18E5NRTS2ER6H
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 17
x-amz-id-2: AGRi89dRlxVyER2yKXX/jAEPeqVU8gmwJOY4OyYfaswt4/nahddsnY17pmFSsxrNpbu4OLUh7VQ=
x-evy-trace-listener: listener_https
x-request-id: 15d422b3-9352-4ed8-9365-4123eaf18528
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 13:54:51 GMT
server: cloudflare
etag: W/"4c38a826aff1cf8c968462a53ca6a0f5"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-5wkt9
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7bfc0e8a0ef6ca67-YUL
expires: Sun, 30 Apr 2023 01:41:57 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 67ms
36ms Script
application/javascript 2606:4700::6811:806e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/277648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:806e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
x-amz-version-id: RmhmaytfCYjkF4kIWncNidw0.aX_4QVo
via: 1.1 2896f6be77233cf3f24b7a1aaae1c6f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 14947
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js&cfRay=7b52368a0a9ba1f8-IAD
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 03 Apr 2023 03:50:40 UTC
server: cloudflare
etag: W/"0bee9cd87f137fe7aec90112cb8b0376"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7bfc0e89f8a5714a-YUL
x-amz-cf-id: xfjkSMv30cq8vuESPqHbCduQtOnWT1O7YQQdNDxgad_YOdZhM0RoVQ==
x-hs-target-asset: lead-flows-js/static-1.1180/bundle/main/lead-flows-release.js

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 146 KB
49 KB 97ms
41ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WXLW5FS

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28f2565d9edd25ca6cc12fa1063291a0ef9dd126cc8bc70f3e53973df8fa5cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 01:36:58 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 73ms
19ms Script
application/x-javascript 2600:1400:9000::687e:74bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=11247
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 66ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 01:22:23 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 30 Apr 2023 03:22:23 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965095466/ 43 B
571 B 86ms
38ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965095466/?random=1682818618007&cv=11&fst=1682818618007&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&hn=www.googleadservices.com&frm=0&tiba=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&rdp=1&auid=435609872.1682818618&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2033728.js Show response
static.hotjar.com/c/ 9 KB
4 KB 188ms
98ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2033728.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

3f7bef1687309f4ca11073bbdf5a7f1a5959d8e9fc01543244a49b7736f4010d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 01:36:58 GMT
via: 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/2d1ba8956ec2c8c51e74e54a36567ab2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Hhcqd8jkuPw2rq-2jyVZaz3xjKOWc_2sfe0gFZliF6H9JqOpZxY0wQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 84ms
23ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100134-IAD

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 2 KB
3 KB 72ms
33ms Script
text/javascript 23.205.76.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=222552
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.76.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-76-198.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master iad-pixel-x20 config_version:"unknown" /
Resource Hash: cdec6e5daf6663ecd42fa5a9b0a059dbfa43357f5bc4c9526fa323737e046317

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: MT3 830 785530e master iad-pixel-x20 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2470
Expires: Sun, 30 Apr 2023 01:36:57 GMT

GET
H2 200 7127e84810857c8d.min.js Show response
tag.demandbase.com/ 72 KB
20 KB 131ms
43ms Script
application/javascript 65.8.49.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/7127e84810857c8d.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.8.49.100 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-8-49-100.ord52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8a9a8d79447c81dc90cd3e0a32cd59ef1382d234be2f161d7bf8e9e428b06ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Mn.AXgyDjInxJro67jsbWtvNh3zaXqnS
content-encoding: gzip
via: 1.1 be1019ab7169805c3c0f394c00896b58.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 00:41:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD52-C3
age: 3312
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 02:25:52 GMT
server: AmazonS3
etag: W/"d07c65a8415e80ffac5e3cb7e874c90b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: LhNnFfXXZWewnt3QL4lIKfW0SzLH4138T-wUNo6D7AdHf14-SSUdEg==

GET
H2 200 notice Show response
consent.truste.com/ 88 B
578 B 170ms
99ms Script
text/javascript 18.164.96.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.truste.com/notice?domain=bitsighttech.com&c=teconsent&js=bb&noticeType=bb&text=true&gtm=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-34.jfk50.r.cloudfront.net

Software

Resource Hash

2107f0f4075b798d0fd29ee262879110cecdfba5bbf0bc1865eeab9d1ae5698c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
via: 1.1 f5527f719bbc0d2932043daaeff80252.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
cloudfront-viewer-country: CA
content-length: 88
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript;charset=ISO-8859-1
cache-control: max-age=3600
cloudfront-viewer-country-region: QC
timing-allow-origin: *
x-amz-cf-id: j0VsYQalRhVZ8Fjuh3qw3NGLZO_yoyLKugcaG7gbi3jCGTtdeS_zZg==
expires: Sun, 30 Apr 2023 02:36:58 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 67ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 30 Apr 2023 01:36:58 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BEAEDFA8E22A449F83C8AC517A531684 Ref B: YMQ01EDGE0419 Ref C: 2023-04-30T01:36:58Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2 204 5eea4b3464fca0000adbad35 Show response
go.affec.tv/j/ 0
386 B 133ms
78ms Script
text/plain 108.139.29.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/5eea4b3464fca0000adbad35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-82.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: gzip
via: 1.1 d3a2886dcf7e47b1e56baf628c69dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
x-amz-cf-id: F8zz-X7d2ZreurfqV6lmZf-oD42qkxh3oullYhc63JlA1_ZU8muisQ==
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2 200 nB5wHQT3fvQHVI5gp4PL Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 214ms
175ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/nB5wHQT3fvQHVI5gp4PL

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9019bb3edb709bc09bf94864b24f3d4a5e7ad6081b95f438a189d0a19d887125

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7bfc0e8b4f97ecf2-YUL
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 79ms
19ms Script
text/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 00:06:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5436
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 30 Apr 2023 02:06:22 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 94ms
47ms Script
text/javascript 2606:4700::6812:c9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 409
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 7bfc0e8b6e1d715a-YUL
expires: Sun, 30 Apr 2023 01:39:51 GMT

GET
H2 200 gjal3gfklv Show response
www.clarity.ms/tag/ 808 B
1 KB 158ms
77ms Script
application/x-javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gjal3gfklv
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3b749d8e31b1b07681113a170d843b160048e5ac4269872fb9180f456692efa5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sun, 30 Apr 2023 01:36:57 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0OsZNZAAAAADH77CbYg2ZR6E4wTd/JuPdWU1RMDFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
81 KB 45ms
42ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RJ4RWVVWH4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ2J8ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

491464d495589f57f9a26389acb58955b6a0d38d1e24f432c0b6c2e0691d1add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82991
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 01:36:58 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/26304/domain/bitsight.com/ 36 B
376 B 95ms
24ms XHR
application/json 2600:9000:2269:9c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/26304/domain/bitsight.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:9c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:14:52 GMT
content-encoding: gzip
via: 1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 4926
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=12802
x-amz-cf-id: MCu0DIZoUAsBxq5jku-Hoer-4fj_0D4vyM1uawAZcn4FMQtdsHzj4Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D26304%26time%3D1682818618084%26url%3Dhttps%253A%252F%252Fwww.bitsight.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liSy...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liS...

0
489 B

75ms
40ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liSync=true&e_ipv6=AQKGGwovIGK75AAAAYfPzlPZs29OE5zsbpgw--r69fM8jkTJ87pkBbneiTpehCFcButtjCsS
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 89D7AAC2ECFB45F08305EE41E30A26CE Ref B: YMQ01EDGE0308 Ref C: 2023-04-30T01:36:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g734pGbZS/PJ+pzS8A==

Redirect headers

date: Sun, 30 Apr 2023 01:36:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E2C8887B993A4E72843EBE99075D7541 Ref B: YMQ01EDGE0414 Ref C: 2023-04-30T01:36:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=26304&time=1682818618084&url=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&cookiesTest=true&liSync=true&e_ipv6=AQKGGwovIGK75AAAAYfPzlPZs29OE5zsbpgw--r69fM8jkTJ87pkBbneiTpehCFcButtjCsS
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6g733b4+ldai7Zsn37g==

GET
H2 204 56012493.js Show response
bat.bing.com/p/action/ 0
118 B 99ms
99ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56012493.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 30 Apr 2023 01:36:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7AB2F3E1238489FAA1A921B0F276697 Ref B: YMQ01EDGE0419 Ref C: 2023-04-30T01:36:58Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
363 B 40ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56012493&Ver=2&mid=33fa5f38-bcff-44bf-9520-1c8595d8d250&sid=7f085dd0e6f711edba95b52faa178070&vid=7f088180e6f711edba5f3d9ada81944f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&p=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&r=&lt=1112&evt=pageLoad&sv=1&rn=447074

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 01:36:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A7D99EFA9FB4B888CF3C8B8F4C2D7C5 Ref B: YMQ01EDGE0419 Ref C: 2023-04-30T01:36:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 43ms
42ms Script
text/javascript 23.205.76.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Computer%20(Hardware%20%26%20Software)&mt_adid=222552&event_type=catchall&mt_id=1405401&duration_days=%5BINSERT%20MACRO%5D&page_name=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&location=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&document_path=%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&mt_cb=1682818618096
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=222552
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.76.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-76-198.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master iad-pixel-x5 config_version:"unknown" /
Resource Hash: f3d122edfd7874cede19b5ea3f4ebb09321a7113bf3443028ffc91596763d930

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: MT3 830 785530e master iad-pixel-x5 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1449
Expires: Sun, 30 Apr 2023 01:36:57 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
163 B 38ms
33ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RJ4RWVVWH4&gtm=45je34q0&_p=870506456&cid=1728062521.1682818618&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682818618&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&dt=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJ4RWVVWH4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 155ms
53ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=598cca77-c541-417f-94b3-784983c2c186&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb4845b0-a911-45ef-8018-4d3b48f5d547&tw_document_href=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nviyj&type=javascript&version=2.3.29

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8da633efb981ceb8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 39543fc8f2244d38d3e97a5f8272832267e165df9e2b9be11e6b6b7dc0b3a31b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 135ms
48ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=598cca77-c541-417f-94b3-784983c2c186&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bb4845b0-a911-45ef-8018-4d3b48f5d547&tw_document_href=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nviyj&type=javascript&version=2.3.29

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 6
date: Sun, 30 Apr 2023 01:36:57 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 2e38cca76fb78155
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 95d03c8c1647c8da440bc829eb55b21724423f9cdc58343dd0d4464e41e25714
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 33ms
32ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=870506456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&ul=en-us&de=UTF-8&dt=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1144053512&gjid=1113805511&cid=1728062521.1682818618&tid=UA-36272386-1&_gid=1741716886.1682818618&_r=1&_slc=1&gtm=45He34q0n81MZ2J8ZG&z=512383786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 33ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=870506456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&ul=en-us&de=UTF-8&dt=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=772659413&gjid=1772409761&cid=1728062521.1682818618&tid=UA-36272386-4&_gid=1741716886.1682818618&_r=1&_slc=1&gtm=45He34q0n81MZ2J8ZG&z=785964702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
s.company-target.com/s/ Frame A721 634 B
976 B 104ms
27ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/7127e84810857c8d.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 47e5eab4597fdff2dfeb1813a7b8c7040d045429dc93ad258ff368ee32837995

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:58 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLqMt6IGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297mvHmL962gyMx1LG_OK7OlaHHfJ81NDlFwtMxbfbaYQA

26 B
409 B

133ms
51ms

Image
image/gif

13.226.22.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297mvHmL962gyMx1LG_OK7OlaHHfJ81NDlFwtMxbfbaYQA
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: HTTP/1.1
Server: 13.226.22.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-22-31.ord51.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:58 GMT
Via: 1.1 e24f58374cba3dcb49076c378e9f7db0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ORD51-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 717d60c33c4e75f3
X-Amz-Cf-Id: Lw3lqfB7qA5_EEqRPfzXUOz-l1ntEGhCSLYZAi0EVrcXOf25obfy5w==

Redirect headers

date: Sun, 30 Apr 2023 01:36:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297mvHmL962gyMx1LG_OK7OlaHHfJ81NDlFwtMxbfbaYQA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 442 B
941 B 88ms
51ms XHR
application/json 13.226.34.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&page_title=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/7127e84810857c8d.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-109.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: d0637673-d332-4249-84d5-41869a2edc82
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitsight.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BXz7ym1qwgzSAeGNZ762nREOEuEkAbaUjS463q3TEfjyenkBNxdmug==
expires: Sat, 29 Apr 2023 01:36:58 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 34ms
33ms Image
image/gif 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=889303358&utmhn=www.bitsight.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&utmhid=870506456&utmr=-&utmp=%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&utmht=1682818618229&utmac=UA-XXXYYYZZZ-1&utmcc=__utma%3D15825701.1728062521.1682818618.1682818618.1682818618.1%3B%2B__utmz%3D15825701.1682818618.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=75673997&utmredir=1&utmu=qhAgAAAAAAAAAAAAAAABAAAE~

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 86ms
33ms XHR
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-36272386-1&cid=1728062521.1682818618&jid=1144053512&gjid=1113805511&_gid=1741716886.1682818618&_u=aADAAEAAQAAAACAAI~&z=1401653163

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 86ms
34ms XHR
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-36272386-4&cid=1728062521.1682818618&jid=772659413&gjid=1772409761&_gid=1741716886.1682818618&_u=aADAAEABQAAAACAAI~&z=390796962

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitsight.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame ECF5 677 B
1 KB 38ms
38ms Document
text/html 23.205.76.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d0d1644d-c63a-4e00-acbf-1144b55850b9&no_iframe=1&mt_adid=222552&mt_lim=20&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Computer%20(Hardware%20%26%20Software)&mt_adid=222552&event_type=catchall&mt_id=1405401&duration_days=%5BINSERT%20MACRO%5D&page_name=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-CA%2Cen%3Bq%3D0.9&mt_lim=20&document_title=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&location=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&document_path=%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&mt_cb=1682818618096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.76.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-76-198.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master iad-pixel-x11 config_version:"unknown" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Sun, 30 Apr 2023 01:36:58 GMT
Expires: Sun, 30 Apr 2023 01:36:57 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 830 785530e master iad-pixel-x11 config_version:"unknown"

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
470 B 50ms
49ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17988170&r=1682818618240&ref=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17988170
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
via: 1.1 google
x-guploader-uploadid: ADPycduvlbQfUvgWKGz9zqYoMYK6QSkuRof1btjTs-6LQHxp5mbw7r_TrgCfYzY9A-L4a3Wgtrpxhzqur_Mwnbme5mS08ExPghdw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Sun, 30 Apr 2023 02:36:58 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 81ms
40ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17988170&r=1682818618240&ref=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.bitsight.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:58 GMT
expires: Sun, 30 Apr 2023 01:36:58 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdtdsxcWbfFwbsEhw4Ch1O2J6RtqFAZpRMQFm2YpZs0wXrLUMi8eiqfiibLrmjwjFy4nvlLscMgPyxVOBz3it1aXjOJ1BjfZ

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
492 B 69ms
31ms Image
image/gif 23.205.76.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.76.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-76-198.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master iad-pixel-x17 config_version:"unknown" /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: MT3 830 785530e master iad-pixel-x17 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sun, 30 Apr 2023 01:36:57 GMT

GET
H2 200 modules.50a80ed62b384955a8b2.js Show response
script.hotjar.com/ 263 KB
68 KB 101ms
31ms Script
application/javascript 54.230.18.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.50a80ed62b384955a8b2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2033728.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.18.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-18-106.ord51.r.cloudfront.net

Software

Resource Hash

e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d9527af51976105c0da25999aac3d0e4.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C3
age: 138651
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69259
last-modified: Fri, 28 Apr 2023 11:05:08 GMT
etag: "64d5841f997872b89ef043f224290bdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: t3BT5l_Mf_J3rBF0kVz6rdxHrEsQqvk-RmI07niIJWBY18AgKPs7EA==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 14ms
14ms Script
application/javascript 2620:1ec:4e:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gjal3gfklv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:57 GMT
content-encoding: br
last-modified: Fri, 28 Apr 2023 17:12:38 GMT
x-azure-ref-originshield: 0Ar1MZAAAAAABb/NOgK5QTI8drppClkYHTU5aMjIxMDYwNjEyMDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB480BC4980B73"
x-azure-ref: 0OsZNZAAAAABBnFk7xcf0RJiWg6MtiSNtWU1RMDFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2c70f71b-a01e-003d-321a-7a58c0000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=870506456&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&ul=en-us&de=UTF-8&dt=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_utma=15825701.1728062521.1682818618.1682818618.1682818618.1&_utmz=15825701.1682818618.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1682818618276&_u=aDDCAEABQAAAACAAI~&jid=&gjid=&cid=1728062521.1682818618&tid=UA-36272386-4&_gid=1741716886.1682818618&gtm=45He34q0n81MZ2J8ZG&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Montreal&cd11=QC&cd12=Canada&z=1276235209

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 12:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48534
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A721
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe&C=1

43 B
766 B

20ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=18&expiry=1698629818&external_user_id=bab2f1c1-b244-4c6f-b702-ea78e2db15fe&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame A721 43 B
392 B 107ms
24ms Image
image/gif 2600:1f18:612b:4232:46b0:1c11:22b9:17b9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=bab2f1c1-b244-4c6f-b702-ea78e2db15fe
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:46b0:1c11:22b9:17b9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 30 Apr 2023 01:36:58 GMT
server: nginx
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A721 42 B
774 B 104ms
25ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=bab2f1c1-b244-4c6f-b702-ea78e2db15fe&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame ECF5 0
491 B 35ms
33ms Image
image/gif 23.205.76.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=d0d1644d-c63a-4e00-acbf-1144b55850b9&no_iframe=1&mt_adid=222552&mt_lim=20&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.205.76.198 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-76-198.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master iad-pixel-x7 config_version:"unknown" /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=d0d1644d-c63a-4e00-acbf-1144b55850b9&no_iframe=1&mt_adid=222552&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:36:58 GMT
Server: MT3 830 785530e master iad-pixel-x7 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sun, 30 Apr 2023 01:36:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 94ms
38ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-36272386-1&cid=1728062521.1682818618&jid=1144053512&_u=aADAAEAAQAAAACAAI~&z=387553806

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 89ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-36272386-1&cid=1728062521.1682818618&jid=1144053512&_u=aADAAEAAQAAAACAAI~&z=387553806

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 92ms
38ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-36272386-4&cid=1728062521.1682818618&jid=772659413&_u=aADAAEABQAAAACAAI~&z=224294887

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 89ms
40ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-36272386-4&cid=1728062521.1682818618&jid=772659413&_u=aADAAEABQAAAACAAI~&z=224294887

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 37905865-872d-4a65-8bda-a5510f9a62d5
https://www.bitsight.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.bitsight.com/37905865-872d-4a65-8bda-a5510f9a62d5
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2033728/ 148 B
322 B 322ms
105ms XHR
application/json 18.202.10.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2033728/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.202.10.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-10-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
296 B 144ms
70ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bitsight.com
Date: Sun, 30 Apr 2023 01:36:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 async-api.6c072bf7-1.230.0.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 38ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYH621C7E35VTNQD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1210
x-amz-id-2: eZgbR6C+fLNpfOlIfiNFo5ITwBSv277AwC6IUyM8BgaG10v/FkDGjE1+o6uTmqu3a+V0czJtQhw=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.537038,VS0,VE0
etag: "a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7215

GET
H2 200 lazy-loader.ff971c03-1.230.0.min.js Show response
js-agent.newrelic.com/ 928 B
621 B 34ms
12ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYHD1NRXKTCHYHHB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: jyTFeNs7aaJ0YeJ7OKDvNwJi/UjhWSjkLRPS40tiuy2JZCSzGlo6sOwUrZSiTDhRu/hNCAGKEQQ=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.537155,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7233

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1020 B
684 B 129ms
68ms Script
application/javascript 2606:4700:4400::ac40:97de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-tags
date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 660
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
cf-ray: 7bfc0e8e2e1cecea-YUL

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 121ms
80ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=277648&rcu=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&pu=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&t=SolarWinds+Orion+Breach+%E2%80%94+BitSight+Analysis+Part+1&cts=1682818618524&vi=84c8652eca699bf2070377fe8f547988&nc=true&u=208292109.84c8652eca699bf2070377fe8f547988.1682818618519.1682818618519.1682818618519.1&b=208292109.1.1682818618520&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6eb1a292-a7c0-42ee-b664-095481beec68
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 29eb6bef-f3f3-4d22-af76-eb467c3c5eb4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEljNZMuUco6eUSSVsiza1LXwRqAihaWt2VKaSBHGXKQVSfGqnMpL3bBuS%2Fg3ulj1ft3TClXmexwFwUgyyNoz4JNOpoSlXleV9iKlMPAyNSEWQ2%2FGtVoXnpw0nL08BpTkv3GR9llXU2BcxYZmIrR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-bwtzj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7bfc0e8e2ba64bd6-YUL
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&RedC=c.clarity.ms&MXFR=1A440217B8CD62162EE31114BCCD6C61
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&MUID=3056B499DA9E670D39AEA79ADB4866A3

42 B
442 B

31ms
31ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&MUID=3056B499DA9E670D39AEA79ADB4866A3
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
last-modified: Mon, 24 Apr 2023 08:10:59 GMT
server: Microsoft-IIS/10.0
etag: "eca874d8476d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8D6E0198E3C4CBD8A27EA6EC9C8C1DA Ref B: YMQ01EDGE0419 Ref C: 2023-04-30T01:36:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7C2674BB16844296AC7EFE8778813963&MUID=3056B499DA9E670D39AEA79ADB4866A3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 226 KB
44 KB 102ms
23ms Script
application/javascript 2600:9000:24f1:a600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:a600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55897cd89dcf183e6f14b01d78af1ab3828b53cb7b552a39e2aeb3be66658f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:28:54 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 12:11:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68885
etag: "e4a3994c827ea6eeb8dcaef548d3ac00"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 44306
x-amz-cf-id: xvAPjFPj6ayWoYO1sYXExrRefIoptJcymYotgdiEHgFjlCee61LEJw==

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 220 B
1 KB 112ms
71ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=277648&utk=84c8652eca699bf2070377fe8f547988&__hstc=208292109.84c8652eca699bf2070377fe8f547988.1682818618519.1682818618519.1682818618519.1&__hssc=208292109.1.1682818618520&currentUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34500f7d3d8b1355312dbb9b4fea2f12821ca413e2a0e43f9f74eff29a007137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f24db145-1bac-4cbf-9cbf-e989e8e026d1
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b87941df-f35c-4e91-b089-c16af6d890b7
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitsight.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGh7iZilh43XZHSe1WKRBqmtxLvM1LpOjgDBVo%2FbVRQcz8hXYjRhh9ufRDTe2qKr%2Fv5ckWqDjiLlXNpscf74W%2FuBufAcw5%2FczfG2O2YrI3VUetMOHnIPEywlsM37BflUNfjZc8HlDTavlplQMNbd"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7bfc0e8e2a9e7133-YUL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-bmnkz

GET
H2 200 862.9f44b58b-1.230.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 11ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYH7JP0389PESEMJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3583
x-amz-id-2: +aK+luTVeUIR38cCEZN9IZhDIvjJt3v9A0o+3EiUwVA2GxOXapcjOnpSyr5KcMOe0StHMZk2E1I=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.555590,VS0,VE0
etag: "c4e5d826698f6566f247167a7565c832"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7195

GET
H2 200 page_view_event-aggregate.75812140-1.230.0.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 12ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYHCZMCZRKSV5AXJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3954
x-amz-id-2: O87bstDcnHgo5HgEq0hgXK1kuwS1MD3O4xlTGgMHwztzRW0nDqdNfNxm9foqgHAHo0MrjzX474M=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.556839,VS0,VE0
etag: "a4978f5fb64e86334a1dbb282220c851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7174

GET
H2 200 page_view_timing-aggregate.9590bdab-1.230.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 13ms
12ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYHCN65YJ7XEDS4B
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4624
x-amz-id-2: 8I0LOTXfoXjRaPjo5Ksn2DSR4fRybqLuVFkqJ1nZQMesggfyB12hg2NJHnJPojbDbqbOlmXOmKM=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.556944,VS0,VE0
etag: "2357140ba2b3c410d01d12937c6269d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7179

GET
H2 200 metrics-aggregate.20a08804-1.230.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 14ms
12ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding: gzip
via: 1.1 varnish
date: Sun, 30 Apr 2023 01:36:58 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYH3HC4EGYRKCV0F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1593
x-amz-id-2: OPIwyUaoPYA9dY8jVjnSKXRQTt0kkCDG2d9uLF41nEfOdTjlaSPfROUAVXyF1qgrcU8vn0y9WJs=
x-served-by: cache-yul12821-YUL
last-modified: Mon, 10 Apr 2023 17:14:03 GMT
server: AmazonS3
x-timer: S1682818619.557366,VS0,VE0
etag: "2b4287467d6e1c411110556d75fe617a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2469594

GET
H/1.1 200
OK NRJS-c4aba3d1e2b24bbd576 Show response
bam.nr-data.net/1/ 49 B
390 B 104ms
70ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-c4aba3d1e2b24bbd576?a=1339770096&v=1.230.0&to=b1QGN0FWXkdRBUYPDlYeJQBHXl9aHyJAExFZXTgNXFNVaHMJXBITV10IBkFrfltUA2QPBE9yCw1HRV9YXANAS19OWAEU&rst=1822&ck=0&s=d548a72dadc20a20&ref=https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence&qt=18&ap=501&be=733&fe=1034&dc=380&perf=%7B%22timing%22:%7B%22of%22:1682818616763,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:14,%22c%22:14,%22s%22:30,%22ce%22:56,%22rq%22:56,%22rp%22:733,%22rpe%22:737,%22dl%22:740,%22di%22:993,%22ds%22:1090,%22de%22:1112,%22dc%22:1740,%22l%22:1740,%22le%22:1767%7D,%22navigation%22:%7B%7D%7D&fp=842&fcp=842&at=QxMFQQlMTUk%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-yul12831-YUL

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
13 KB 190ms
142ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88a85e55eb8f84c61a1c98fe08feeba7c1ebb2e891ec1278bca0e5599ab01d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-tags: 95c39350d8f4b765016b0e58199c2f8b
date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
surrogate-keys: 95c39350d8f4b765016b0e58199c2f8b
cf-cache-status: HIT
server: cloudflare
etag: W/"8133c670a504148772fca7eb5f5a2908"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 7bfc0e8ede2f33fb-YUL

GET
H2 200 2423 Show response
trackingapi.trendemon.com/api/settings/ 545 B
684 B 114ms
29ms Script
application/x-javascript 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2423?callback=jsonp996202&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 8054f842fd3c0e47dfa2abfa01ac05138ff1572a3957ad53ae333f4863c2e854

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 545
content-type: application/x-javascript; charset=UTF-8

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 487ms
236ms XHR
application/json 52.16.111.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.16.111.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-111-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 651caf3f38eaa7fce37242ea187a67583c82373fa62dde711fb8c5b542d29be2

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:59 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 18 KB
6 KB 20ms
19ms Script
application/javascript 2600:9000:24f1:a600:2:7dc7:8f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:a600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:22:07 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 12:11:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 8092
x-amz-server-side-encryption: AES256
etag: W/"3f44b799c727cbac65d90f0779b8eb4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DWl3d-gkOl6GxYTfekf-l8ayWtuhx8kQ4cx-9zmsSXp0dxIORvGbHw==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 93 B
508 B 32ms
31ms Script
application/x-javascript 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2423&DomainCookie=16828186187763453&fingerPrint=91f6896aedcb14868cca5ec63b4f52e3&callback=jsonp42200&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: af85c87d4ba89fada0d745a5c2a99d11caae2f3babb162ac798f4c42d22f1dae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 93
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 33 KB
10 KB 126ms
99ms Script
text/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=95c39350d8f4b765016b0e58199c2f8b&lang=en&cb=2731c93
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3fd8a42e826e8083eeb579e07eaf6c8858a888ecb626a4002e17d72b95c2b9

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
content-encoding: br
surrogate-key: prod 95c39350d8f4b765016b0e58199c2f8b 2731c93
last-modified: Sun, 30 Apr 2023 01:33:35 GMT
server: cloudflare
cf-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 7bfc0e905b0b4bbe-YUL

GET
H2 200 jquery.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 22ms
22ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b9e72e0ed121130ab471b563d85f292e21b1d963586c82b5c3dad4a4694e21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 681
etag: W/"644c0b28-17d8a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e9038ba33fb-YUL
expires: Mon, 29 Apr 2024 01:36:58 GMT

GET
H2 200 startup.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 428 KB
115 KB 44ms
44ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=95c39350d8f4b765016b0e58199c2f8b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3942dcb4f33aac1a5ff6f54aafc4ec813e83b753f2197ff007f3dc51e0da188

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 683
etag: W/"644c0b28-6b173"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e9038bd33fb-YUL
expires: Mon, 29 Apr 2024 01:36:58 GMT

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 94 B
231 B 36ms
36ms Script
application/x-javascript 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2423&ClientUrl=aHR0cHM6Ly93d3cuYml0c2lnaHQuY29tL2Jsb2cvYml0c2lnaHQtYW5hbHlzaXMtb2Ytc29sYXJ3aW5kcy1vcmlvbi1wYXJ0LTEtcHJldmFsZW5jZQ%3D%3D&CookieId=16828186187763453&MaCookie=ODRjODY1MmVjYTY5OWJmMjA3MDM3N2ZlOGY1NDc5ODg%3D&MaCookieName=aHVic3BvdHV0aw%3D%3D&MaName=hubspot&callback=jsonp707283&vid=2423:16828186187763453
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b97e094c5401ada1256478fa5b59ad939e52b1fc08ad87ce59946a6a851ad7ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:58 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 103ms
103ms Image
image/gif 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2423&url=aHR0cHM6Ly93d3cuYml0c2lnaHQuY29tL2Jsb2cvYml0c2lnaHQtYW5hbHlzaXMtb2Ytc29sYXJ3aW5kcy1vcmlvbi1wYXJ0LTEtcHJldmFsZW5jZQ%3D%3D&cookie=16828186187763453&referral=&variant=&otwId=&otwItemId=&vid=2423:16828186187763453&r=1682818618915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:59 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence Show response
tracking.intentsify.io/page-tracking/intentsify-bitsight/ 0
214 B 393ms
77ms Script
text/plain 54.67.78.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.intentsify.io/page-tracking/intentsify-bitsight/https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
Requested by: Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.78.58 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-78-58.us-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 01:36:59 GMT
cache-control: private, no-cache, no-store, must-revalidate
x-powered-by: Express
expires: -1

GET
H2 200 smartrems.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 22ms
22ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffdb48563181bd0358b05141802c1778951164489cba1186592f1782176cfe12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 667
etag: W/"644c0b28-21d7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e91ab8633fb-YUL
expires: Mon, 29 Apr 2024 01:36:59 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame C129 1 KB
726 B 22ms
22ms Document
text/html 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=2731c93
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 376558
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 7bfc0e924c9933fb-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 01:36:59 GMT
last-modified: Tue, 25 Apr 2023 17:00:55 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 251ms
80ms Ping
text/plain 34.218.219.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.219.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-219-143.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:36:59 GMT
content-length: 0

GET
H2 200 3772.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
358 B 20ms
20ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:01:20 GMT
server: cloudflare
age: 673
etag: W/"644c09f0-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e925ca233fb-YUL
expires: Mon, 29 Apr 2024 01:36:59 GMT

GET
H2 200 5121.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
310 B 19ms
18ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 692
etag: W/"644c0b28-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e925ca433fb-YUL
expires: Mon, 29 Apr 2024 01:36:59 GMT

GET
H2 200 874.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
220 B 29ms
29ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 673
etag: W/"644c0b28-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0e925ca633fb-YUL
expires: Mon, 29 Apr 2024 01:36:59 GMT

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 7 KB
7 KB 54ms
54ms Script
application/x-javascript 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&MarketingAutomationCookie=84c8652eca699bf2070377fe8f547988&ExcludeUnitsJson=%5B%5D&callback=jsonp849981&vid=2423:16828186187763453
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 7610edfb1c3dd13086ba06dfca8e476678ec60a463232e23a5307363cbb05743

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
server: Kestrel
content-length: 7106
content-type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK closex.png
pic.trendemon.com/images/ 386 B
848 B 271ms
18ms Image
image/png 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/images/closex.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 19:22:31 GMT
Via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Apr 2019 23:23:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 22469
ETag: "7da2ae17c3b671047838f7b78687a56f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 386
X-Amz-Cf-Id: FZ7N1rI8-IOPp24EZRclBb2XE0lJob-D-jzlUAQtuD-PSzVJUxQG7A==

GET
H/1.1 200
OK 9838983e1528f5b5eb9708045a367b66.jpg
pic.trendemon.com/tasks_logo/2423/ 151 KB
152 KB 347ms
95ms Image
image/jpeg 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2423/9838983e1528f5b5eb9708045a367b66.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9087c4f43f3df96f156b13b3395d5ed9856460ea6a4214ed9ee48c2359799592

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 01:37:00 GMT
Via: 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
Last-Modified: Thu, 20 Apr 2023 02:29:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
x-amz-server-side-encryption: AES256
ETag: "ff96eaa15dcfc4cd4cc795407f032e8f"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155045
X-Amz-Cf-Id: 322HbBG7gEs8mTpAE8pCA8kqiffSEUCTqc_6t-CsiyDePvaMmfsweQ==

GET
H/1.1 200
OK eccb89bfe23642f38c5221c2d67a4d2c.png
pic.trendemon.com/tasks_logo/2423/ 234 KB
234 KB 274ms
21ms Image
image/png 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2423/eccb89bfe23642f38c5221c2d67a4d2c.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fb0c0a7564f5a410d0bd647f5aa0d928ac79a81d9af63ef195deacd5fb42951

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 16:26:55 GMT
Via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
Last-Modified: Fri, 28 Apr 2023 14:16:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 33005
ETag: "31631d5df16be4c8d519ce91d2f057df"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239199
X-Amz-Cf-Id: m0pyOIxzub-6key27PW5ZmvqAAe-XjOuMD-aZehJFDfS_VNRzasb6A==

GET
H/1.1 200
OK 2960423045ebb76ba88f8d45316dbca5.png
pic.trendemon.com/tasks_logo/2423/ 242 KB
242 KB 278ms
25ms Image
image/png 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2423/2960423045ebb76ba88f8d45316dbca5.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42fd06f8be4cfadbb74a5c1130d88a293ff7e480d30e882320d33560bbd16362

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 16:26:55 GMT
Via: 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
Last-Modified: Fri, 28 Apr 2023 14:16:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 33005
ETag: "76a90453f336bba7b746880562c37557"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 247379
X-Amz-Cf-Id: 2gN6DtNeKgckEblAGgHXbDy3RxwhyeoGb-SMCCMvTce1l1jMwR1LbA==

GET
H/1.1 200
OK 48453dfaea85e29d98977037bec7cf29.jpg
pic.trendemon.com/tasks_logo/2423/ 131 KB
131 KB 273ms
20ms Image
image/jpeg 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2423/48453dfaea85e29d98977037bec7cf29.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdfcdcae6444d1c089ab6b9e7f0875baf08cf2538966f471fc8381fe8ac98f9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 03:59:01 GMT
Via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
Last-Modified: Thu, 20 Apr 2023 02:30:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 77879
ETag: "fb452841464b17411494c0ddde34afd5"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133645
X-Amz-Cf-Id: OJifJmuTdPRT958HyT0pxY6yF7y1hTE0nfy-ovciBaZ3QDHdFCrqaQ==

GET
H2 200 personal-embedded Show response
trackingapi.trendemon.com/api/experience/ 10 KB
10 KB 32ms
32ms Script
application/x-javascript 52.5.159.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=2423&ClientUrl=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&MarketingAutomationCookie=84c8652eca699bf2070377fe8f547988&Ids=%5B%5D&Groups=%5B%5D&callback=jsonp290044&vid=2423:16828186187763453
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-159-70.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 2d69820fe2017cecfb441ae3f3dec75bcef5f7d1cf6ad34bbda228c165a2fb8a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:36:59 GMT
server: Kestrel
content-length: 9938
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 Inter-Light.woff2
www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/ 104 KB
105 KB 34ms
34ms Font
text/plain 2606:4700:10::6816:4af2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitsight.com/themes/custom/bitsight_theme/dist/fonts/Inter-Light.woff2

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4af2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f932705eb2c481f0651481c55c50e2bf72b194e6d7ff756ae78937fe79bba509

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitsight.com/sites/default/files/css/css_gfHJrtPDybZ7v3sD5RNYaX6Y-RaLtazWykEUe3b8tOo.css
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 638
date: Sun, 30 Apr 2023 01:36:59 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=2592000; includeSubDomains
age: 2772
x-cache: HIT
x-ah-environment: prod
content-length: 106744
x-request-id: v-8db5d6cc-df18-11ed-a968-4b89567a8aa5
last-modified: Thu, 20 Apr 2023 00:04:12 GMT
server: cloudflare
vary: Host, Accept-Encoding
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7bfc0e942bca5401-YYZ
expires: Thu, 04 May 2023 01:13:26 GMT

GET
H/1.1 200
OK b1e27373500f859ba151761fc4b3bd56.png
pic.trendemon.com/tasks_logo/2423/ 118 KB
119 KB 227ms
24ms Image
image/png 108.138.106.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.trendemon.com/tasks_logo/2423/b1e27373500f859ba151761fc4b3bd56.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-85.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e45fdc840de05ffcadca6ad3391397a9639fa22f69a65ed461e08c696fda2b06

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 16:26:55 GMT
Via: 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
Last-Modified: Tue, 15 Nov 2022 09:07:17 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P3
Age: 33005
ETag: "9b6fbac414c9b1dec6d82654339663cf"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120910
X-Amz-Cf-Id: hRLH-eSC0UDxnUrKHzE3a3duSZ9snD8v10WNNZX8UAz1zPMqNKJDxA==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
296 B 101ms
100ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bitsight.com
Date: Sun, 30 Apr 2023 01:36:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 204 /
csmetrics.hotjar.com/ 0
70 B 374ms
102ms Ping
text/plain 54.77.112.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csmetrics.hotjar.com/?v=3
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2033728.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.112.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-112-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:37:00 GMT
vary: Origin

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
296 B 39ms
38ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bitsight.com
Date: Sun, 30 Apr 2023 01:37:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 launcher.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 79 KB
20 KB 28ms
27ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca11d1428bc0be4d01394845ac8038051f9a473d59de50723e29f1d886396ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 686
etag: W/"644c0b28-13dc6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0ea51c1533fb-YUL
expires: Mon, 29 Apr 2024 01:37:02 GMT

GET
H2 200 compliance.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 151 KB
44 KB 34ms
34ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4277a7f2671cda482d080be3b17988517565c26f6eacbe9fb7ae5be4bf873857

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 686
etag: W/"644c0b28-25c35"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0ea51c1733fb-YUL
expires: Mon, 29 Apr 2024 01:37:02 GMT

GET
H2 200 6365.bundle.2731c93.js Show response
wsv3cdn.audioeye.com/v2/build/ 1 KB
485 B 28ms
27ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/6365.bundle.2731c93.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2023 18:06:32 GMT
server: cloudflare
age: 626
etag: W/"644c0b28-42e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bfc0ea59d4033fb-YUL
expires: Mon, 29 Apr 2024 01:37:02 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

Referer
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 69ms
19ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bitsight.com/
Origin: https://www.bitsight.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:02:02 GMT
x-content-type-options: nosniff
age: 23700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:02:02 GMT

GET
H2 200 fkvvvy3ev4dt.js Show response
js.driftt.com/include/1682818800000/ 221 KB
62 KB 184ms
86ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1682818800000/fkvvvy3ev4dt.js

Requested by

Host: www.bitsight.com
URL: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:03 GMT
x-amz-version-id: x8TZ8iebDtxhM0duvZHFnO4hbRoyqYO1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 28 Apr 2023 19:39:03 GMT
server: istio-envoy
etag: W/"1aa02cf06cb1a631ba2d08d343214ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QDM517ZE8Jo-N63et9yRIRI4oblA3vIEWTvHpxAPYoKyi_yauEQQSw==

GET
H2 200 core Show response
js.driftt.com/ Frame 1FF3 2 KB
1 KB 89ms
88ms Document
text/html 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1682818800000/fkvvvy3ev4dt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 01:37:03 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-id: qa22JyMNEX5B7Yji2hmQco5XF3air2xH9RZ9q991YRPnrxRQvpIK3A==
x-amz-cf-pop: ORD51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 12

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 5D90 2 KB
1 KB 66ms
66ms Document
text/html 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1682818800000/fkvvvy3ev4dt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 01:37:03 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-id: bPzZyiS87imozz1FAAaLFRMh8lCmFzysRY-hbYpMMANO5g5brS5NZQ==
x-amz-cf-pop: ORD51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 37

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 6 KB
3 KB 28ms
27ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aNsY87wxSqv-T76s_pjoiCCWMlGn1B_XRZJKp38n3sxXVFdZhkq87A==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 35 KB
13 KB 31ms
30ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 07:48:16 GMT
x-amz-version-id: lF26wDQZ04Hc4USiqHDPhmaOmpCxHZ2.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 496127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Sat, 22 Apr 2023 03:17:27 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tkJVzo9h4PsqXAjPRYr7UeSfgW7mWPjPb5DHGKaY3j7gRB_6hFG8fQ==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 7 KB
3 KB 32ms
31ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 08:45:01 GMT
x-amz-version-id: L5ZkdDAPGXuQKQi_5iRiYV0tDOKf2a12
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 1443122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Wed, 12 Apr 2023 21:06:32 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ic7Nv53acOtHh3yJtoP947ea67RM7Ze1Jc9C1xhJetUA32-Z9EMgdQ==

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 6 KB
3 KB 28ms
27ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xBOOO5jiqbne-fhu4DViMcYYk3ZkuRz3OtOOHJ-5YcyNNYO_5Fsmdw==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 35 KB
13 KB 30ms
30ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 07:48:16 GMT
x-amz-version-id: lF26wDQZ04Hc4USiqHDPhmaOmpCxHZ2.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 496127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Sat, 22 Apr 2023 03:17:27 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wGKdHazFmi4CUUk1X4ZRlktsWcs_M6fLIpvy-bU8APDOmzHYxl5c4g==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 7 KB
3 KB 32ms
32ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 08:45:01 GMT
x-amz-version-id: L5ZkdDAPGXuQKQi_5iRiYV0tDOKf2a12
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 1443122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Wed, 12 Apr 2023 21:06:32 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VWcoZa7Ybj45nhyEZXi9P3gSuDU2Ezdryw9vIfiupjHxj8pixmjl0g==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 23 KB
24 KB 30ms
30ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 15:22:53 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4875250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 23897
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: "cd29b9bc973e48a7fcd0ee7153bdf03b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JJKTZJyJOOBItJ1yLMq7sURFALlhtbu1T0PRgfHDHS_E8AZROskjLw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 36 KB
10 KB 34ms
33ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 00:55:14 GMT
x-amz-version-id: LkpyNl_v_l3klGwtOoKfz_5U1hExb.XK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 3199309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l8bvuzTp3X2G-3wI86s_9PlCkGbO-nPX8lGBseqlXPCFCjlRYDX0uQ==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 32 KB
33 KB 38ms
37ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:52:55 GMT
x-amz-version-id: gHUVTOMpxo4OYJPbZHb3u5RkKpQKJXD_
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 5229848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
content-length: 33094
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: "2ce6c446f71a395ff41647c9ba4b9c19"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U7LJ6a0tcHZQSw9rLtkqeSECvbvepoE46b0nnpL5thIa8p1ShNWrcA==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 17 KB
6 KB 42ms
41ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 00:15:26 GMT
x-amz-version-id: Xr6smWF.zKCuwemf7Zui.jOCxmhBL9RK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 3806497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NKylfc8yrVGdx3rt4yaLGFh0Yq6G1nFd1Fgbc_QM4m4cTxhe8jkhzg==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 25 KB
8 KB 43ms
43ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:52:31 GMT
x-amz-version-id: iy3lhWfWhugpxaPV1Myr6j1VGgCA5HIt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2396672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9Mi6yswF3Vl1c3kS5TdBPKG8IBEyCflRkEGizwHJMznbtzQtzsURdA==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 74 KB
23 KB 46ms
45ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 09:45:30 GMT
x-amz-version-id: UXQvjOaV4cAuEvK3KPgjO_jLHWxz9qS_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2303492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Fri, 31 Mar 2023 03:20:37 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ukI0hUtvA30WyXjQeqAYM8NpKIByIRfz3f6vHp13jLijh0WB42gANg==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 66 KB
20 KB 51ms
49ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:02:31 GMT
x-amz-version-id: Dtknb9pG1OGKJBg0UOT9R96GyJeyhYHa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 437672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Sat, 22 Apr 2023 03:17:28 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uim-ttw0jK40h9lM200-I4LgUHy-CRaC5_p2Cw_0jexLiBsS8Fo2Hw==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 91 KB
91 KB 55ms
54ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 17:16:46 GMT
x-amz-version-id: Fwmi4iJWwZJcqZrfoiOKf25V8pINId0d
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 3831617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 87
content-length: 92674
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: "43d1442a9d30453da9eaeb12b9daafff"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wPORdxgKEFmL1ZbHIHLOn-eT85_JKkWuypUypEA9_Jh-KA0SVlD71Q==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 23 KB
7 KB 72ms
70ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 23:55:20 GMT
x-amz-version-id: n_LZBAGpG7.l1hUa77u7RhfDyKypZeUW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4066903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 70
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BHNn72WnVL0qTrgnCKjFBYWDNrIZBVs5HfMK1zIbb3_k9QOp_FcCRA==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 62 KB
20 KB 74ms
73ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 07:44:38 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4297945
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DoI0wf1klvZYzE0oT2N0r-t0snmCT0cw1bKssDHWJnDZFP2QilEVtg==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 105 KB
106 KB 78ms
77ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 09:52:44 GMT
x-amz-version-id: Bxk3GHfkaIN0jq7l2JVp1G4qv3BiK4Fg
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4031059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
content-length: 107348
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: "114785899ceb423273fcc17aaad202e9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E6BIFrgpMFAOHv4FslPi9gNpBeOqwDX2GtvWhUni2HbKq6HHEu_Rdg==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 12 KB
4 KB 87ms
85ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:39:22 GMT
x-amz-version-id: kM0bwrTXilFR9hQxZUxVDias9k9PkAnQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 5065061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Wed, 01 Mar 2023 16:37:53 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EPW7KEFtYoMJtQUEpGIuodtnYvsWcUE59sprngX2Cjz55kjxHt11HA==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 13 KB
13 KB 88ms
86ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 15:22:53 GMT
x-amz-version-id: DVmXQgSRssYKVgjqWtbIeoFoOZ0lggKH
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4875250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 52
content-length: 13063
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: "b8addee34a5cd2241740a2e3094039b3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hm9YhJfrmsSCn6f4OqwVJsBBv3DVOx59kBZzs5dEhsYnxS8TbIQ2cA==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 17 KB
7 KB 94ms
93ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:08:36 GMT
x-amz-version-id: wITkTXOkJrHiVChAuzkmL_98MXQL9dkp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2917707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 24 Mar 2023 15:27:31 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cs6j0qoGoM6nBX0hcK8qdUYKbxl57u2F8C9geN1gr8CfSd3qbUKSAA==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 31 KB
4 KB 96ms
94ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:36 GMT
x-amz-version-id: 5hNRHF8Qn0GjRQ0P9ABlxc76ZGeCXklr
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2097207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Tue, 04 Apr 2023 15:21:32 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: on52l4AkQ4zfU9wUJ0zperPZ2sAQ_prGCbLVFlGznRb0JUE4_xMcew==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 80 KB
25 KB 97ms
95ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 21:53:43 GMT
x-amz-version-id: PRNCYnP3VYlcSQNkgU13mLYYfIN9p_Gw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 963800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 73
last-modified: Mon, 17 Apr 2023 18:50:43 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cnuj-iVbF8DoifksvXgEakqaIo0ipJlP9ehiofaIaTBlx7_ygLGnWQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 24 B
697 B 98ms
97ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 16:10:18 GMT
x-amz-version-id: _gMiVGiOqeQtmslq.mFzBJYcD0jV9l9y
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 3835605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q9nrqwCkNaXev0ZE_aO1Zq0LG3qaMuN_2KWXxsqYCd6Oel9bEPBaKg==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 91 KB
23 KB 99ms
98ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 984935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 90
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tUPrIjr1RGS12ZidIqY-N7A1jJa6W28qzb9Q5RVAm5ynOI6H79h5LA==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 50 KB
14 KB 101ms
100ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QCeBPeClXue1_50QqbL3s4-reQhc5ai4hMHL84_NXMQohiYkkjQi6g==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 40 KB
13 KB 102ms
101ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ru1vSb0BvRpkohOADkD4mMBHI4t09ZCAgbtAQhPTphHTa1Bar5Viyw==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 23 KB
24 KB 94ms
90ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 15:22:53 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4875250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 23897
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: "cd29b9bc973e48a7fcd0ee7153bdf03b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s4QPeRBWQ1lJgXeSX5Wn5rjEXqRrCNyrFPtpcbd-3-VwDI0qbtZvqw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 36 KB
10 KB 95ms
90ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 00:55:14 GMT
x-amz-version-id: LkpyNl_v_l3klGwtOoKfz_5U1hExb.XK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 3199309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9L07ObsB01TNhDzAd6fIPMhTwq-M76sgvQQ3hopd9HynDDbOIdDDRw==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 32 KB
33 KB 96ms
92ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:52:55 GMT
x-amz-version-id: gHUVTOMpxo4OYJPbZHb3u5RkKpQKJXD_
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 5229848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
content-length: 33094
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: "2ce6c446f71a395ff41647c9ba4b9c19"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QCeYsgW5i6uM53MaFY3aqcxm-M6UYsE0Whtpga3Ql-KbLzH_jCoo3g==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 17 KB
6 KB 97ms
93ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 00:15:26 GMT
x-amz-version-id: Xr6smWF.zKCuwemf7Zui.jOCxmhBL9RK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 3806497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZsDbA-vxfx248OZ4sBHDgf1SmzzZ9Q4DPqVCQTo0-O-4iiXSPrmqtw==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 25 KB
8 KB 99ms
95ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 07:52:31 GMT
x-amz-version-id: iy3lhWfWhugpxaPV1Myr6j1VGgCA5HIt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2396672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: k587atlBYqZkNwFo4oo6uD0OXx1hMo8hTt555_B9ddnTrtoRCFk9OA==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 74 KB
23 KB 101ms
97ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 09:45:30 GMT
x-amz-version-id: UXQvjOaV4cAuEvK3KPgjO_jLHWxz9qS_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2303492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Fri, 31 Mar 2023 03:20:37 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xnnqVn8Pfw2sr4UMLjzjacHyUGn9Ielw9yTeeZYyDY0WLu-9zgmsTg==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 66 KB
20 KB 102ms
99ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:02:31 GMT
x-amz-version-id: Dtknb9pG1OGKJBg0UOT9R96GyJeyhYHa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 437672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Sat, 22 Apr 2023 03:17:28 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3Tn9hMf04pJKQ0o8_Nkl6j4Igv11H4gS86os4sXxK9o54N7Nt1gGXg==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 91 KB
91 KB 102ms
100ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 17:16:46 GMT
x-amz-version-id: Fwmi4iJWwZJcqZrfoiOKf25V8pINId0d
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 3831617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 87
content-length: 92674
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: "43d1442a9d30453da9eaeb12b9daafff"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nWjaqzYWP4ya0uU-sY0ny0qa9b1uUgwlAbHxUqL17-F8UMqv4hw5-A==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 23 KB
7 KB 105ms
103ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 23:55:20 GMT
x-amz-version-id: n_LZBAGpG7.l1hUa77u7RhfDyKypZeUW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4066903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 70
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N7EuU__haTQpxEMcZnOAHBr-AKXnvJgeBQpfUVseot-QoelVV5iQSA==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 62 KB
20 KB 107ms
105ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 07:44:38 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4297945
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iqF1SIfB8-UoSNxpdjc6tyJR8FX8726R_PKjvhKAD5oZrU1_lNasBw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 105 KB
106 KB 109ms
108ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 09:52:44 GMT
x-amz-version-id: Bxk3GHfkaIN0jq7l2JVp1G4qv3BiK4Fg
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4031059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
content-length: 107348
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: "114785899ceb423273fcc17aaad202e9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BI5kNd0qQR5E_OzU3-T4t709MgVDdc6-jjoCfOpSSojLPZBIrEnKDw==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 12 KB
4 KB 112ms
110ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 10:39:22 GMT
x-amz-version-id: kM0bwrTXilFR9hQxZUxVDias9k9PkAnQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 5065061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Wed, 01 Mar 2023 16:37:53 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UbMHm4bnlTIiw7U3HmuTfIEyCzN8ACVHmdVrkSj_oFXPAix16v0VbA==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 13 KB
13 KB 112ms
111ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 15:22:53 GMT
x-amz-version-id: DVmXQgSRssYKVgjqWtbIeoFoOZ0lggKH
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 4875250
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 52
content-length: 13063
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: "b8addee34a5cd2241740a2e3094039b3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mN1z1jgYJOPEDhZ-byHMK8PDWEx3ewBJ7EIkUG6gQ5E0mo_6OZTJEg==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 17 KB
7 KB 114ms
113ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:08:36 GMT
x-amz-version-id: wITkTXOkJrHiVChAuzkmL_98MXQL9dkp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2917707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 24 Mar 2023 15:27:31 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1xAkKW0W2YlxWrWgu-OIqLbCB9BTrxUyGAKLo7b2A25Xg91BqEdpVQ==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 1FF3 31 KB
4 KB 114ms
114ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:03:36 GMT
x-amz-version-id: 5hNRHF8Qn0GjRQ0P9ABlxc76ZGeCXklr
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2097207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Tue, 04 Apr 2023 15:21:32 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qccj_nwwjxs8i7tVnzyGUXYg4IDktIpUOfloiooXSLxsnZW6o-w3yg==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 80 KB
25 KB 115ms
115ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 21:53:43 GMT
x-amz-version-id: PRNCYnP3VYlcSQNkgU13mLYYfIN9p_Gw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 963800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 73
last-modified: Mon, 17 Apr 2023 18:50:43 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -htwlbQUUM1CFCrIlwc6AFspDaocKVs2G4jC7NblYQjTpiv4ioW4xQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1FF3 24 B
697 B 116ms
115ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 16:10:18 GMT
x-amz-version-id: _gMiVGiOqeQtmslq.mFzBJYcD0jV9l9y
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 3835605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bMiwnjli-IK5TPNBXRHj3sd4GVVo9gfT1zTJEzu9kb_-47dceSQCuw==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 91 KB
23 KB 116ms
116ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 984935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 90
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Tc9WvpKMFcM6MPLuDTjUbWuWxOZPJ9Y67VbaHf8faFpC7P8tehpGHw==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 50 KB
14 KB 117ms
116ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CSXR4QbbMFPFpjwRCN8l6z2_zIkI_OKfl0nfZHpx_7AZ1oi0xkysMA==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 40 KB
13 KB 120ms
119ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DJqQvtZ0lUsod0bhbjo0gIIhMVIQVTPDj0phCDXSkA8g_eKLVem2ZQ==

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 3 KB
1 KB 28ms
27ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 23:55:20 GMT
x-amz-version-id: KEuLvaOicl0jXNCFvu9Dcp2YdjwExJIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4066903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vr5TBOQ19ic20hBSqT2RdI1pVf1wA9ckO8kD8wiqhLZVApBKH7nFzw==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 3 KB
2 KB 29ms
28ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:46:57 GMT
x-amz-version-id: UxCT8aDYj_hNgM93MexUSctwVxa1i.5F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4438206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Thu, 09 Mar 2023 16:34:01 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wCNT0oaP5KfF1VPdkYGsmprPtaONrteSsXdZtLALNl3lXDKlXtYwHw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 9 KB
3 KB 30ms
28ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:36:11 GMT
x-amz-version-id: jKkhMG4VZ22Sd8_jO8e87CFS4CXTnb3v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4557652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Tue, 07 Mar 2023 18:47:37 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5KF-WqOipDL1cQwb0l_WGAp1f61d8J5ZjwcPJxidkLjMx9nB9V5PDQ==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 35 KB
10 KB 32ms
30ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:56:48 GMT
x-amz-version-id: fFK5VE9lBR1BG7uY5IHU0kxGsiEnvgRx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 3318015
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Wed, 22 Mar 2023 14:57:52 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jT21dk_edo0Gblc8Ygd5wYQpKlSOhQQ0GFE-lSaP9-Vx7ZZod9zZ4g==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 1FF3 8 KB
2 KB 29ms
29ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 14:30:09 GMT
x-amz-version-id: MkumI8xRUNOrbmDXV3syjF1FXjHuoluy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4360014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XtVOBj0AA84JQ7RLdgilOnCG8XlB8ldi4rMsgcQFHLdvQBRIA7_FfQ==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 14 KB
6 KB 36ms
35ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:56 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2878087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zNT-Os8vXcGu_EP0SyXzWMkEXxsqvcPlJHSA5bPHijljmDw0WhexVg==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 1FF3 365 B
1 KB 30ms
29ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 16:44:50 GMT
x-amz-version-id: YdMRV2ivZSZ6yHOfLsfnFsLwUAJKwOL8
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 2191933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
content-length: 365
last-modified: Tue, 04 Apr 2023 15:21:32 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zRutUhYFAkajqIp3iprKK8wmrfn47VFpuh7swOOFAWbo2U11h5XwDA==

GET
H2 200 23.ed4e6d8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1FF3 91 KB
25 KB 37ms
36ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.ed4e6d8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=fkvvvy3ev4dt&eId=fkvvvy3ev4dt&region=US&forceShow=false&skipCampaigns=false&sessionId=b6b51c9c-099c-4c6d-9145-c64689d9f6f1&sessionStarted=1682818623.251&campaignRefreshToken=acc80440-6dfa-4f23-a943-c522cd93c031&hideController=false&pageLoadStartTime=1682818617500&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:38:37 GMT
x-amz-version-id: xN70QZOgyKQKNnP0o5N59vnLWimajx0E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 291506
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Wed, 26 Apr 2023 15:35:22 GMT
server: istio-envoy
etag: W/"697b9f051ece7b5f2c5dbe85f673b6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ovlIHiInrd7mC4a-3dbOJKoJfBSOL4ugSjvYZVD6-wboC4DtPSP0vg==

POST
H2 200 report
analytics.audioeye.com/air/ 0
60 B 80ms
80ms Ping
text/plain 34.218.219.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/report
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.2731c93.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.219.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-219-143.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 01:37:03 GMT
content-length: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 9 KB
3 KB 29ms
27ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:36:11 GMT
x-amz-version-id: jKkhMG4VZ22Sd8_jO8e87CFS4CXTnb3v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4557652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Tue, 07 Mar 2023 18:47:37 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U3lQ03y_02oigc8LoVCVR0cA31inv7SaorLhSTH-oBAWxJvPAxTSXg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 7 KB
8 KB 30ms
28ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:52:51 GMT
x-amz-version-id: lBusbz_TCLAJZLzxWK0hCi8FhjBS4lDE
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 9218652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 71
content-length: 7555
last-modified: Wed, 11 Jan 2023 18:48:18 GMT
server: istio-envoy
etag: "189aeffd571884559dababa22c66d75a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MDEztg-g8mDAq3EZQTEC6K9QIuBSF2bRF40WTzt5YEOcXDa4KM_uZg==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 54 KB
15 KB 32ms
30ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:01:11 GMT
x-amz-version-id: APESEz1hWsMiAWxJhrbJRa_CEoi3_isu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 4642552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57
last-modified: Mon, 06 Mar 2023 18:17:48 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 03U6lUK7co8cajgiUjzKiFNnkr4WxGwobbSnhXyg3mUyjYH9ZpFbQw==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 44 KB
7 KB 31ms
29ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 07:27:18 GMT
x-amz-version-id: 2mFqsYPgAFu7IBkViFaO6MCHTOONwEvX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2484585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 59
last-modified: Fri, 31 Mar 2023 03:20:34 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1aOg3AVOxm3Y4RyFZ9fhJbVoq8GB53msfPXg0EJMGQyAwZLe4KAdxg==

GET
H2 200 1.dd688aaf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 53 KB
17 KB 33ms
32ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.dd688aaf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: EYuyMkYTdV6Sz.Tu3e2Qz8Z_YPV77rIe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2092030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 05 Apr 2023 19:06:48 GMT
server: istio-envoy
etag: W/"456df11dba646f06e80bbae67a65aad8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: usXOrqpngdG4tC6qTXtNqlSmnsHIkd2Zsqd-hfUDY0uYOw7_JGqoIw==

GET
H2 200 4.b4477698.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 23 KB
10 KB 34ms
33ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.b4477698.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: 0s5HvDu7I8ZUWeiRZtf_7BJNbUsVlUik
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 2092030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"ec2b0368f8359c0e46e2bfb9cf8e79ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OdtO-jC3fBwN77l7ZRs2gapwASExQPOZanPjioMzPIZxw72UOIsBNQ==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 5D90 14 KB
15 KB 35ms
34ms Stylesheet
text/css 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:22:52 GMT
x-amz-version-id: OSYtNHktA9bnWTp_KsYwg52T3dehXKNF
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: ORD51-C1
age: 5130851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
content-length: 14295
last-modified: Tue, 28 Feb 2023 19:33:03 GMT
server: istio-envoy
etag: "b06e02b360914b25e58305b1b9b954dc"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0mQcq-pnMDt2iPpR-sWwwSG9235d65spSEG2e81q9-DhFHvqyNK2Iw==

GET
H2 200 35.46d29dea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 5D90 12 KB
5 KB 36ms
35ms Script
application/javascript 13.249.141.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.46d29dea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.141.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-141-55.ord51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682818617500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: xuvYWNeKM10RQbhB8D3mlc4N6CStBtYA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD51-C1
age: 107892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"8195467360aaef75c927565e2e787326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sR1VCGqheKjz3bL3C8qrjCnOAYI_9IQ4XyZ92UCQ1OOMJkxt5zfQmQ==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 1FF3 202 B
642 B 134ms
28ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f20562b2a16a83fa535b09cf3aeb8388e7903cead66832c115899bfc2835e967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 01:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 236a99ed7929aa79
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 202

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 442 B
938 B 47ms
47ms Fetch
application/json 13.226.34.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=w8dNJsGy5rpvYbJbYRgveTax2EUj67vseyp2yF0T&page=https%3A%2F%2Fwww.bitsight.com%2Fblog%2Fbitsight-analysis-of-solarwinds-orion-part-1-prevalence&page_title=SolarWinds%20Orion%20Breach%20%E2%80%94%20BitSight%20Analysis%20Part%201&referrer=
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1682818800000/fkvvvy3ev4dt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-109.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.bitsight.com/blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 01:37:04 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 80bad22a3308bca7ca55a6da6a46dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: 756e16d6-31ae-4807-9d5e-fb4ed13c203a
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitsight.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: buV6-UpOjn6ETmkvo-501l_7L5kzu52ztFP1cVIviatm2N9ltPSsUQ==
expires: Sat, 29 Apr 2023 01:37:04 GMT

POST
H2 200 v2 Show response
customer.api.drift.com/integrations/hubspot/utk/ Frame 1FF3 2 B
64 B 82ms
82ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 01:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 87db0726848631de
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 57
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2

OPTIONS
H2 200 v2
customer.api.drift.com/integrations/hubspot/utk/ Frame 0
0 51ms
27ms Preflight
text/plain 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 30 Apr 2023 01:37:04 GMT
requestid: drifta899db94b9390ecde18492823b3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 1FF3 25 B
89 B 145ms
49ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 01:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: e9c4fa8822bee5f4
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 1FF3 19 KB
6 KB 320ms
319ms XHR
application/json 50.16.7.188

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

0c383502ba99226f415a5c537bfb6beb44fc13fb1a2ca2fd8fbea7517f8b868c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 01:37:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: a79e2c6c1713a264
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 295
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracking.intentsify.io/page-tracking/intentsify-bitsight	1970-01-20 21:02:58	Name: userId Value: 60653ffc-61c8-42cf-bc4b-dc16a6aef193
.bitsight.com/	1970-01-20 13:36:34	Name: _gcl_au Value: 1.1.435609872.1682818618
.mathtag.com/	1970-01-20 20:52:53	Name: uuid Value: d0d1644d-c63a-4e00-acbf-1144b55850b9
.bitsight.com/	1970-01-20 11:28:25	Name: _uetsid Value: 7f085dd0e6f711edba95b52faa178070
.bitsight.com/	1970-01-20 20:48:34	Name: _uetvid Value: 7f088180e6f711edba5f3d9ada81944f
.doubleclick.net/	1970-01-20 11:26:59	Name: test_cookie Value: CheckForPermission
.bitsight.com/	1970-01-20 21:02:58	Name: _ga_RJ4RWVVWH4 Value: GS1.1.1682818618.1.0.1682818618.0.0.0
.bing.com/	1970-01-20 20:48:34	Name: MUID Value: 3056B499DA9E670D39AEA79ADB4866A3
.bat.bing.com/	1970-01-20 11:37:03	Name: MR Value: 0
.bitsight.com/	1970-01-20 21:02:58	Name: _ga Value: GA1.2.1728062521.1682818618
.bitsight.com/	1970-01-20 11:28:25	Name: _gid Value: GA1.2.1741716886.1682818618
.bitsight.com/	1970-01-20 11:26:58	Name: _gat_UA-36272386-1 Value: 1
.bitsight.com/	1970-01-20 11:26:58	Name: _gat_UA-36272386-4 Value: 1
.linkedin.com/	1970-01-20 13:36:34	Name: li_sugr Value: d2be6f2a-a061-4b6a-8ee2-9e06a70b4d32
.linkedin.com/	1970-01-20 20:12:34	Name: bcookie Value: "v=2&c67e3aa4-59d0-4886-8205-b3826b5e9a49"
.linkedin.com/	1970-01-20 11:28:25	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2582:u=1:x=1:i=1682818618:t=1682905018:v=2:sig=AQHadiyCDPeihwk_IaPmOdEhmqnWN2Oo"
.techtarget.com/	1970-01-20 11:27:00	Name: __cf_bm Value: FP3A6.WnMKoHtpr.HeT.JixXdEMpC2BDRT.Z1E_AHFE-1682818618-0-Aa2HNdJoarSVwHbDGFx3L2s7nLOv+Dbce6DV06x9xAGugaEOleWA2iFPnjOwY1jOyFZC89EpNoccTHlFzF42ReM=
www.bitsight.com/	1970-01-20 11:28:25	Name: ln_or Value: eyIyNjMwNCI6ImQifQ%3D%3D
.bitsight.com/	1970-01-20 21:02:58	Name: __utma Value: 15825701.1728062521.1682818618.1682818618.1682818618.1
.bitsight.com/	1969-12-31 23:59:59	Name: __utmc Value: 15825701
.bitsight.com/	1970-01-20 15:49:46	Name: __utmz Value: 15825701.1682818618.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.linkedin.com/	1970-01-20 12:10:10	Name: UserMatchHistory Value: AQLpQlu4WJfGXAAAAYfPzlNhA8dhHyLpM4hEC1tOxL4WSLaeWheNRXnPXAa6m6XQC3IAx959ujXH7Q
.linkedin.com/	1970-01-20 12:10:10	Name: AnalyticsSyncHistory Value: AQI2zjy6ANjw2AAAAYfPzlNhOXTa7kYvaq850-2sv835_SboOijK1POjUekgAnh5xseOUAfictP92wW1Jf7WwQ
.bitsight.com/	1970-01-20 11:26:59	Name: __utmt_sfga Value: 1
.bitsight.com/	1970-01-20 11:27:00	Name: __utmb Value: 15825701.1.10.1682818618
.rlcdn.com/	1970-01-20 20:12:34	Name: rlas3 Value: oulk6ydYJOhQfzfEstz6QOHbxtKQjnDN5DHeATxrHWM=
www.clarity.ms/	1970-01-20 20:12:34	Name: CLID Value: b9dca0bd88454a858ac628f8d5125407.20230430.20240429
.company-target.com/	1970-01-20 21:02:58	Name: tuuid Value: bab2f1c1-b244-4c6f-b702-ea78e2db15fe
.company-target.com/	1970-01-20 21:02:58	Name: tuuid_lu Value: 1682818618\|ix:0\|mctv:0\|rp:0
.www.linkedin.com/	1970-01-20 20:12:34	Name: bscookie Value: "v=1&20230430013658150c156a-1c1d-45f4-8983-2c567fc5cef3AQHG5B2bMd6Wgz2nnm4X4UAFdOLRqMVa"
.rlcdn.com/	1970-01-20 12:53:22	Name: pxrc Value: CLqMt6IGEgUI6AcQABIGCMrdKhAA
.ws.zoominfo.com/	1970-01-20 20:12:34	Name: visitorId Value: a1f42f0f77fdd10a5612031a6c410eb54f2e862a81cc30b0b9a93c44e4a2f031
.zoominfo.com/	1970-01-20 11:27:00	Name: __cf_bm Value: g51FUGDdxqeR_fTgY00.nC15Ob2JEwOq6RoH3uSIB3g-1682818618-0-AVNhkVvDUtF45bztIx90qyX8Ca8JQ10LeVpr9Jz+GsP5/5ReRZAjQYaCtRGpYvN6TrzpSwWg7fW2+1z15BdimnQ=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: BZ_FN9qAduI_qomBOfWgLkhX5eOL_MdD7skDzAu8LbU-1682818618293-0-604800000
.t.co/	1970-01-20 21:02:58	Name: muc_ads Value: 435f3736-6902-4916-9d1d-bb3182a30c19
.twitter.com/	1970-01-20 21:02:58	Name: personalization_id Value: "v1_Nq2AzeborTQCc+1g3KAnuA=="
.bitsight.com/	1970-01-20 20:12:34	Name: _clck Value: ybxi19\|1\|fb7\|0
.mathtag.com/	1970-01-20 12:10:10	Name: mt_misc Value: mt_bt:1
.casalemedia.com/	1970-01-20 20:12:34	Name: CMID Value: ZE3GOuS33h6dN.nY3y84ugAA
.casalemedia.com/	1970-01-20 13:36:34	Name: CMPS Value: 1440
.casalemedia.com/	1970-01-20 13:36:34	Name: CMPRO Value: 1440
.rubiconproject.com/	1970-01-20 20:12:34	Name: khaos Value: LH2QR864-3-7KW0
.rubiconproject.com/	1970-01-20 20:12:34	Name: audit Value: 1\|XYSuBhN+X2WCrMJBAsUDtqzDSN/mcB6iYacQIBdibXbWaDs14xzbSJ9wotDvWUa54+giVYgpPaWM1KxoLazIt5mwZQnb46mpD4StqBZyOMnOXPDOvKYKYbqERWUuYXOZ1DmEbsxfpeD4W8DQ/05WeVW+2mPcYRh9cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.tremorhub.com/	1970-01-20 20:12:55	Name: tvid Value: 69e0bf6887c0412487a5b6dec838c7ed
.tremorhub.com/	1970-01-20 21:02:58	Name: tv_UIDM Value: bab2f1c1-b244-4c6f-b702-ea78e2db15fe
.bitsight.com/	1970-01-20 20:12:34	Name: _hjSessionUser_2033728 Value: eyJpZCI6IjVmODg0NDllLTdlYmEtNWNjMS1iNmE4LWNiMTBhMzYzN2ViMiIsImNyZWF0ZWQiOjE2ODI4MTg2MTg0MTQsImV4aXN0aW5nIjpmYWxzZX0=
.bitsight.com/	1970-01-20 11:27:00	Name: _hjFirstSeen Value: 1
.bitsight.com/	1970-01-20 11:26:58	Name: _hjIncludedInSessionSample_2033728 Value: 1
.bitsight.com/	1970-01-20 11:27:00	Name: _hjSession_2033728 Value: eyJpZCI6IjJhNmQyMjZjLTM5Y2YtNGQ5Mi1iNTFkLTQwNmZkMDgwYjI5YiIsImNyZWF0ZWQiOjE2ODI4MTg2MTg0MjMsImluU2FtcGxlIjp0cnVlfQ==
.bitsight.com/	1970-01-20 11:27:00	Name: _hjAbsoluteSessionInProgress Value: 0
.bitsight.com/	1970-01-20 15:46:10	Name: __hstc Value: 208292109.84c8652eca699bf2070377fe8f547988.1682818618519.1682818618519.1682818618519.1
.bitsight.com/	1970-01-20 15:46:10	Name: hubspotutk Value: 84c8652eca699bf2070377fe8f547988
.bitsight.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bitsight.com/	1970-01-20 11:27:00	Name: __hssc Value: 208292109.1.1682818618520
.bitsight.com/	1970-01-20 11:28:25	Name: _clsk Value: fd29j8\|1682818618648\|1\|1\|x.clarity.ms/collect
.hubspot.com/	1970-01-20 11:27:00	Name: __cf_bm Value: 3j.ZR3tsEPPfZF4wU6rnjrpji6Hi8RMJNjHLGwYiiu4-1682818618-0-AaLD6hFiGo69d7MjetMtevE+amlVkcatcdHWCK8/34kfNXCcjsd+lubyf7dBcDbd2Vmk0e1ep7C/zObMCJfheHo=
.c.bing.com/	1970-01-20 11:37:03	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:48:34	Name: SRM_B Value: 3056B499DA9E670D39AEA79ADB4866A3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:48:34	Name: MUID Value: 3056B499DA9E670D39AEA79ADB4866A3
.c.clarity.ms/	1970-01-20 11:37:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:26:59	Name: ANONCHK Value: 0
.bitsight.com/	1970-01-20 20:12:34	Name: trd_cid Value: 16828186187763453
trackingapi.trendemon.com/	1970-01-20 21:02:58	Name: trd_gavid_2423 Value: 16828186187763453
trackingapi.trendemon.com/	1970-01-20 21:02:58	Name: trd_gvid Value: 16828186187763453
trackingapi.trendemon.com/	1970-01-20 21:02:58	Name: trd_vid_2423 Value: 2423%3A16828186187763453
.bitsight.com/	1970-01-20 20:12:34	Name: trd_vid_l Value: 2423%3A16828186187763453
.bitsight.com/	1970-01-20 20:12:34	Name: trd_vuid_l Value: -456653463623142914
.bitsight.com/	1970-01-20 20:12:34	Name: trd_first_visit Value: 1682818619
.bitsight.com/	1970-01-20 20:12:34	Name: trd_pw Value: 1
.bitsight.com/	1970-01-20 11:27:00	Name: trd_pws Value: 1
.bitsight.com/	1970-01-20 11:27:00	Name: trd_sid Value: 16828186189133797
.bitsight.com/	1970-01-20 11:27:41	Name: trd_ma_cookie Value: ODRjODY1MmVjYTY5OWJmMjA3MDM3N2ZlOGY1NDc5ODg%3D
www.bitsight.com/	1970-01-20 20:12:34	Name: _aeaid Value: 759fef00-8720-48c6-916c-2102dce0c324
.bitsight.com/	1970-01-20 11:28:25	Name: source Value: (direct)
.bitsight.com/	1970-01-20 11:28:25	Name: medium Value: (none)
.bitsight.com/	1970-01-20 11:28:25	Name: content Value: undefined
.bitsight.com/	1970-01-20 11:28:25	Name: keyword Value: undefined
.bitsight.com/	1970-01-20 11:28:25	Name: campaign Value:
.bitsight.com/	1970-01-20 11:28:25	Name: landing_page Value: /blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
.bitsight.com/	1970-01-20 11:28:25	Name: conversion_page Value: /blog/bitsight-analysis-of-solarwinds-orion-part-1-prevalence
www.bitsight.com/	1970-01-20 21:02:58	Name: aelastsite Value: TtjLDjDwfaF1TTjoIhP9A0VMHHviwGrxnfPhNkhmzFrJiiv3l6ZPAzyzm6X3TIin
www.bitsight.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
wsv3cdn.audioeye.com/	1970-01-20 21:02:58	Name: aelastsite Value: TtjLDjDwfaF1TTjoIhP9A0VMHHviwGrxnfPhNkhmzFrJiiv3l6ZPAzyzm6X3TIin
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
www.bitsight.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
www.bitsight.com/	1970-01-20 11:27:00	Name: drift_campaign_refresh Value: acc80440-6dfa-4f23-a943-c522cd93c031

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.audioeye.com
analytics.twitter.com
api.company-target.com
assets.trendemon.com
bam.nr-data.net
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.linkedin.oribi.io
consent.truste.com
content.hotjar.io
csmetrics.hotjar.com
customer.api.drift.com
dsum-sec.casalemedia.com
fonts.gstatic.com
forms.hubspot.com
go.affec.tv
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
in.hotjar.com
js-agent.newrelic.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
metrics.api.drift.com
partners.tremorhub.com
pic.trendemon.com
pixel.mathtag.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
script.hotjar.com
segments.company-target.com
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
track.hubspot.com
tracking.intentsify.io
trackingapi.trendemon.com
trk.techtarget.com
ws.zoominfo.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.bitsight.com
www.clarity.ms
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
x.clarity.ms
104.244.42.131
104.244.42.69
108.138.106.124
108.138.106.85
108.139.29.82
13.107.42.14
13.226.22.31
13.226.34.109
13.249.141.55
146.75.32.157
151.101.130.137
162.247.243.29
18.164.96.34
18.202.10.197
192.40.39.223
20.110.205.119
20.114.190.119
23.205.76.198
2600:1400:9000::687e:74bb
2600:1f18:612b:4232:46b0:1c11:22b9:17b9
2600:9000:2269:9c00:2:53b2:240:93a1
2600:9000:24f1:a600:2:7dc7:8f00:93a1
2606:4700:10::6816:4af2
2606:4700:4400::6812:2422
2606:4700:4400::ac40:97de
2606:4700::6810:89ce
2606:4700::6810:a852
2606:4700::6811:806e
2606:4700::6812:19c4
2606:4700::6812:853b
2606:4700::6812:c9f
2606:4700::6813:9a53
2607:f8b0:4004:c17::9c
2607:f8b0:4006:806::2008
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2607:f8b0:4006:817::2004
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2003
2620:1ec:21::14
2620:1ec:4e:1::40
2620:1ec:c11::200
2a04:4e42:400::485
34.111.208.231
34.218.219.143
34.96.71.22
35.190.60.146
50.16.7.188
52.16.111.74
52.5.159.70
54.230.18.106
54.67.78.58
54.77.112.208
65.8.49.100
69.173.151.100
018a61689386d8f17a07994baa64adcf65d81646e452c45e6145833470ff1408
031a0ee01580fd4dbdd5ef7608b259062cd42f1621fb12ed4f95e885fe21cc10
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
0c383502ba99226f415a5c537bfb6beb44fc13fb1a2ca2fd8fbea7517f8b868c
1069ae8a4dd8262d5701ea0024150b1045d8d25213f8d0d87d9109308b629023
109e1792b15ee6828c303c03b1dc70e0467cf5bfc95fb669bc26d35d55428226
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
1220bdf087a7b3b0f068e1dc2422c361ef11cf999ff8ea343573d9e5a7c19bdc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12901213a1782ef5387ce495b8785fd617e2b957b0cd4a4ade518bbf990c3428
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1b3fd8a42e826e8083eeb579e07eaf6c8858a888ecb626a4002e17d72b95c2b9
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2107f0f4075b798d0fd29ee262879110cecdfba5bbf0bc1865eeab9d1ae5698c
2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0
277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
28f2565d9edd25ca6cc12fa1063291a0ef9dd126cc8bc70f3e53973df8fa5cb1
2d69820fe2017cecfb441ae3f3dec75bcef5f7d1cf6ad34bbda228c165a2fb8a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
33c4c32431df2f542c1c79e2eda056731040a51704ef6e63da706ba2cac7f1bf
34500f7d3d8b1355312dbb9b4fea2f12821ca413e2a0e43f9f74eff29a007137
3b749d8e31b1b07681113a170d843b160048e5ac4269872fb9180f456692efa5
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
3ca11d1428bc0be4d01394845ac8038051f9a473d59de50723e29f1d886396ad
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
3f7bef1687309f4ca11073bbdf5a7f1a5959d8e9fc01543244a49b7736f4010d
4277a7f2671cda482d080be3b17988517565c26f6eacbe9fb7ae5be4bf873857
42fd06f8be4cfadbb74a5c1130d88a293ff7e480d30e882320d33560bbd16362
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e5eab4597fdff2dfeb1813a7b8c7040d045429dc93ad258ff368ee32837995
491464d495589f57f9a26389acb58955b6a0d38d1e24f432c0b6c2e0691d1add
4e21f327a574306998a0bf0d5b1157085ba79b646138be2a59d2311447d460dd
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
55897cd89dcf183e6f14b01d78af1ab3828b53cb7b552a39e2aeb3be66658f4d
598c4c3a475bcf8b9230ad4ea26ec6b0656f5a2231e35e8cd7575528260283c4
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5fb0c0a7564f5a410d0bd647f5aa0d928ac79a81d9af63ef195deacd5fb42951
651caf3f38eaa7fce37242ea187a67583c82373fa62dde711fb8c5b542d29be2
67b9e72e0ed121130ab471b563d85f292e21b1d963586c82b5c3dad4a4694e21
689af9d211c4e2e1552a50165b56eb7ed7bb88330cf13361147f73dfdcf84434
6af4257f5e28935108eabf2394776d13f306877b78fd92f31e5f828495d9b9e6
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
6e6eeb0b97f1cf56a3e763afef0fd5f77070ff0410881db09426cff02d4396de
7239304bfda1edbdc25f38e13e0c6ed0c40c2aa7bf88e95b9fc8f17ba36a8253
7610edfb1c3dd13086ba06dfca8e476678ec60a463232e23a5307363cbb05743
7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7824470d18bc5d1d1861c8920a7ae7f0793b6c879a5a5c904d613807540416b0
791f5f661d30aef948f1a01d9fc1a61efa5db0ef0d90d40fe569afea7ea38e23
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
8054f842fd3c0e47dfa2abfa01ac05138ff1572a3957ad53ae333f4863c2e854
81f1c9aed3c3c9b67bbf7b03e51358697e98f9168bb5acd6ca41147b76fcb4ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
883dc48e1cf4dc2d9fc9c8812ee3078295235c41185a43368b113e64cb3237c3
8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0
8a9a8d79447c81dc90cd3e0a32cd59ef1382d234be2f161d7bf8e9e428b06ae8
9019bb3edb709bc09bf94864b24f3d4a5e7ad6081b95f438a189d0a19d887125
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
9087c4f43f3df96f156b13b3395d5ed9856460ea6a4214ed9ee48c2359799592
93d09a5cb0efb9f6a674aab7ecae5d67d511082ae544f143c3e65cb4317826b4
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
9bcf507fc1e39f3fe0d54fd18568aaa58d0cc0df22f7e6b61b37da0f94d59366
9d1b24bdda63bff8ff597f1a6391a263718ca41e7e92ebcb6edfec6445aafe09
9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae
a5d1cabdb6e6547025306456e1452d4dc6b47a711e17b86706d960fe1f7a9125
a88a85e55eb8f84c61a1c98fe08feeba7c1ebb2e891ec1278bca0e5599ab01d9
aad478f8c8ebb7badf82701cc489bc20c8222fe2dbd079627c0d61ca4abb2ddf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af85c87d4ba89fada0d745a5c2a99d11caae2f3babb162ac798f4c42d22f1dae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b97e094c5401ada1256478fa5b59ad939e52b1fc08ad87ce59946a6a851ad7ef
bd636105f2873462d5c1577ce3f621565da8570429b3d80fffc7a8b8f3ee6003
bdfcdcae6444d1c089ab6b9e7f0875baf08cf2538966f471fc8381fe8ac98f9d
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c3a58e45ccfffece1df8e470fd853a81321e4f78f6af8d22e78310da1380f7d5
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
cc04c5f8ea97db372e695c91f745ab070155bfc4e0d704672de6901ade01b475
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
cdec6e5daf6663ecd42fa5a9b0a059dbfa43357f5bc4c9526fa323737e046317
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
d8850e5c69afc0252ea35a9b1f7c93d837c9c2297bf03ba9365fb093bc71805e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e45fdc840de05ffcadca6ad3391397a9639fa22f69a65ed461e08c696fda2b06
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ed407657a620cbe7b7c5f6902a7dd572861de8ead70bf55431bc39b07050f293
ede302635e4d536cd009def38ee53d05a9d85220cb84c8b605c8f47fd10d5b45
ee4479d8470930ef02efc09078409d8d0183ad4caefdbdf2fdb43d499345d2bf
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20562b2a16a83fa535b09cf3aeb8388e7903cead66832c115899bfc2835e967
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f3942dcb4f33aac1a5ff6f54aafc4ec813e83b753f2197ff007f3dc51e0da188
f3d122edfd7874cede19b5ea3f4ebb09321a7113bf3443028ffc91596763d930
f41db1648664b6ec69954758811a2b698c9757916d3ad62221b525829e7854aa
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f932705eb2c481f0651481c55c50e2bf72b194e6d7ff756ae78937fe79bba509
fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049
ffdb48563181bd0358b05141802c1778951164489cba1186592f1782176cfe12
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

www.bitsight.com Open in urlscan Pro 2606:4700:10::6816:4af2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

196 Requests

97 %HTTPS

47 %IPv6

42 Domains

62 Subdomains

56 IPs

3 Countries

6265 kBTransfer

15324 kBSize

88 Cookies

22 Outgoing links

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bitsight.com Open in urlscan Pro
2606:4700:10::6816:4af2 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

97 %
HTTPS

47 %
IPv6

42
Domains

62
Subdomains

56
IPs

3
Countries

6265 kB
Transfer

15324 kB
Size

88
Cookies

196 HTTP transactions
1 data transactions