www.silverfort.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.silverfort.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSXEZTPOJ2C4Y3PNUXWE3DP...
Effective URL:
https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-prot...
Submission: On December 28 via api (December 28th 2022, 9:57:45 pm UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 29 domains to perform 92 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.silverfort.com.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.

This is the only time www.silverfort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.232.180.134 34.232.180.134	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.29.231.247 52.29.231.247	16509 (AMAZON-02) (AMAZON-02)
20	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
6	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	23.43.30.157 23.43.30.157	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20d... 2600:9000:20dc:7800:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206f:1000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:350... 2a02:26f0:3500:296::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.66.12 65.9.66.12	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.77.123.157 54.77.123.157	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:b972	() ()
92	36

1 34.232.180.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-180-134.compute-1.amazonaws.com

sales.silverfort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.231.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-231-247.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.silverfort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.30.157 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-30-157.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20dc:7800:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:296::1c91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-12.fra56.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.123.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-123-157.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b972 (None, )

ASN- ()

f.hubspotusercontent30.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	silverfort.com 1 redirects sales.silverfort.com www.silverfort.com	2 MB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 13944 c.6sc.co — Cisco Umbrella Rank: 18647 ipv6.6sc.co — Cisco Umbrella Rank: 14890 b.6sc.co — Cisco Umbrella Rank: 8973	14 KB
8	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 8401 track.hubspot.com — Cisco Umbrella Rank: 4433 app.hubspot.com — Cisco Umbrella Rank: 9264	26 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 1054 p.typekit.net — Cisco Umbrella Rank: 1288	121 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 13937	289 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4131	18 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 840 www.linkedin.com — Cisco Umbrella Rank: 712 px4.ads.linkedin.com — Cisco Umbrella Rank: 7528	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246	73 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7182 forms-na1.hsforms.com — Cisco Umbrella Rank: 13289	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103 region1.google-analytics.com — Cisco Umbrella Rank: 2124	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	google.de www.google.de — Cisco Umbrella Rank: 3658	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 16	611 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1787	375 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 28686 tr.lfeeder.com — Cisco Umbrella Rank: 52589	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	111 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179	2 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 12274	165 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6632	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	162 KB
1	hubspotusercontent30.net f.hubspotusercontent30.net	2 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4178	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 8919	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5931	3 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 670	818 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4442	914 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1579	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	1 KB
1	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 122804	712 B
92	29

	Domain	Requested by
20	www.silverfort.com	www.silverfort.com
7	b.6sc.co	www.silverfort.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	use.typekit.net	www.silverfort.com use.typekit.net
4	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
3	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	track.hubspot.com
2	www.facebook.com	www.silverfort.com
2	api.hubspot.com	js.usemessages.com
2	www.google.de	www.silverfort.com
2	www.google.com	www.silverfort.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	forms.hsforms.com	js.hsforms.net www.silverfort.com
2	connect.facebook.net	www.silverfort.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	js.hsforms.net	www.silverfort.com
2	munchkin.marketo.net	www.silverfort.com munchkin.marketo.net
2	www.googletagmanager.com	www.silverfort.com www.googletagmanager.com
1	f.hubspotusercontent30.net
1	in.hotjar.com	script.hotjar.com
1	forms-na1.hsforms.com	www.silverfort.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	tr.lfeeder.com	www.silverfort.com
1	script.hotjar.com	static.hotjar.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	px4.ads.linkedin.com	www.silverfort.com
1	www.linkedin.com	1 redirects
1	sc.lfeeder.com	www.silverfort.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	www.silverfort.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.silverfort.com
1	app.salesloft.com	1 redirects
1	sales.silverfort.com	1 redirects
92	45

This site contains links to these domains. Also see Links.

Domain
silverfort.force.com
support.silverfort.com
www.uber.com
cendyne.dev
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
www.silverfort.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.lfeeder.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Frame ID: FE24E3FAB1D865C0FA58FD849BB94D2F
Requests: 78 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: B1F24B6CCE468BAE53D921EACC2F4B88
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E7473236DB951FFECE73E1FE443D7FBC
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4711332/threads/utk/92cf2e494add4b32ab69ec3eb80ace91?uuid=688fae39bd114b5f95accf73b87880e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=silverfort.com&inApp53=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 9CB02D08BCB18C2D446B4FA9BFB8469B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Uber Breach Key Takeaways: Why MFA, Service Account Protection & PAM Must Work Together to Protect Against Compromised Credentials - Silverfort

Page URL History Show full URLs

https://sales.silverfort.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSX... HTTP 302
https://app.salesloft.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSX... HTTP 302
https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-w... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

99 %
HTTPS

69 %
IPv6

29
Domains

45
Subdomains

36
IPs

6
Countries

2794 kB
Transfer

6141 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://silverfort.force.com/login
Title: Partners Portal

Search URL Search Domain Scan URL

URL: https://support.silverfort.com/hc/en-us/restricted?return_to=https%3A%2F%2Fsupport.silverfort.com%2Fhc%2Fen-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.uber.com/newsroom/security-update/
Title: posted

Search URL Search Domain Scan URL

URL: https://cendyne.dev/posts/2022-09-19-a-few-thoughts-about-ubers-breach.html
Title: tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/silverfort

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/silverfort/

Search URL Search Domain Scan URL

URL: https://twitter.com/silverfort

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.silverfort.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSXEZTPOJ2C4Y3PNUXWE3DPM4XXKYTFOIWWE4TFMFRWQLLLMV4S25DBNNSWC53BPFZS253IPEWW2ZTBFVZWK4TWNFRWKLLBMNRW65LOOQWXA4TPORSWG5DJN5XC24DBNUWW25LTOQWXO33SNMWXI33HMV2GQZLSFV2G6LLQOJXXIZLDOQWWCZ3BNFXHG5BNMNXW24DSN5WWS43FMQWWG4TFMRSW45DJMFWHGLZ7ONRHEYZ5GFRW2422KY2TMSDSMRUUMYTKNBRVCNKHNRLECJJTIQSTGRBFGI2DKVSJJI4G6WSRPBTG6QTIGRCEGUJRKFIUUUJFGNCCKM2E/www-silverfort-com-blog-uber-breach-key-takeaways-why-mfa-service-account-p HTTP 302
https://app.salesloft.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSXEZTPOJ2C4Y3PNUXWE3DPM4XXKYTFOIWWE4TFMFRWQLLLMV4S25DBNNSWC53BPFZS253IPEWW2ZTBFVZWK4TWNFRWKLLBMNRW65LOOQWXA4TPORSWG5DJN5XC24DBNUWW25LTOQWXO33SNMWXI33HMV2GQZLSFV2G6LLQOJXXIZLDOQWWCZ3BNFXHG5BNMNXW24DSN5WWS43FMQWWG4TFMRSW45DJMFWHGLZ7ONRHEYZ5GFRW2422KY2TMSDSMRUUMYTKNBRVCNKHNRLECJJTIQSTGRBFGI2DKVSJJI4G6WSRPBTG6QTIGRCEGUJRKFIUUUJFGNCCKM2E/www-silverfort-com-blog-uber-breach-key-takeaways-why-mfa-service-account-p HTTP 302
https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D649297%26time%3D1672264659956%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252Fblog%252Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%252F%253Fsbrc%253D1cmsZV56HrdiFbjhcQ5GlVA%25253D%25253D%2525245VIJ8oZQxfoBh4DCQ1QQJQ%25253D%25253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&liSync=true&e_ipv6=AQJ7GLQRCIPe8wAAAYVavbX-nFKvXQxQTNt9KBjF0lY_lZvm99KXiBprmKqMcnSkMGp8VvBmRs4x

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/
Redirect Chain

https://sales.silverfort.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSXEZTPOJ2C4Y3PNUXWE3DPM4XXKYTFOIWWE4TFMFRWQLLLMV4S25DBNNSWC53BPFZS253IPEWW2ZTBFVZWK4TWNFRWKLLB...
https://app.salesloft.com/t/102883/c/3a6f8631-34d8-4c04-a61e-e26f9f370061/NB2HI4DTHIXS653XO4XHG2LMOZSXEZTPOJ2C4Y3PNUXWE3DPM4XXKYTFOIWWE4TFMFRWQLLLMV4S25DBNNSWC53BPFZS253IPEWW2ZTBFVZWK4TWNFRWKLLBMNR...
https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%24...

80 KB
17 KB

133ms
65ms

Document
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

60683b1ed3f6fafffb3cb0700713964708e7b7965b7be9e33b97976dadef48c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 780d8d892f1f5ca4-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 28 Dec 2022 21:57:39 GMT
link: <https://www.silverfort.com/wp-json/>; rel="https://api.w.org/" <https://www.silverfort.com/wp-json/wp/v2/posts/3314>; rel="alternate"; type="application/json" <https://www.silverfort.com/?p=3314>; rel=shortlink
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://www.silverfort.com/xmlrpc.php
x-powered-by: WP Engine

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 291
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Dec 2022 21:57:39 GMT
Location: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: db7f0e483e69fb4126c1a797556cdae4
X-Runtime: 0.042135
X-XSS-Protection: 1; mode=block

GET
H2 200 style.min.css
www.silverfort.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 42ms
40ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/css/dist/block-library/style.min.css?ver=66e8fa31dd90ecdac38737d39cdaff94

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: cloudflare
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89afff5ca4-FRA

GET
H2 200 classic-themes.min.css
www.silverfort.com/wp-includes/css/ 217 B
257 B 37ms
35ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
server: cloudflare
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89a8045ca4-FRA

GET
H2 200 theme.css
www.silverfort.com/wp-content/themes/airfleet/dist/styles/ 435 KB
62 KB 82ms
80ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8648c62f1a9443f27634c3a3e7bbf8e0d4160f26957393122d305d4a5b6dbb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Dec 2022 06:20:17 GMT
server: cloudflare
etag: W/"63a93d21-6cd9b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89a80a5ca4-FRA

GET
H2 200 style.css
www.silverfort.com/wp-content/themes/airfleet/theme/ 7 KB
2 KB 24ms
23ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/theme/style.css?ver=1671618813

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa28420038710defb143cc803a3970427b63968f1506d073635d9b4753f5552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 10:33:33 GMT
server: cloudflare
etag: W/"63a2e0fd-1c7d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89a80d5ca4-FRA

GET
H2 200 jquery.min.js Show response
www.silverfort.com/wp-includes/js/jquery/ 88 KB
31 KB 37ms
36ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: cloudflare
etag: W/"632879b8-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89a80f5ca4-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.silverfort.com/wp-includes/js/jquery/ 11 KB
4 KB 59ms
58ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d89a8105ca4-FRA

GET
H2 200 owl1fid.css
use.typekit.net/ 11 KB
1 KB 210ms
126ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/owl1fid.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

aa5e45475bdd0e0e071184e624df49a165aa98f6ee438c2c87c594605b86be8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 28 Dec 2022 21:57:39 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1218

GET
H3 200 20220315-104646u76P4g0vCA.png
www.silverfort.com/wp-content/uploads/2022/03/ 1 KB
2 KB 24ms
22ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/03/20220315-104646u76P4g0vCA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2088bbe79e60715b8ea7be7665905ec26d224d243496576ad25a6eb9e6b5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25741
cf-polished: origFmt=png, origSize=2667
content-disposition: inline; filename="20220315-104646u76P4g0vCA.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1314
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Mar 2022 09:46:57 GMT
server: cloudflare
etag: "62306091-a6b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8ade149273-FRA

GET
H3 200 uber-Featured_Resource_and_Blog_1234%C3%97402px.png
www.silverfort.com/wp-content/uploads/2022/09/ 138 KB
138 KB 70ms
67ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/09/uber-Featured_Resource_and_Blog_1234%C3%97402px.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17744f3d4d875e0c7bf85d63a82c77f7bc929cb88c21012268a9e3f7514075a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140889
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 22 Sep 2022 10:26:30 GMT
server: cloudflare
etag: "632c3856-22659"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8ade179273-FRA

GET
H3 200 uber-v3-1024x528.png
www.silverfort.com/wp-content/uploads/2022/09/ 154 KB
154 KB 65ms
63ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/09/uber-v3-1024x528.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b99974c0db168c46526a8d0223f931c4a66c6d2c0432020041311b881605a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157255
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 07:13:39 GMT
server: cloudflare
etag: "6333f423-26647"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8ade189273-FRA

GET
H3 200 Group-1706.svg
www.silverfort.com/wp-content/uploads/2022/03/ 1 KB
970 B 71ms
69ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/03/Group-1706.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

32e001ebc1bd1653eab527cbffb06152ed1bfcdc59ee1c563e5c2888d0ce9256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 30 Mar 2022 09:27:40 GMT
server: cloudflare
etag: W/"6244228c-42a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8ade199273-FRA

GET
H3 200 logo-white.svg
www.silverfort.com/wp-content/uploads/2022/03/ 3 KB
1 KB 22ms
21ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/03/logo-white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48933e42e6b01c0e6440663ae75fe6b30a592d62c68849941e5e87f58dccf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 34368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 16 Mar 2022 07:20:38 GMT
server: cloudflare
etag: W/"62318fc6-a1f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8ade1b9273-FRA

GET
H3 200 comment-reply.min.js Show response
www.silverfort.com/wp-includes/js/ 3 KB
2 KB 26ms
25ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/comment-reply.min.js?ver=66e8fa31dd90ecdac38737d39cdaff94

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 133904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"625095f6-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8abe019273-FRA

GET
H3 200 theme.js Show response
www.silverfort.com/wp-content/themes/airfleet/dist/ 817 KB
211 KB 35ms
34ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1671618813

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02340573a6a4ceaba95dfdede79c5d8ef1714d7d2ec0de260214b4bb1ecff66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 133904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 21 Dec 2022 10:33:33 GMT
server: cloudflare
etag: W/"63a2e0fd-cc414"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8ace0f9273-FRA

GET
H3 200 critical.js Show response
www.silverfort.com/wp-content/themes/airfleet/dist/ 67 KB
20 KB 64ms
62ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/critical.js?ver=1665057701

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b194a338115dd37944b5a2bdb7f89db24f80f6f9c46c96f7430776a64beb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 133904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 12:01:41 GMT
server: cloudflare
etag: W/"633ec3a5-10d12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8ade139273-FRA

GET
H3 200 lazyload.min.js Show response
www.silverfort.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 26ms
25ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 133904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Oct 2022 05:27:35 GMT
server: cloudflare
etag: W/"635f5cc7-2063"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8ade1c9273-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 239 KB
87 KB 150ms
67ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe56f3ac7b18d7f7e4985fb4ef5da039bab51c9ad8ec71bb2f026ddefec493f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88096
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Dec 2022 21:57:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 147ms
52ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/theme/style.css?ver=1671618813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38d12430fbe7930986695ab7520d0e52dbc7083a0fece69df6429399c5b27327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 21:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 20:15:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 21:57:39 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 215ms
22ms Script
application/x-javascript 23.43.30.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.30.157 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-30-157.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 21:57:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H3 200 ico-magnifying-glass.da6d672662.svg
www.silverfort.com/wp-content/themes/airfleet/dist/images/ 278 B
632 B 57ms
57ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/images/ico-magnifying-glass.da6d672662.svg

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

08641f81a1cad2dd12587dda89aada31d41b0cd118a7f36f49d8ad35c73a24e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 25741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 12:01:41 GMT
server: cloudflare
etag: W/"633ec3a5-116"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 780d8d8aee2b9273-FRA

GET
H3 200 siba-fold.png
www.silverfort.com/wp-content/uploads/2022/06/ 903 KB
904 KB 56ms
56ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/06/siba-fold.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8715a359c35b4368a1935b7ef713b59bfee747e3751d3aa4916123cbd0074d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 924618
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Jun 2022 17:22:07 GMT
server: cloudflare
etag: "62a0dabf-e1bca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8aee2e9273-FRA

GET
H3 200 font-geo-bold.cfccfc833b.woff
www.silverfort.com/wp-content/themes/airfleet/dist/fonts/ 71 KB
72 KB 55ms
54ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/fonts/font-geo-bold.cfccfc833b.woff

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76be5c19c356a3c2f75d7c9ec87bc2b98a190fb9bfbffe011e70d4d40185e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 133904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73140
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 12:01:41 GMT
server: cloudflare
etag: "633ec3a5-11db4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8aee319273-FRA

GET
H3 200 font-light.9c29541ad4.woff
www.silverfort.com/wp-content/themes/airfleet/dist/fonts/ 75 KB
76 KB 57ms
56ms Font
font/woff 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/fonts/font-light.9c29541ad4.woff

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

baf843869172f87fea84931930f9c64508fc67204f8d92a036ee409e5f964ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1672035617
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 109428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77012
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Oct 2022 12:01:41 GMT
server: cloudflare
etag: "633ec3a5-12cd4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 780d8d8aee339273-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 143ms
18ms Stylesheet
text/css 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=owl1fid&ht=tk&f=139.140.173.174.175.176.25136.25137.14723.42583.42584.42585.42586.42587.42588&a=4086036&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 v2-legacy.js Show response
js.hsforms.net/forms/ 21 KB
8 KB 169ms
137ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2-legacy.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1671618813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
x-amz-version-id: 4hYYQXtUP4onl2IIcZwFanC.Ox2y8YhW
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 10:30:00 UTC
server: cloudflare
etag: W/"cb5aceb381ddfd649db465a31c789ea3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmZ2X9uEUpvmVrjQt7nscrQY5%2BLddKVdYhbLEGR%2FffyFtuAIrbfghOdotOQ93gNh6XC1YQGgY%2BkgvOS%2BUBmBEssJ7BAxEapqrikCjt3okO5r6SBid%2FXaMnBpIVYj6r5N8mLhmG2NPZes9uBY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 780d8d8ba8396903-FRA
x-amz-cf-id: -PV3fEPQW-8j-_2dsdt6_gA8s6swqG6X_PER4RfeHKyVASRA5QV6-w==
x-hs-target-asset: FormsNext/static-5.549/bundles/legacy.js

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 504 KB
157 KB 65ms
33ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1671618813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
x-amz-version-id: uQ0RLN1jqr8UmbEUY0caJ.pZg.jtD3ww
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 134
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2513/bundles/project-v2.js&cfRay=780d8a43de255c7a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Dec 2022 10:06:54 UTC
server: cloudflare
etag: W/"53c7729f9a5c32a04b6d48dd118565af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP5kr9qbPSTFQZoqybyQGIt0c7u30u4ANcaaJlZ%2FirffBs9Xni7WofbUyv%2Fd2xC10HLrRL6RSHSnCav%2FdK0%2BvIgNhSMb902nSGl7Zi%2FeljSEIxxO%2BYNOJ2hwFVWnmxPhw%2FlgDgVQFm8S2muw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 780d8d8ba83a6903-FRA
x-amz-cf-id: Ua6oMDH1sOsRDhW5NGmb3u1UHcbsXLs7HalQbPX9HO3Ad7lDHF9DUA==
x-hs-target-asset: forms-embed/static-1.2513/bundles/project-v2.js

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 29 KB
29 KB 33ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9

Request headers

Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
server: nginx
etag: "1d1aed9a298449b26ef6d57c78caa88b6b5de306"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29764

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 33ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 31ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 56ms
7ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 20:20:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63890c9b-7ad6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10143
expires: Wed, 28 Dec 2022 21:57:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
14ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 21:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 415
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 28 Dec 2022 23:50:44 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 41ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17342
accept-ranges: bytes
content-length: 4654

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10831086858/ 2 KB
2 KB 96ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10831086858/?random=1672264659910&cv=11&fst=1672264659910&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&tiba=Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort&auid=1498829910.1672264660&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bae9a35b3a42a2b3bc4da224cf0fa38e46317a4e94f18f845e3b3a3717581e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-3289733.js Show response
static.hotjar.com/c/ 8 KB
4 KB 85ms
35ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3289733.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

931fd32436e92ad2be0b1f896ff8f63f3a2cce57249a11b6e0bc6210e218965d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 21:57:39 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/b8c736998471436ec628930ae2b9a276
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: CDbBxBWF5pDUUq9EEIotJCvhR_zgmcLv-y_xI642-wogVa4xR2Icbg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 62ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Dec 2022 21:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NmF8LYGxM2/CfSaC3Cj8imtC9YdvGHzfXtLrQqRsVa92+ttqhmjm+iAgcUzVK8te78EN+LTF3AgkGj986JJ7tQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4711332.js Show response
js.hs-scripts.com/ 2 KB
914 B 152ms
132ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4711332.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8d2c2397f0b4977305d3a2c7dd2894e30429b0855156cbd9e98c7d08ca60c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 28 Dec 2022 20:42:27 GMT
server: cloudflare
x-hubspot-correlation-id: e9cc83e7-ef94-4651-bbbe-7d4c680f4b99
x-trace: 2BB7583CD6B56BB9F39A742083F4E3846914ECFB4E000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 780d8d8c994e9b67-FRA
expires: Wed, 28 Dec 2022 21:58:40 GMT

GET
H2 200 lftracker_v1_lAxoEaKkRdoaOYGd.js Show response
sc.lfeeder.com/ 31 KB
11 KB 122ms
44ms Script
application/javascript 2600:9000:20dc:7800:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_lAxoEaKkRdoaOYGd.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20dc:7800:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a003679f1440dd73c3a33c9d0cba26d273f7c8ef1abadff106c14442c0a1bb68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: JEGHcQ_DBIvlnAOYp0CIHJaAPBnVm_6k
content-encoding: gzip
via: 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
date: Wed, 28 Dec 2022 21:57:40 GMT
last-modified: Wed, 23 Nov 2022 07:06:17 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
age: 1143
etag: W/"00356bece9c3523c3c2eb71b8545446c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: PM7cNB_2izbHinxDPK-EYh1C_McdNoB7tqfd0XM511RyauNqr928DA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 125ms
63ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4052YMBRRZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e015556146f1cf7d9a890fd99619920e52e5a8652df6047b20a4941252ae56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Dec 2022 21:57:40 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 37ms
37ms Script
application/x-javascript 23.43.30.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.30.157 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-30-157.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 28 Dec 2022 21:57:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Fri, 07 Apr 2023 21:57:39 GMT

GET
H2 200 json Show response
forms.hsforms.com/embed/v3/form/4711332/cee40b47-c2e6-4906-b7ed-988fb760e6f7/ 39 KB
5 KB 183ms
150ms XHR
application/json 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4711332/cee40b47-c2e6-4906-b7ed-988fb760e6f7/json?hs_static_app=forms-embed&hs_static_app_version=1.2513&X-HubSpot-Static-App-Info=forms-embed-1.2513

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99901d2627295d00ba5c81099f7bd816cb58ce7f374ea95dd0acceee6d817e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-origin-hublet: na1
date: Wed, 28 Dec 2022 21:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 403ea9c6-1f9d-42c0-add3-fe8d6df2bb96
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BB03E51ACF3BCFDF6A0B648ECF100EB0648A9CF11000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 780d8d8cd9d19b67-FRA

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/649297/domain/silverfort.com/ Frame 0
0 67ms
10ms Preflight 2600:9000:206f:1000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/649297/domain/silverfort.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 44562
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 28 Dec 2022 09:34:58 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-id: TEa5qBwiXcdOCsMW16gn3vs3o27DLn9VXQKlVEHfZKoFUzxjTVtGVw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/649297/domain/silverfort.com/ 36 B
375 B 11ms
11ms XHR
application/json 2600:9000:206f:1000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/649297/domain/silverfort.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Dec 2022 21:07:21 GMT
content-encoding: gzip
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3019
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: LwX_mm72heXC_UC6Ln6m1083hPSWzmm9zdnEXZHEt6z_0ZB9PfWsSA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D649297%26time%3D1672264659956%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-wor...

0
266 B

214ms
178ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&liSync=true&e_ipv6=AQJ7GLQRCIPe8wAAAYVavbX-nFKvXQxQTNt9KBjF0lY_lZvm99KXiBprmKqMcnSkMGp8VvBmRs4x
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 83B81D0BCE5F4DDFB700CED6DF08B1D6 Ref B: FRAEDGE2007 Ref C: 2022-12-28T21:57:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXw6nUSCsUHvtnaDCARJQ==

Redirect headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CD6C046754424D6AA2304F781B27666C Ref B: FRAEDGE1809 Ref C: 2022-12-28T21:57:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1672264659956&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&liSync=true&e_ipv6=AQJ7GLQRCIPe8wAAAYVavbX-nFKvXQxQTNt9KBjF0lY_lZvm99KXiBprmKqMcnSkMGp8VvBmRs4x
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXw6nUOxg2byShpoh2FBg==

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
818 B 62ms
7ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Dec 2022 21:57:40 GMT
AN-X-Request-Uuid: 0e80e216-672e-46cc-81a6-3d6c44564187
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.silverfort.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.249; 37.58.58.249; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 46ms
7ms XHR
text/html 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.silverfort.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
262 B 92ms
8ms XHR
text/html 2a02:26f0:3500:296::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:296::1c91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: acae3217f44f9a07cb87b95eb30bd2687d9a0a6eea8ac5dc2c70e18768ad3c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.silverfort.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2030:a004:1::8
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 23
expires: Wed, 28 Dec 2022 21:57:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
22ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=368915064&t=pageview&_s=1&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&ul=en-us&de=UTF-8&dt=Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=536227824&gjid=107337753&cid=1362065671.1672264660&tid=UA-145009438-1&_gid=2028063414.1672264660&_r=1&gtm=2wgbu0TDRW9VH&z=244234836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2473005616322330 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 159ms
141ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2473005616322330?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0053373ffccf23c6e6faa99825512b59c1f48bc554fbdda43f1ee3c98f8d888

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Dec 2022 21:57:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cnWXAMd+jOSmISfcDN2khI/VEQkxdVg8dLPLy7RDV9kdPxbR6HjDmfWmFFEWSknv2i5nazQP44UCv4TtWoqmig==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 61ms
8ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3289733.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 568235
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Z3aatIWOR5ybBLcmV-EgmQOhMW_BB1JRl0ac_L8s8q7rFIpLFuqQ6g==

GET
H2 200 /
www.google.com/pagead/1p-user-list/10831086858/ 42 B
548 B 71ms
27ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10831086858/?random=1672264659910&cv=11&fst=1672261200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&tiba=Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort&fmt=3&is_vtc=1&random=2616173179&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10831086858/ 42 B
548 B 64ms
27ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10831086858/?random=1672264659910&cv=11&fst=1672261200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&tiba=Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort&fmt=3&is_vtc=1&random=2616173179&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 279ms
206ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A39%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 74ms
44ms Image
image/gif 65.9.66.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=lAxoEaKkRdoaOYGd&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE0NTAwOTQzOC0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOltdLCJnYUNsaWVudElkcyI6WyIxMzYyMDY1NjcxLjE2NzIyNjQ2NjAiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi41OC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5zaWx2ZXJmb3J0LmNvbS9ibG9nL3ViZXItYnJlYWNoLWtleS10YWtlYXdheXMtd2h5LW1mYS1zZXJ2aWNlLWFjY291bnQtcHJvdGVjdGlvbi1wYW0tbXVzdC13b3JrLXRvZ2V0aGVyLXRvLXByb3RlY3QtYWdhaW5zdC1jb21wcm9taXNlZC1jcmVkZW50aWFscy8/c2JyYz0xY21zWlY1NkhyZGlGYmpoY1E1R2xWQSUzRCUzRCUyNDVWSUo4b1pReGZvQmg0RENRMVFRSlElM0QlM0QiLCJwYWdlVGl0bGUiOiJVYmVyIEJyZWFjaCBLZXkgVGFrZWF3YXlzOiBXaHkgTUZBLCBTZXJ2aWNlIEFjY291bnQgUHJvdGVjdGlvbiAmIFBBTSBNdXN0IFdvcmsgVG9nZXRoZXIgdG8gUHJvdGVjdCBBZ2FpbnN0IENvbXByb21pc2VkIENyZWRlbnRpYWxzIC0gU2lsdmVyZm9ydCIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiNDE1MDJhY2U2YmYxYzQ2MSIsInNjcmlwdElkIjoibEF4b0VhS2tSZG9hT1lHZCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuODFhZWNiNDA2MGNiYWU4Mi4xNjcyMjY0NjYwMDQ0IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-12.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 4f6eP2mLu9a8waT5YjUMdjGHiLbFNs5JhoVoAN93bGZAfpRkejs72w==

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame B1F2 2 KB
1 KB 47ms
8ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3289733.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-65.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.silverfort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2222138
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 04:42:02 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-id: QY8FG7ERlWkIZoaA6PSy-79TyGjkDq8-7rN41rqr4-USY3nWXHTEtg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 245ms
204ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2030%3Aa004%3A1%3A%3A8%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 49ms
17ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-145009438-1&cid=1362065671.1672264660&jid=536227824&gjid=107337753&_gid=2028063414.1672264660&_u=YEBAAEAAAAAAACAAI~&z=1006115396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 48ms
20ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-amz-version-id: uc7chkM909y9_fdLpHcf_jlYEUuyZ4oj
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 43
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.303/bundles/pixels-release.js&cfRay=780d8c806ff4bb4d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Dec 2022 06:51:27 UTC
server: cloudflare
etag: W/"cac538694d8cb071669002abe101c1fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 780d8d8d9e42bb3b-FRA
x-amz-cf-id: HeHMipt77X1eBuvr1BwY1zCEWs4X2lEey7veDm5LylYSyHN2HH_LoA==
x-hs-target-asset: adsscriptloaderstatic/static-1.303/bundles/pixels-release.js

GET
H2 200 4711332.js Show response
js.hs-banner.com/ 68 KB
18 KB 429ms
409ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4711332.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4176bee4122f33b90cf806a784f0b8d757eee37520dcab2b3a8f2541a6a615d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-amz-version-id: AElXZz9b.z4iYcc8qrYctAZ8ggAGO.Re
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: EKDBM2KAHWQG3YR7
x-amz-server-side-encryption: AES256
x-amz-id-2: /CmtoIVScjkyiOjuFGVEokY0npmHhU7w+CLuXoigOTucSOjjCa+e1QvAhp3YN5N8AGMxj0RQEOw=
last-modified: Tue, 25 Oct 2022 20:27:33 GMT
server: cloudflare
etag: W/"fc35e75db0db0b506ced2220d94a3c8c"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://go.silverfort.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 780d8d8d9e5990d4-FRA
expires: Wed, 28 Dec 2022 22:02:40 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 42ms
22ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-amz-version-id: zFL9ePVKol2FHiQyTIIp8GqFQtgXkdvq
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 197
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11564/bundles/project.js&cfRay=780d88be0b729153-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
server: cloudflare
etag: W/"3f8937b5e0033972ae4f0d4dcf06cffa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 780d8d8d9aa09bb2-FRA
x-amz-cf-id: zLeiIx_yLu5IFBQXxtV8uJ0gXdTmd4VrvAYbNAoO4d5PFt3EpPxRsg==
x-hs-target-asset: conversations-embed/static-1.11564/bundles/project.js

GET
H2 200 4711332.js Show response
js.hs-analytics.net/analytics/1672264500000/ 64 KB
20 KB 159ms
140ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1672264500000/4711332.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60df2613e989aa87f38e23c73d8ff9e6936a8406070f23b50ea273836cd8d954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: CK2854NT5E4Q5HHZ
x-amz-server-side-encryption: AES256
x-amz-id-2: y4p7XWhf9bqAjo3TTvw7pBdXSupfUvfYJWwWX2Os5N0PoVjNMeLiIGTe308Q73gbkdl3fvyZZQc=
last-modified: Thu, 01 Dec 2022 14:13:38 GMT
server: cloudflare
etag: W/"5f568c263065fe43b63c64fcad1ce855"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 780d8d8d9eec2bc9-FRA
expires: Wed, 28 Dec 2022 22:02:40 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
25ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-145009438-1&cid=1362065671.1672264660&jid=536227824&_u=YEBAAEAAAAAAACAAI~&z=802044196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 57ms
25ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-145009438-1&cid=1362065671.1672264660&jid=536227824&_u=YEBAAEAAAAAAACAAI~&z=802044196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 138ms
128ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 5e325103-6f11-4db3-a1e5-559c46747184
x-trace: 2B0620A9F26AC66CE8FCDBE9EB4AF03676A8AF779A000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 780d8d8e1b349183-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 65ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4052YMBRRZ&gtm=2oebu0&_p=368915064&cid=1362065671.1672264660&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672264660&sct=1&seg=0&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&dt=Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4052YMBRRZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:57:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 30 KB
30 KB 8ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3

Request headers

Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
server: nginx
etag: "a21f48c40e7bf9dfada3e63deed3f84d0cf8b79b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30440

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 446ms
428ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4711332&conversations-embed=static-1.11564&mobile=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&traceId=92cf2e494add4b32ab69ec3eb80ace91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 780d8d8e79972c03-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 28 Dec 2022 21:57:40 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gfj5qGA%2BRgtzkfld4e%2FLLQH3NmGF6NdLJWLn0Dy6tJG71gsCciHjrrOr1nAX5EACXV2ht4c97IDLY%2BjIL%2BdPO4FXibazqUpxuA5iIBdjbakrVvJZK7ginTnybJzYKumZ70%2FhbHY4M2%2FRwXvROA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 0becd7dd-e42d-4fdd-9ae6-e472b2b02047
x-trace: 2BFDF606DDCA1641083D6675AB05660C9EB0621783000000000000000000

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 180ms
170ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296f9973495d9586f9e6c109436976a922dce3844bbae9f1d56222a018f1f708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.silverfort.com/blog/uber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials/?sbrc=1cmsZV56HrdiFbjhcQ5GlVA%3D%3D%245VIJ8oZQxfoBh4DCQ1QQJQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e9a961c1-9887-4408-82e8-e97bf6cdce9c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1554
server: cloudflare
x-trace: 2B878B24DF0AFCB9BA36B2497B634FFE31955EF747000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUKEV4i7cX6KMaTYw2MjYzB6ee%2BOaYQwIRIzG23%2BwpUrvATHQ9OHCa8H0zGuaOIuZPbMlBZz85jPLJYALxscsHh%2FUz1W9HKuPE1kFtodPH%2BwWtp%2Fe3NgpNm3HctBXuBiPNXCPD5%2B6MJbqcS7EA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 780d8d913e1a9189-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
438 B 170ms
138ms Image
image/gif 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: b87f7133-36f0-49eb-a134-65ec52ffc4f3
x-trace: 2B1EC3E73A2B4461B19FB35C9B673E6331242F118E000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 780d8d8eaae66907-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2473005616322330&ev=PageView&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&rl=&if=false&ts=1672264660237&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672264660236.965626694&it=1672264659996&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Dec 2022 21:57:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3289733/ 148 B
322 B 145ms
40ms XHR
application/json 54.77.123.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3289733/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.123.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-123-157.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
152 B 34ms
18ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.silverfort.com
date: Wed, 28 Dec 2022 21:57:40 GMT
server: cloudflare
cf-ray: 780d8d9048a59b67-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 119ms
119ms Preflight
application/octet-stream 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 780d8d9068ee9b67-FRA
content-length: 0
content-type: application/octet-stream
date: Wed, 28 Dec 2022 21:57:40 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
136 B 137ms
135ms XHR
text/plain 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.silverfort.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 53409d07-055e-4fa2-8d71-ad27482c2523
x-trace: 2B5AC761B28785110767E7C52E1524DF0A9F474A66000000000000000000
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 780d8d912a3d9b67-FRA

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E747 0
18 B 34ms
16ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.silverfort.com
Referer: https://www.silverfort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.silverfort.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 21:57:40 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
561 B 184ms
165ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&t=Uber+Breach+Key+Takeaways%3A+Why+MFA%2C+Service+Account+Protection+%26+PAM+Must+Work+Together+to+Protect+Against+Compromised+Credentials+-+Silverfort&cts=1672264660801&vi=8fbde857f805b0a92d301da0a160fb31&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8d24a288-bc72-45d4-b75b-5657166c6408
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kz%2F2lDOMk8gQhOhzds7d%2FLdbimkI3nJzai%2FlMNagBvoqITFzGN6DNHCXSjh%2FmH4y6KUd1NJ4spUEUToK5xO%2BO%2FAIQtiqkARHNYrMZtFci3eJpyxQm2ZaWGPaGoac4XWmCnun9cK%2BtSDP2RmFvcIB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 780d8d922d8c9196-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
589 B 195ms
181ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=cee40b47-c2e6-4906-b7ed-988fb760e6f7&fci=031ffd56-a270-4a6e-b399-65fb75a4a15d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&t=Uber+Breach+Key+Takeaways%3A+Why+MFA%2C+Service+Account+Protection+%26+PAM+Must+Work+Together+to+Protect+Against+Compromised+Credentials+-+Silverfort&cts=1672264660802&vi=8fbde857f805b0a92d301da0a160fb31&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9f771d05-4407-436e-9b7b-fd2e66b871d4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2AMVnO%2F9MmQ%2FL%2BXFFOpiILFmL6f0qdQB8laAv5sZ3H8jZF7gzVHOsZxu5V%2Bac2%2FvfaEdmGoOlViRhCoI6G4gTSH%2FT%2BkstEs1LwOx9tnvX0RrZAln%2B9SfL2ZVpMCn%2Fw%2FsPri2PQjNckg%2BVlfiC9F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 780d8d922d8e9196-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
896 B 159ms
145ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=cee40b47-c2e6-4906-b7ed-988fb760e6f7&fci=031ffd56-a270-4a6e-b399-65fb75a4a15d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&t=Uber+Breach+Key+Takeaways%3A+Why+MFA%2C+Service+Account+Protection+%26+PAM+Must+Work+Together+to+Protect+Against+Compromised+Credentials+-+Silverfort&cts=1672264660803&vi=8fbde857f805b0a92d301da0a160fb31&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5c21cdd7-acbf-4c83-b57a-06686fc507d6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXOVzS7CNneraBUTzzqExd4gJ5vCAxm9LirJO3UKiHRx005CQ6ARg7UJF4Cq%2BVdPpR3DWrleH%2B1sQOalA5cCisN%2FyAj%2BYFKw56Ff78HeTmcqKGfEmQ258kMlnP%2BTn0vi7v9stmzztPvHYBLekmrx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 780d8d923d8f9196-FRA
x-robots-tag: none

GET
H2 200 92cf2e494add4b32ab69ec3eb80ace91 Show response
app.hubspot.com/conversations-visitor/4711332/threads/utk/ Frame 9CB0 51 KB
19 KB 247ms
246ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4711332/threads/utk/92cf2e494add4b32ab69ec3eb80ace91?uuid=688fae39bd114b5f95accf73b87880e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=silverfort.com&inApp53=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4183a2d536b885d553c40a1019ecb95a9ac5f70614c0c3613228c75b9e952a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.silverfort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 780d8d925dd59196-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14016/html/index.html&cfRay=780d8d925dd59196&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4711332%2Fthreads%2Futk%2F92cf2e494add4b32ab69ec3eb80ace91%3Fuuid%3D688fae39bd114b5f95accf73b87880e8%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dsilverfort.com%26inApp53%3Dfalse%26messagesUtk%3D92cf2e494add4b32ab69ec3eb80ace91%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252Fblog%252Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%252F%253Fsbrc%253D1cmsZV56HrdiFbjhcQ5GlVA%25253D%25253D%2525245VIJ8oZQxfoBh4DCQ1QQJQ%25253D%25253D%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.silverfort.com%2F&cfenv=prod&pdt=2022-12-28&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 28 Dec 2022 21:57:41 GMT
etag: W/"5f080c549f8437ecb0e4beb10a8fdb96"
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=780d8d925dd59196&resource=conversations-visitor-ui/static-1.14016/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-id: dQ4-1NshkcRh1nD21bA4fUmdben1USUx8vgQm_poWhDE-pf1ZSsjiw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: YSNPE3zUYj3dMXXqe1cCrPPL5YxQyJ0G
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.14016/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 223ms
223ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A39%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.245/ Frame 9CB0 44 KB
16 KB 69ms
36ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4711332/threads/utk/92cf2e494add4b32ab69ec3eb80ace91?uuid=688fae39bd114b5f95accf73b87880e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=silverfort.com&inApp53=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-amz-version-id: cXTDvGuwbPuMrVAW0W63IbeHNqDKyRYR
via: 1.1 4448f6f0cf46259e83792c753f97a4de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG3-C2
age: 1995864
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 07 Nov 2022 16:12:00 GMT
server: cloudflare
etag: W/"d0d928e20b2bebe8d43d510597af50e3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m3BTKTmplZsSvYYrXgzPE%2BXNROXKaQfSHC7pEEnKHv2QvGl%2BthjN6kmv4cWueqfAzxLE3cATrPH12jRUGUYdET7hs4ehRjJ9OhdqT0l9h2L3%2BO3kfvRUgYpfg7BGvIPPpx7WJzdC5FVEInz2hXMHy7rhMQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 780d8d942f889b76-FRA
x-amz-cf-id: NZMM9W6YOksw9w2W0yn12CVT7lDbBdBPxe6oj7h12rwhD8LjmvPskg==
expires: Thu, 28 Dec 2023 21:57:41 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/ Frame 9CB0 20 KB
4 KB 59ms
26ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13884/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-amz-version-id: hYgqjzdqx6QyhZH807FkloiLc0TGhAXY
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 183053
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 19:04:10 GMT
server: cloudflare
etag: W/"0e729a3fa047d67852c356071b611db3"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfAk8bOBrtUJh0EJS5EDH4kCoH8EOKNcq8Kxh2Ru5nCYNYo4BTSX65TspqVZnjzkh7cfnOp4RR%2FbrOu%2FjQCOIN%2BXt8AhrC%2FNaexBgx1BkI5L7Mvk%2BtGkO%2BcyoGdXkBFYWRxha1%2BAxILc7Yz9odmRUjNxuzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 780d8d942ddf9b52-FRA
x-amz-cf-id: WMhmsun7-RKJzaMyPH9__6yxHP2m8oOsv3srJWoTkLT2jHx8512CHw==
expires: Thu, 28 Dec 2023 21:57:41 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.332/ Frame 9CB0 295 KB
94 KB 68ms
35ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.332/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-amz-version-id: 5fbvyIgmgfc2EQptzTy6EeP9FKqExCxl
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ZRH50-C1
age: 1821916
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Nov 2022 18:32:01 GMT
server: cloudflare
etag: W/"d9e371a943207738b889e588b0560980"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIU%2BDjIhzYb0ki0uOUp6Jx2DPAZT6anfy%2FwX0yXcEr%2FusFTNO9CK2gBXS4cSIsItX4bdw36TUTaTCC38YTme%2BW8yBH60tdP3whW%2BXbG08qJOyGVTsDeFRNami8tH48%2B2q2Pgp0w0Uar6dYLu7bUsNdKEHJI%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 780d8d942f8c9b76-FRA
x-amz-cf-id: Il0EWD-kn3HKET2fi1rquXfznVDKMbbZcb4jyxitZL5fSwPCYsRYOA==
expires: Thu, 28 Dec 2023 21:57:41 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/ Frame 9CB0 587 KB
173 KB 59ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f51049cdd08297abbda5d1fcbda5b06d271e790919e798c9855a1759e60e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-amz-version-id: vUhUT370SWrRv6puTlWERgGVif4lytZl
via: 1.1 d445f4d86ae3548024d9f2737c3d18c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FCO50-P4
age: 1304307
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 19:13:14 GMT
server: cloudflare
etag: W/"395556906df4b75c6fcd3aea08aa9765"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04w4WjX2YG6eUlRRPIsQ7Sz6eWPjl7C%2B%2BZnKJr5sGMiqEJ4fE7Hl5FRUshsQ%2B%2FOp4zqJvh5C9ABynQJdQ%2FYLRWoDLmOOtDYEPhsvOYXeMYRvAf2W66yhT%2F2BWjBOe%2F73gmn6wfw3OXfQ%2FBYDJk%2Bd3oTEb3E%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 780d8d942f8e9b76-FRA
x-amz-cf-id: N7FOz2eqlSXlzMdvOx6Y2HfSaMEsldar-wutAM5qFpSNF-wODp49FQ==
expires: Thu, 28 Dec 2023 21:57:41 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13999/ Frame 9CB0 776 B
1 KB 102ms
92ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13999/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
x-amz-version-id: H95IoIXm8BglMNCwpDfkD_PTva4.Qjnp
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 1304305
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Dec 2022 22:36:55 GMT
server: cloudflare
etag: W/"ffc83dec8d5478899f21f43c06da8205"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24tNM6ovUyrw5WITMSJpzsCGnvO6givHkjD3V2QIL4h1HcO5Nus8RcsYxt%2FhmvJl7beZtwlDcUZ2UrRadhd8msS0PB1mXcN1LXLn8uqxK2uWsOjLkm%2FgrvKQm1Vgjdr9plsIr29U99k%2BnhAVQuOEI%2F2nyjk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 780d8d950883904c-FRA
x-amz-cf-id: te_xDV2G8V-vBQJwNLjwhAUKXayEvWaS1mfgscQwv9grWBTG6hy29w==
expires: Thu, 28 Dec 2023 21:57:41 GMT

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 9CB0 0
1 KB 186ms
173ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14016

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14016/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/4711332/threads/utk/92cf2e494add4b32ab69ec3eb80ace91?uuid=688fae39bd114b5f95accf73b87880e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=silverfort.com&inApp53=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6c28b78b-3703-41d2-b6a5-2878eb6e8708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1PdcDvi272vzHOlkbooMImrjkziD1YZ33CBMN9dUdytbclW5uvMDqoZpyihdkZrTU9qVcTrAfWvXptB0a0RErjKXWkkYz6P%2F4ocbOvmo%2B3aCGKQ%2BkqCiJMRM0Xn8DY5C2wAkPcjmOzWBj5ZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 780d8d95e8ff9122-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H3 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/789402/ Frame 9CB0 852 B
1 KB 204ms
197ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/789402/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14016&conversations-visitor-ui=static-1.14016&traceId=92cf2e494add4b32ab69ec3eb80ace91&sessionId=AMOaWbI0mGra79a-_-mDKgggzmQpBWULWFoINQrOOae7vX6_wn1DpTSSVOJgE4642Pu25EdSwNnniqo8PZtvw4geXyJM3-PksCjNQhwhTxoTYy4AZ7LhjTAKBqtzVR6U2QlppgSJ1F9Qx8Vm2poE1nz7GU8JeRgyAAyOD-X27w--5uKCgxpG7Ik

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.245/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d20d4fd89ae62c3525e9cebe68e01a8204ce25c11a232a99cff25a22349cc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/4711332/threads/utk/92cf2e494add4b32ab69ec3eb80ace91?uuid=688fae39bd114b5f95accf73b87880e8&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=silverfort.com&inApp53=false&messagesUtk=92cf2e494add4b32ab69ec3eb80ace91&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fbfb7afe-dc50-4066-ac57-2795271584d5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B5B5FB0D0E4E3E324F00A9818525008A14854CF3D000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgK291Uqg%2BocRIVX3zK1Cy3I4Ylp70VLPsHEIH9vDbiPCMQArS9ezFGaKtnLbON6eTK6%2FxapNN0bLlI7QYxdeCciHYsqx5%2Fxez8gbkr%2FdQw8egsV2X1xoSyskChYd%2F6OQfk09Aeq6DBkezvvhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 780d8d95e8fb9122-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 187ms
187ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A40%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 187ms
187ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A41%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:43 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 185ms
184ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:44 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 linkedin%20profile%20image.png
f.hubspotusercontent30.net/hub/4711332/hubfs/ Frame 9CB0 1 KB
2 KB 555ms
470ms Image
image/webp 2606:4700::6810:b972

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent30.net/hub/4711332/hubfs/linkedin%20profile%20image.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b972 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f5618ff037ba0f1787505fdcb8e8cfee6114b41b9a950b9e70d3bbc2eb12f136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 174637
x-amz-cf-pop: IAD89-P1
cf-polished: origFmt=png, origSize=2329
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43322290033,P-4711332,FLS-ALL
cache-tag: F-43322290033,P-4711332,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="linkedin%20profile%20image.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 1382
last-modified: Wed, 07 Dec 2022 17:11:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "39ea9e9c0d393a1ebefd8b76faa43a88"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 780d8da93cb59b51-FRA
x-amz-cf-id: yEI3YBjWh2BOwm4GDGPs99tnaAYJgUHDkcQXV9Zrm5pKsxRVp9wHSA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 192ms
191ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=1312249e-0037-47ea-8891-22de77ad2b72&session=e8448d4e-6fd9-4de6-8aa5-374583b73d8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Dec%202022%2021%3A57%3A43%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Uber%20Breach%20Key%20Takeaways%3A%20Why%20MFA%2C%20Service%20Account%20Protection%20%26amp%3B%20PAM%20Must%20Work%20Together%20to%20Protect%20Against%20Compromised%20Credentials%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fuber-breach-key-takeaways-why-mfa-service-account-protection-pam-must-work-together-to-protect-against-compromised-credentials%2F%3Fsbrc%3D1cmsZV56HrdiFbjhcQ5GlVA%253D%253D%25245VIJ8oZQxfoBh4DCQ1QQJQ%253D%253D&pageViewId=81c00349-a510-43d4-89c1-5fbb1414cc5f&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:57:45 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.silverfort.com/	1970-01-20 10:40:40	Name: _gcl_au Value: 1.1.1498829910.1672264660
.silverfort.com/	1970-01-20 08:32:31	Name: _gid Value: GA1.2.2028063414.1672264660
.silverfort.com/	1970-01-20 08:31:04	Name: _gat_UA-145009438-1 Value: 1
.doubleclick.net/	1970-01-20 08:31:05	Name: test_cookie Value: CheckForPermission
www.silverfort.com/	1970-01-20 08:41:09	Name: _an_uid Value: 0
www.silverfort.com/	1970-01-20 18:07:04	Name: _gd_visitor Value: 1312249e-0037-47ea-8891-22de77ad2b72
www.silverfort.com/	1970-01-20 08:31:19	Name: _gd_session Value: e8448d4e-6fd9-4de6-8aa5-374583b73d8a
www.silverfort.com/	1970-01-20 08:32:31	Name: ln_or Value: eyI2NDkyOTciOiJkIn0%3D
.silverfort.com/	1970-01-20 18:07:04	Name: _lfa Value: LF1.1.81aecb4060cbae82.1672264660044
.linkedin.com/	1970-01-20 09:14:16	Name: UserMatchHistory Value: AQJ5Wd9nsvTXUgAAAYVavbRn78IfzanQH0dxfS1q_X01F7K1H6nMc_T4klgWINqsyvUH8h6CKLg7HQ
.linkedin.com/	1970-01-20 09:14:16	Name: AnalyticsSyncHistory Value: AQKBUbfx08q1WAAAAYVavbRnmjDw-g-6RHN0FQGJ5iWN2tMbEVNU2HIL7PULV1zW-Ye2Bs3W8pvxxVmO8gcf0A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:16:40	Name: bcookie Value: "v=2&7789eda6-fa9f-4b9a-8ca5-06cdc44f06b5"
.linkedin.com/	1970-01-20 08:32:31	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2547:u=1:x=1:i=1672264660:t=1672351060:v=2:sig=AQHmi02riizpuLMgQPqbSqmKvHA9FF48"
.silverfort.com/	1970-01-20 18:07:04	Name: _ga_4052YMBRRZ Value: GS1.1.1672264660.1.0.1672264660.0.0.0
.silverfort.com/	1970-01-20 18:07:04	Name: _ga Value: GA1.1.1362065671.1672264660
.silverfort.com/	1970-01-20 10:40:40	Name: _fbp Value: fb.1.1672264660236.965626694
.silverfort.com/	1970-01-20 17:16:40	Name: _hjSessionUser_3289733 Value: eyJpZCI6ImJmNjM2MDQ0LTFiZjUtNWQ4Ni1hZjA1LTVmODM2YWUxNDdlZCIsImNyZWF0ZWQiOjE2NzIyNjQ2NjAwOTksImV4aXN0aW5nIjpmYWxzZX0=
.silverfort.com/	1970-01-20 08:31:06	Name: _hjFirstSeen Value: 1
www.silverfort.com/	1970-01-20 08:31:04	Name: _hjIncludedInSessionSample Value: 0
.silverfort.com/	1970-01-20 08:31:06	Name: _hjSession_3289733 Value: eyJpZCI6IjkzMTEzNmJkLTNlOWYtNDdlMy04YThlLTc5NWViYTg0YzBlNyIsImNyZWF0ZWQiOjE2NzIyNjQ2NjAyNDQsImluU2FtcGxlIjpmYWxzZX0=
www.silverfort.com/	1970-01-20 08:31:04	Name: _hjIncludedInPageviewSample Value: 1
.silverfort.com/	1970-01-20 08:31:06	Name: _hjAbsoluteSessionInProgress Value: 0
.6sc.co/	1970-01-20 18:07:04	Name: 6suuid Value: cfd5ce17f1600000d4bbac63330100006f7c2f01
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:16:40	Name: bscookie Value: "v=1&20221228215740cddf0436-a166-4632-80e1-08079b9b42e0AQH1xJGS38dwOsz5NndxO1ZgSv6mRiam"
.linkedin.com/	1970-01-20 12:50:16	Name: li_gc Value: MTswOzE2NzIyNjQ2NjA7MjswMjHwQprUPJH094+4TF1E6Ya9eKTe3e7IkAfUi78m67Rlig==
.hubspot.com/	1970-01-20 08:31:06	Name: __cf_bm Value: LncPzSO53TaJs4O4zGP4xYd49oUBJEUSTDhLNtPwy8M-1672264661-0-AexzcZ1Cye/HXGe1QPmrmOcnF0ILTc+gm4uT5WIPy2vB5nZcFah1hqXzeqvMB+VlpU/Ldk0xVrMYWsw5CnVFu1E=
.silverfort.com/	1970-01-20 12:50:16	Name: messagesUtk Value: 92cf2e494add4b32ab69ec3eb80ace91

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
app.hubspot.com
app.salesloft.com
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
connect.facebook.net
f.hubspotusercontent30.net
fonts.googleapis.com
forms-na1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
in.hotjar.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.usemessages.com
munchkin.marketo.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sales.silverfort.com
sc.lfeeder.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
tr.lfeeder.com
track.hubspot.com
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.silverfort.com
13.107.42.14
141.193.213.20
143.204.215.65
18.66.97.37
2001:4860:4802:32::36
23.43.30.157
2600:9000:206f:1000:2:53b2:240:93a1
2600:9000:20dc:7800:1f:f723:6fc0:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:5505
2606:4700::6810:5705
2606:4700::6810:b972
2606:4700::6811:44b0
2606:4700::6811:73b0
2606:4700::6811:7d2
2606:4700::6811:b649
2606:4700::6811:d4cc
2606:4700::6811:eecc
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:830::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9c
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:296::1c91
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.232.180.134
37.252.171.149
52.29.231.247
54.77.123.157
65.9.66.12
96.16.137.162
99.86.4.101
02340573a6a4ceaba95dfdede79c5d8ef1714d7d2ec0de260214b4bb1ecff66f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08641f81a1cad2dd12587dda89aada31d41b0cd118a7f36f49d8ad35c73a24e2
0aa28420038710defb143cc803a3970427b63968f1506d073635d9b4753f5552
0e2088bbe79e60715b8ea7be7665905ec26d224d243496576ad25a6eb9e6b5f4
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e015556146f1cf7d9a890fd99619920e52e5a8652df6047b20a4941252ae56a
27b194a338115dd37944b5a2bdb7f89db24f80f6f9c46c96f7430776a64beb34
296f9973495d9586f9e6c109436976a922dce3844bbae9f1d56222a018f1f708
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32e001ebc1bd1653eab527cbffb06152ed1bfcdc59ee1c563e5c2888d0ce9256
334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0
38d12430fbe7930986695ab7520d0e52dbc7083a0fece69df6429399c5b27327
38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a
3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222
4176bee4122f33b90cf806a784f0b8d757eee37520dcab2b3a8f2541a6a615d4
48f51049cdd08297abbda5d1fcbda5b06d271e790919e798c9855a1759e60e9f
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5876c2096fc247c54eb08226f1e290b4127c7843c41003ec42041bc9cb3ec022
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
60683b1ed3f6fafffb3cb0700713964708e7b7965b7be9e33b97976dadef48c3
60df2613e989aa87f38e23c73d8ff9e6936a8406070f23b50ea273836cd8d954
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7bd1989f03f297ee3eb31e02148f3b00de8752e57edf8820d9e4d6efd223a5
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d20d4fd89ae62c3525e9cebe68e01a8204ce25c11a232a99cff25a22349cc57
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8648c62f1a9443f27634c3a3e7bbf8e0d4160f26957393122d305d4a5b6dbb00
8715a359c35b4368a1935b7ef713b59bfee747e3751d3aa4916123cbd0074d2e
8b99974c0db168c46526a8d0223f931c4a66c6d2c0432020041311b881605a3f
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d
931fd32436e92ad2be0b1f896ff8f63f3a2cce57249a11b6e0bc6210e218965d
99901d2627295d00ba5c81099f7bd816cb58ce7f374ea95dd0acceee6d817e59
a003679f1440dd73c3a33c9d0cba26d273f7c8ef1abadff106c14442c0a1bb68
a17744f3d4d875e0c7bf85d63a82c77f7bc929cb88c21012268a9e3f7514075a
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
aa5e45475bdd0e0e071184e624df49a165aa98f6ee438c2c87c594605b86be8d
acae3217f44f9a07cb87b95eb30bd2687d9a0a6eea8ac5dc2c70e18768ad3c44
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bae9a35b3a42a2b3bc4da224cf0fa38e46317a4e94f18f845e3b3a3717581e27
baf843869172f87fea84931930f9c64508fc67204f8d92a036ee409e5f964ded
be4183a2d536b885d553c40a1019ecb95a9ac5f70614c0c3613228c75b9e952a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df64d64810052218d1c083e1bcf45e4fae2f972879a0928b81b8bfe4fd8c27d1
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76be5c19c356a3c2f75d7c9ec87bc2b98a190fb9bfbffe011e70d4d40185e22
eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0053373ffccf23c6e6faa99825512b59c1f48bc554fbdda43f1ee3c98f8d888
f0690400723e03c32d39e4cd16927f0698eb86effbb015b62b574ab0f3380dbf
f48933e42e6b01c0e6440663ae75fe6b30a592d62c68849941e5e87f58dccf35
f5618ff037ba0f1787505fdcb8e8cfee6114b41b9a950b9e70d3bbc2eb12f136
fd8496b904ded0ea8472d611839277a6a8091398ededfd2aa6b57f2eba97a3df
fd8d2c2397f0b4977305d3a2c7dd2894e30429b0855156cbd9e98c7d08ca60c1
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe56f3ac7b18d7f7e4985fb4ef5da039bab51c9ad8ec71bb2f026ddefec493f9

www.silverfort.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

99 %HTTPS

69 %IPv6

29 Domains

45 Subdomains

36 IPs

6 Countries

2794 kBTransfer

6141 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.silverfort.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

99 %
HTTPS

69 %
IPv6

29
Domains

45
Subdomains

36
IPs

6
Countries

2794 kB
Transfer

6141 kB
Size

29
Cookies

92 HTTP transactions
0 data transactions