www.reliaquest.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/
Effective URL:
https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Submission: On April 30 via api (April 30th 2023, 7:40:46 pm UTC) from CA — Scanned from CA

Summary HTTP 248 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 73 IPs in 5 countries across 58 domains to perform 248 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.reliaquest.com. The Cisco Umbrella rank of the primary domain is 843651.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2022. Valid for: a year.

This is the only time www.reliaquest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2600:9000:251... 2600:9000:2511:aa00:9:91af:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
34	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.164.116.120 18.164.116.120	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
7	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
9	23.33.238.177 23.33.238.177	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1400:900... 2600:1400:9000::687e:74bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.111.50.91 104.111.50.91	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:24f... 2600:9000:24f1:6600:1b:8908:cd40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
4	3.98.63.202 3.98.63.202	16509 (AMAZON-02) (AMAZON-02)
2	52.70.155.243 52.70.155.243	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
69	13.225.223.92 13.225.223.92	16509 (AMAZON-02) (AMAZON-02)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
3	2600:9000:21e... 2600:9000:21ec:8000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:500... 2600:141b:5000::b81c:be9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:220... 2600:9000:2209:8e00:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
5	52.85.61.51 52.85.61.51	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:251... 2600:9000:2511:5800:12:53a8:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:900... 2600:1400:9000::687e:74b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.225.123.41 34.225.123.41	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	18.202.10.197 18.202.10.197	16509 (AMAZON-02) (AMAZON-02)
1	104.65.240.220 104.65.240.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1400:900... 2600:1400:9000::687e:74b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2600:9000:23c... 2600:9000:23cb:f400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.209.49.222 52.209.49.222	16509 (AMAZON-02) (AMAZON-02)
1	54.237.159.171 54.237.159.171	14618 (AMAZON-AES) (AMAZON-AES)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
1	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
12 15	2600:1f18:61c... 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
4 4	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
2 3	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.226.150.14 3.226.150.14	14618 (AMAZON-AES) (AMAZON-AES)
1	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	34.237.152.5 34.237.152.5	14618 (AMAZON-AES) (AMAZON-AES)
8	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	34.252.150.197 34.252.150.197	16509 (AMAZON-02) (AMAZON-02)
248	73

2 2600:9000:2511:aa00:9:91af:d140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.reliaquest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.116.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-120.jfk50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81e::2001 (New York, United States)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.33.238.177 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-177.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:9000::687e:74bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.50.91 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-50-91.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:6600:1b:8908:cd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

kdl.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.98.63.202 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-98-63-202.ca-central-1.compute.amazonaws.com

resources.digitalshadows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.155.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-155-243.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 13.225.223.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-92.jfk51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21ec:8000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:5000::b81c:be9b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:8e00:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.85.61.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-51.ewr53.r.cloudfront.net

content.cdntwrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2511:5800:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cihost.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74b2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.123.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-123-41.compute-1.amazonaws.com

co-events.anyword.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

438-kyk-786.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.10.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-10-197.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.65.240.220 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-240-220.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74b1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:23cb:f400:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.49.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-49-222.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.159.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-159-171.compute-1.amazonaws.com

flipbot.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

457-xey-671.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.35.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.164 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.150.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-150-14.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.152.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-152-5.compute-1.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.150.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-150-197.eu-west-1.compute.amazonaws.com

csmetrics.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 10855	875 KB
34	reliaquest.com www.reliaquest.com — Cisco Umbrella Rank: 843651	267 KB
20	adroll.com 13 redirects s.adroll.com — Cisco Umbrella Rank: 3473 d.adroll.com — Cisco Umbrella Rank: 1979 ipv4.d.adroll.com — Cisco Umbrella Rank: 12163	37 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 12305 c.6sc.co — Cisco Umbrella Rank: 16337 ipv6.6sc.co — Cisco Umbrella Rank: 13024 b.6sc.co — Cisco Umbrella Rank: 7606	14 KB
8	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 14354 metrics.api.drift.com — Cisco Umbrella Rank: 14407 event.api.drift.com — Cisco Umbrella Rank: 15898 targeting.api.drift.com — Cisco Umbrella Rank: 16256	10 KB
7	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	5 KB
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2028 insight.adsrvr.org — Cisco Umbrella Rank: 805 match.adsrvr.org — Cisco Umbrella Rank: 451	6 KB
7	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 366 lh6.googleusercontent.com — Cisco Umbrella Rank: 1213 lh4.googleusercontent.com — Cisco Umbrella Rank: 1205 lh3.googleusercontent.com — Cisco Umbrella Rank: 143
6	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	1 KB
6	digitalshadows.com 1 redirects www.digitalshadows.com resources.digitalshadows.com digitalshadows.com	117 KB
5	uberflip.com cihost.uberflip.com — Cisco Umbrella Rank: 136111 flipbot.uberflip.com — Cisco Umbrella Rank: 373383	206 KB
5	cdntwrk.com content.cdntwrk.com — Cisco Umbrella Rank: 138903	411 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171 in.hotjar.com — Cisco Umbrella Rank: 2738 csmetrics.hotjar.com — Cisco Umbrella Rank: 20563	74 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6272	13 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	64 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 621	896 B
3	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 37767 ibc-flow.techtarget.com — Cisco Umbrella Rank: 47960	2 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 26138 scout.salesloft.com — Cisco Umbrella Rank: 29936	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	253 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3612	11 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4642	27 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	99 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18375	577 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 535	742 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	560 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 707	525 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	2 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 1156	881 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	mktoresp.com 438-kyk-786.mktoresp.com 457-xey-671.mktoresp.com	800 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3240	40 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 920 p.typekit.net — Cisco Umbrella Rank: 1162	1 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8003	515 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 406 www.google.com — Cisco Umbrella Rank: 16	655 B
2	keywee.co kdl.keywee.co — Cisco Umbrella Rank: 426070 cdn.keywee.co — Cisco Umbrella Rank: 21719	32 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	10 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1356	222 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1377	493 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 987	287 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 6011	392 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	394 B
1	t.co t.co — Cisco Umbrella Rank: 584	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 7215	161 B
1	marketo.com lonrtp1-cdn.marketo.com — Cisco Umbrella Rank: 207036	42 KB
1	anyword.com co-events.anyword.com — Cisco Umbrella Rank: 415156	295 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	13 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	7 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1867	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1749	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
248	58

	Domain	Requested by
69	js.driftt.com	www.reliaquest.com js.driftt.com
34	www.reliaquest.com	www.reliaquest.com
15	d.adroll.com	12 redirects s.adroll.com resources.digitalshadows.com
5	b.6sc.co
5	content.cdntwrk.com	resources.digitalshadows.com content.cdntwrk.com
4	match.adsrvr.org	js.adsrvr.org
4	cm.g.doubleclick.net	4 redirects
4	s.adroll.com	1 redirects resources.digitalshadows.com s.adroll.com
4	cihost.uberflip.com	resources.digitalshadows.com cihost.uberflip.com
4	px.ads.linkedin.com	4 redirects
4	resources.digitalshadows.com	www.reliaquest.com content.cdntwrk.com resources.digitalshadows.com
4	fonts.gstatic.com	fonts.googleapis.com
4	munchkin.marketo.net	www.reliaquest.com munchkin.marketo.net resources.digitalshadows.com
4	cdnjs.cloudflare.com	www.reliaquest.com resources.digitalshadows.com
3	ib.adnxs.com	2 redirects resources.digitalshadows.com
3	idsync.rlcdn.com	2 redirects resources.digitalshadows.com
3	ipv6.6sc.co	j.6sc.co
3	c.6sc.co	j.6sc.co
3	cdn.linkedin.oribi.io	snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.reliaquest.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.reliaquest.com www.googletagmanager.com resources.digitalshadows.com
3	nexus.ensighten.com	www.reliaquest.com nexus.ensighten.com
3	static.addtoany.com	www.reliaquest.com static.addtoany.com
3	cdn.jsdelivr.net	www.reliaquest.com
3	fonts.googleapis.com	www.reliaquest.com cihost.uberflip.com
2	targeting.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	epsilon.6sense.com	j.6sc.co
2	eb2.3lift.com	1 redirects resources.digitalshadows.com
2	ups.analytics.yahoo.com	1 redirects resources.digitalshadows.com
2	us-u.openx.net	1 redirects resources.digitalshadows.com
2	pixel.rubiconproject.com	1 redirects resources.digitalshadows.com
2	pippio.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects resources.digitalshadows.com
2	x.bidswitch.net	1 redirects resources.digitalshadows.com
2	stackpath.bootstrapcdn.com	resources.digitalshadows.com
2	www.google.ca	www.reliaquest.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	px4.ads.linkedin.com	www.reliaquest.com resources.digitalshadows.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	scout.salesloft.com	scout-cdn.salesloft.com
2	snap.licdn.com	www.reliaquest.com www.googletagmanager.com
2	lh3.googleusercontent.com	www.reliaquest.com
2	lh4.googleusercontent.com	www.reliaquest.com
2	lh6.googleusercontent.com	www.reliaquest.com
1	csmetrics.hotjar.com	static.hotjar.com
1	insight.adsrvr.org	1 redirects
1	secure.adnxs.com	j.6sc.co
1	ipv4.d.adroll.com	resources.digitalshadows.com
1	sync.taboola.com	resources.digitalshadows.com
1	image2.pubmatic.com	resources.digitalshadows.com
1	sync.outbrain.com	resources.digitalshadows.com
1	tags.rd.linksynergy.com	1 redirects
1	analytics.twitter.com	resources.digitalshadows.com
1	t.co	resources.digitalshadows.com
1	457-xey-671.mktoresp.com	munchkin.marketo.net
1	static.ads-twitter.com	www.googletagmanager.com
1	flipbot.uberflip.com	content.cdntwrk.com
1	content.hotjar.io	script.hotjar.com
1	p.typekit.net	use.typekit.net
1	lonrtp1-cdn.marketo.com	resources.digitalshadows.com
1	in.hotjar.com	script.hotjar.com
1	438-kyk-786.mktoresp.com	munchkin.marketo.net
1	www.google.com	www.reliaquest.com
1	co-events.anyword.com	www.reliaquest.com
1	digitalshadows.com	resources.digitalshadows.com
1	use.fontawesome.com	resources.digitalshadows.com
1	use.typekit.net	resources.digitalshadows.com
1	unpkg.com	resources.digitalshadows.com
1	alb.reddit.com	www.reliaquest.com
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.keywee.co	kdl.keywee.co
1	www.linkedin.com	1 redirects
1	www.redditstatic.com	www.reliaquest.com
1	static.hotjar.com	www.googletagmanager.com
1	trk.techtarget.com	www.reliaquest.com
1	kdl.keywee.co	www.reliaquest.com
1	scout-cdn.salesloft.com	www.reliaquest.com
1	j.6sc.co	www.reliaquest.com
1	lh5.googleusercontent.com	www.reliaquest.com
1	code.jquery.com	www.reliaquest.com
1	www.digitalshadows.com	1 redirects
248	87

This site contains links to these domains. Also see Links.

Domain
reliaquest.wd5.myworkdayjobs.com
cyber.dhs.gov
github.com
www.solarwinds.com
blogs.microsoft.com
portal-digitalshadows.com
www.linkedin.com
twitter.com
www.youtube.com
www.facebook.com
www.addtoany.com

Subject Issuer	Validity	Valid
*.reliaquest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-02` - `2023-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.keywee.co Amazon RSA 2048 M02	`2023-03-04` - `2024-04-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
resources.digitalshadows.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-04-03` - `2023-07-03`	3 months	crt.sh
*.anyword.com Amazon RSA 2048 M02	`2023-02-23` - `2023-08-03`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
content.cdntwrk.com Amazon RSA 2048 M01	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.uberflip.com Amazon RSA 2048 M01	`2023-02-20` - `2023-08-03`	5 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
www.digitalshadows.com Amazon RSA 2048 M02	`2023-02-28` - `2023-06-30`	4 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
flipbot.uberflip.com R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M02	`2022-12-14` - `2024-01-13`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Frame ID: 4E37BDF82714DD1CCBA2F24D82FEF206
Requests: 112 HTTP requests in this frame

Frame: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Frame ID: 7BB8BA913677B23C6B86A2EA7694D797
Requests: 52 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 13DFADA7ED7F110AA492E1200C096785
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
Frame ID: 742A6B52CBE2746AD454932E12B13BCC
Requests: 38 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
Frame ID: 8F864E32DFD788DC00BFEAF8983CF8ED
Requests: 36 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0
Frame ID: 9DF9E0BE163292E898CB292B85651B5C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 1A63A14605EE09BF28E554242950F493
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189&google_gid=CAESEMz1sWb8_U1XF7HcxawbBgc&google_cver=1
Frame ID: D3591DB904E94ADA58F52F82C415593D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6917147059973758152&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189
Frame ID: 06EB55C7F000A4708A087C3F913C0B30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SolarWinds Compromise: What security teams need to know - ReliaQuest

Page URL History Show full URLs

https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/ HTTP 301
https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

248
Requests

94 %
HTTPS

42 %
IPv6

58
Domains

87
Subdomains

73
IPs

5
Countries

2793 kB
Transfer

8786 kB
Size

66
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://reliaquest.wd5.myworkdayjobs.com/ReliaQuest_Careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://cyber.dhs.gov/ed/21-01/
Title: Emergency Directive

Search URL Search Domain Scan URL

URL: https://github.com/fireeye/sunburst_countermeasures
Title: https://github.com/fireeye/sunburst_countermeasures

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/securityadvisory
Title: https://www.solarwinds.com/securityadvisory

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/
Title: https://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/

Search URL Search Domain Scan URL

URL: https://portal-digitalshadows.com/client/intelligence/incident/67054788
Title: Public Intelligence

Search URL Search Domain Scan URL

URL: https://portal-digitalshadows.com/client/intelligence/event-profiles/5623/overview
Title: Threat Profile

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/reliaquest/

Search URL Search Domain Scan URL

URL: https://twitter.com/ReliaQuest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdPuTyaN5bU3_GmCNFgzl3Q

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ReliaQuest/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/ HTTP 301
https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3664348%26time%3D1682883641320%26url%3Dhttps%253A%252F%252Fwww.reliaquest.com%252Fblog%252Fsolarwinds-compromise-what-security-teams-need-to-know%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true&liSync=true&e_ipv6=AQIg2sl4DH5d1AAAAYfTroFWa8jkjs_ccG4fRW-Eo_bpOGLbA_D18O11A2sZGrz_4mEOSK91

Request Chain 132

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 134

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F&e_ipv6=AQL1Sn9S5pNsnwAAAYfTroNf_swDx16idEmXZDy0DoCSvjicokXWAJl0fCouCXRaoNPC8-aW

Request Chain 141

https://d.adroll.com/cm/b/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

Request Chain 142

https://d.adroll.com/cm/g/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=4gw5SRPHeAFEU9HwZWiTxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=4gw5SRPHeAFEU9HwZWiTxw&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 143

https://d.adroll.com/cm/index/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642&C=1

Request Chain 144

https://d.adroll.com/cm/l/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=e20c394913c778014453d1f0656893c7 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzcQABoNCLqIu6IGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=7a9093bd69e7946648df9ef3ee3842b6f4fb2d077f518eaedccfe4ad037e8354791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YTkwOTNiZDY5ZTc5NDY2NDhkZjllZjNlZTM4NDJiNmY0ZmIyZDA3N2Y1MThlYWVkY2NmZTRhZDAzN2U4MzU0NzkxNDI2YjU0MTdkY2UyMRAAGgwIuoi7ogYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YTkwOTNiZDY5ZTc5NDY2NDhkZjllZjNlZTM4NDJiNmY0ZmIyZDA3N2Y1MThlYWVkY2NmZTRhZDAzN2U4MzU0NzkxNDI2YjU0MTdkY2UyMRAAGgwIuoi7ogYSBAgCEABCAEoA&google_gid=CAESECyxpxU0ZTMpxpxPP52LIPs&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=6d2cfdb9-f362-4419-b593-23510bb8b4ce

Request Chain 145

https://d.adroll.com/cm/n/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expires=365

Request Chain 146

https://d.adroll.com/cm/o/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent=

Request Chain 147

https://d.adroll.com/cm/outbrain/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=

Request Chain 148

https://d.adroll.com/cm/pubmatic/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 149

https://d.adroll.com/cm/r/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 150

https://d.adroll.com/cm/taboola/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

Request Chain 151

https://d.adroll.com/cm/triplelift/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 152

https://d.adroll.com/cm/x/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

Request Chain 159

https://insight.adsrvr.org/track/up?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0

Request Chain 219

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=feb618e9-aebb-4eb8-bbcc-66e6628fd189&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZmViNjE4ZTktYWViYi00ZWI4LWJiY2MtNjZlNjYyOGZkMTg5&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189&google_gid=CAESEMz1sWb8_U1XF7HcxawbBgc&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6917147059973758152&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189

248 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Redirect Chain

https://www.digitalshadows.com/blog-and-research/solarwinds-compromise-what-security-teams-need-to-know/
https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

97 KB
24 KB

439ms
367ms

Document
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

5f1594ba40c75345c40700d534d166e7ecc71b50961a0d3e69f1418cb283918d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.reliaquest.com/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c024201291141cd-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 19:40:40 GMT
last-modified: Mon, 10 Apr 2023 17:37:27 GMT
link: <https://www.reliaquest.com/wp-json/>; rel="https://api.w.org/" <https://www.reliaquest.com/wp-json/wp/v2/posts/55263>; rel="alternate"; type="application/json" <https://www.reliaquest.com/?p=55263>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7E%2F4nJeu%2FFTnUWuIUo7Z40eIw4wstbudkWPv8dgD6hMH%2FLl1W9T4t0xZSKyl8E%2FH84Q33Xf7HU1vtFo4JMU2k3Nt9cysfk3%2B37rMIoJWeZPDB1qvhTLsgXGgsUNIG0evz5GGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://www.reliaquest.com/
x-powered-by: WP Engine

Redirect headers

content-length: 0
date: Sun, 30 Apr 2023 19:40:40 GMT
location: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
server: CloudFront
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-id: 2h4dy4Fd2VpNC0DXcdO7gW2bssHJXi3BaLtSyJJfNcwxbGiuZ9_u_Q==
x-amz-cf-pop: JFK50-P6
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
783 B 89ms
40ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700;800&display=swap

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6daf77b61e152369a6b812e2bc3398d1dc62dc78875d1e9fcf7dcfdadbefdc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 19:40:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 19:40:40 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ 69 KB
25 KB 47ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 269465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25150
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-623e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsWRMYsnooJj3BqD5Ns7%2BV8wzSNUBAoqbUHg2%2B%2FhdEvG4Xp1W7y2xUHrvk7BDOOnma4gUXbzzbdg3VSOd6z2yyOYHdXSD%2BCFehemAQZdya4KkwKFloOyjftu7mNrx0tXS5%2F%2F0M8DscxUuJN6Ew1jb7lz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c024203aac5713f-YUL
expires: Fri, 19 Apr 2024 19:40:40 GMT

GET
H2 200 ScrollTrigger.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ 39 KB
15 KB 51ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ScrollTrigger.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be08df326777a8b33cbcd047765e7dc6b8ddf620dcf64a85402ffc8fa006caab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 264912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14847
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-39ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F4gRiBT5OQnqfo4ywNFCnHpbYgBpbJZZwkFUtwelzpHWjwMxozs%2Bt0RoGil6UM3KsLbkg6j8tUrbdgOwPr0XQLlhjxufX6wtrMGcqwfGlwj7PyByImhcVAzd%2BhZOvji%2FsrHBK%2BOuaBUd6ctzN2JYmUo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c024203aaca713f-YUL
expires: Fri, 19 Apr 2024 19:40:40 GMT

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
3 KB 84ms
17ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 19:40:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4356573
x-jsd-version: 4.1.0-rc.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2487
x-served-by: cache-fra-eddf8230031-FRA, cache-yyz4563-YYZ
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
72 KB 23ms
16ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
age: 3998458
x-jsd-version: 4.1.0-rc.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 73163
x-served-by: cache-fra-eddf8230125-FRA, cache-yyz4563-YYZ
x-jsd-version-type: version
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.min.css
www.reliaquest.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 36ms
32ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 19:48:19 GMT
server: cloudflare
etag: W/"64273903-17ced"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPIT%2Fye9rPSFdbJ0tbK8iaTGTkfTivKKqg9XKPm4w7wQ2P48hadGn2hO6fzZR5NsJS%2Bnz16gfkGQ62zn8TjGJViaqyQRlS9lWj9IHeqVj39oHARBByTG52xc6EzuMtCWY7PtHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb941cd-EWR

GET
H2 200 classic-themes.min.css
www.reliaquest.com/wp-includes/css/ 291 B
495 B 30ms
26ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 19:48:17 GMT
server: cloudflare
etag: W/"64273901-123"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcXdSw59G27Y4ZVsLsjmy%2F5fO1e8JjUTYq7KjEkay%2FuSFKEq8ISEJ66W0f9%2BTij%2FJeV25pxUwqbbhGx75hTFWmWi2CVe3zkt986FcueIzvJz2aMGCthk48eniFMyEn7EJIp%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242038baf41cd-EWR

GET
H2 200 wpp.css
www.reliaquest.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
903 B 29ms
25ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.1.1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 15:43:13 GMT
server: cloudflare
etag: W/"644be991-688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZZST4kKicpTQtlD2qjIYWI8Qg1y5BiyDHL8kk0uGjcSRgxuDO0INbIWzDKCpLrkOxgNveJ9OMhRua0sns%2BvzCW1VNvu5S%2FAyhnfiLHAy9DofTbbuzuL2l%2FLSpmaFfpOucvyGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242038bb141cd-EWR

GET
H2 200 main.css
www.reliaquest.com/wp-content/themes/t220908406929/dist/css/ 338 KB
56 KB 38ms
35ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/css/main.css?ver=1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad146cbd18d3a4a3c3a0671f43154e31f49e623e5123771f4054258f6a02430

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 14:54:26 GMT
server: cloudflare
etag: W/"644bde22-547dc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyNMTmtge26QaeFHUKnPnJQ4HHL2Eal7b1einm7JTkWFiADzpgclR8Dj9ND1uCBNgyWPWqwdF8flLL%2BGlQ45PrWa%2BuwqkUH2USdMcgZqa3412Vbp4FOpQJDI9z4xg%2BPaighCXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb341cd-EWR

GET
H2 200 style.css
www.reliaquest.com/wp-content/themes/t220908406929/ 656 B
681 B 33ms
30ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/style.css?ver=1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f838c4e8cdd29bcfca2067e65c001a8a300b30252263aca6ec24dd333ab7c622

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Feb 2023 18:20:37 GMT
server: cloudflare
etag: W/"63ed2275-290"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIR5tNPhV51LFFszAU%2FSavbSHqSk1zBmwnI6ra0bgZQM4PoN1nEwu4U83d2kR2I7IdEbWyDhj1Q50pAsmoZ1id80RiGz6IlNkSiH1QzYMI70brj197EJL864gFX26mN1qIm33w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb541cd-EWR

GET
H2 200 style.basic.css
www.reliaquest.com/wp-content/plugins/ajax-search-lite/css/ 19 KB
4 KB 37ms
34ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.11.2

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9bd365a7c60ee6c9c7c5c9be05f7f18ef7023cd4d44d062a96af1364842c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 20:53:32 GMT
server: cloudflare
etag: W/"64498f4c-4cfc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdX9mtixdg8Vc05rt2Hi5qF7%2B3upd48OGl5x%2FzRSVMdvfx%2FcIJNtZpJQO5jjr%2BuIJoJPRpU7%2FN77upjxhELjJskx0F4D6z7SlTY2xqbgy%2BdBsmUrjcNoirJFIjq05Dr7%2BcYeXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb641cd-EWR

GET
H2 200 style-underline.css
www.reliaquest.com/wp-content/plugins/ajax-search-lite/css/ 7 KB
2 KB 34ms
31ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/css/style-underline.css?ver=4.11.2

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e29ee33096bf86713f05642843b5b0493c1886d942c2c89cfcaa7f44b7acdb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 20:53:32 GMT
server: cloudflare
etag: W/"64498f4c-1a9c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEzE5IAT8qp26WB2w8pOIVhLVlOKvN1bTct2eh5afUs6JHvI%2F5wFKvUKTURh2eDNAvR0tppSOgmrIGOZCpuUF%2BXhI0JBw4hQUKnZeE4CvlbaIiZ%2FmKsl%2FPTgOHHjaizuzOguEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb741cd-EWR

GET
H2 200 addtoany.min.css
www.reliaquest.com/wp-content/plugins/add-to-any/ 1 KB
756 B 31ms
28ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:56 GMT
server: cloudflare
etag: W/"63dd5c7c-5ef"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ofuyaO3rf40Ae7TNzaId4p9CugZDhtV8Whs%2BeeOYcib5Iee92XARpJU3qN8sZyn8%2FzMeYafgojQr%2FUt%2BFN74eOTVsDzyOwyI0D6E2RFJIBmTSNPThnlCP1Sh8VdL7K3RVztuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bb841cd-EWR

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 173ms
105ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 157419
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7c024204fab3a232-YYZ

GET
H2 200 jquery.min.js Show response
www.reliaquest.com/wp-includes/js/jquery/ 88 KB
32 KB 54ms
51ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 19:48:15 GMT
server: cloudflare
etag: W/"642738ff-15ed7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcemDeWnJUMyqJxzDO%2Fjl%2Bqm5NMtoqYhOokk3QvDJcbMyg%2FYoH7oRDUy55hzQ7LcDjtK%2FdZDnE%2BQ0UXgIGyCHVy%2FUDsLuOGXRNuQBQMMvN3F1clCYnUa32JsrowdVK%2FW6VVcsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c024203abd541cd-EWR

GET
H2 200 jquery-migrate.min.js Show response
www.reliaquest.com/wp-includes/js/jquery/ 13 KB
5 KB 31ms
29ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 19:48:15 GMT
server: cloudflare
etag: W/"642738ff-3470"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rn4BOXesSjzHZyoKLNck%2Fm9JWLpNZB0LSmqYt9l1gLC2eDQNIF3EI3l%2FZl6iGQxGjTqynDQ2acpiFLC3ioGrjr5rSb9bxfj5rzlMxNyfnF69fyMmokhMXPDiBe9%2F912aglDDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bba41cd-EWR

GET
H3 200 addtoany.min.js Show response
www.reliaquest.com/wp-content/plugins/add-to-any/ 129 B
574 B 83ms
77ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:56 GMT
server: cloudflare
etag: W/"63dd5c7c-81"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2P9MDnaq9voflC%2FuxHpF9%2F87fMrRqi3menfz0FSaqLx2FaruvEpg73WfbGYDRDkl39fvKuhMh9nm7K5aKvNhCWlXZyDTHapU8PgFvivtoiPpTwLw3Boyz12f9xew%2FVW3%2BoJGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c413344-EWR

GET
H2 200 wpp.min.js Show response
www.reliaquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 35ms
33ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 15:43:13 GMT
server: cloudflare
etag: W/"644be991-bd7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuVDGZtfHh9O4dd13KbhlDFxKqvQoGwRegfO6FbIBEvpAFJgrrRyhZzLS1p2Ha26LwIx%2BNBOZ2Ri1sgAJowEVFTagP7a1B3OsggVABKeGKeIoKMvlwgiszhj5ey2Y4%2BjopWc2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242039bbc41cd-EWR

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/15024/ 28 KB
9 KB 84ms
19ms Script
application/javascript 18.164.116.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15024/Bootstrap.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-120.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: d46dac91d649962de0e5ee214add05b95f1558ca59aa0b7914cb5c4f20bd7400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 00:50:06 GMT
x-amz-version-id: WZYnTEr_b_CotQgLY0v9QXFs2jeR_Lld
content-encoding: br
via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 19853435
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Aug 2021 16:53:08 GMT
server: CloudFront
etag: W/"86b515958048a5e373f3b3607fe6fd2d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: biHIeNWmlAc0AjLL3iIyVM_8qpjbBOgnHtS78H440b8LkaxzmujvIQ==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 100ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.reliaquest.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
x-hw: 1682883640.dop185.dc2.t,1682883640.cds044.dc2.hn,1682883640.cds235.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 98 KB
17 KB 42ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8254303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17041
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-4291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=800UQcKXlTNDRLpBXD%2F%2BEyWDWv7NqH1TrxNBh5ubFWKP8ZDYy3Ptrprw%2BBB%2FVSvvGOS6eBfZ9Y%2B25yCI%2FxNzY0G1ca1LMKwJ9DnkVY4BAf10dfqAa%2F4g%2FW7jy0GNKggpKeg9kfR%2BCsi74vpy4TXV9zKu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c024203b95b7154-YUL
expires: Fri, 19 Apr 2024 19:40:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 81ms
35ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9cd64ca9fca199d4366d499a84f6678bf0a2da7f87fa16217a042b6813d4ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 19:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 19:38:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 19:40:40 GMT

GET
H3 200 logo.svg
www.reliaquest.com/wp-content/themes/t220908406929/dist/images/ 6 KB
3 KB 83ms
78ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/images/logo.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2298d58f76f75135d021b0f1aa558defa9e66a1cc384b3eedde0f0904fa72def

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:50 GMT
server: cloudflare
etag: W/"63dd5c76-1768"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN8vvz8QpgXrAcNZh93TN7HsSGvSEwDcE3ETik6EG%2BQQxgWEmyQQJQ11KQ3SMD5jN%2F3mVu7C8wnKxblLCK7x0OwpSLxbxNnQ%2BgsrNQ7gFRDLZL1uXs7EFnZHgjQyZkc5n%2FcCYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c423344-EWR

GET
H3 200 logo-dark.svg
www.reliaquest.com/wp-content/themes/t220908406929/dist/images/ 6 KB
3 KB 84ms
78ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/images/logo-dark.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc46e11ef889c4607d9befe335305d246d312cb0cda290d3beb75a722d417979

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 16:56:25 GMT
server: cloudflare
etag: W/"644bfab9-177e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=as56jDyQPwf%2FE%2FcToiR25Du2ddHU4tSXvm0tjrLBb1J4TagN98gfL3cUjONVI0W115W3bNhlt6TruTsVicV3sDd9XqVPrdhVxdW1JO%2BTuSAP1mtgG4O8q%2BcwEW1e3DmmMCg8sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c433344-EWR

GET
H3 200 nav-collapse-decor.svg
www.reliaquest.com/wp-content/themes/t220908406929/dist/images/ 2 KB
1 KB 84ms
79ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/images/nav-collapse-decor.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90cd085fb1b820cab7d04a52702a189d2a3cf9ffbcf1ef3b354283d65d7fa24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:50 GMT
server: cloudflare
etag: W/"63dd5c76-760"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BdusroQTvVhTCKw1j44zZWJHRappkW1QEG7%2FmyeEkd8Uu4bE45nb%2FJ2YK%2BHFFLBUltl%2FG6ZX3kNVJ%2BT6sYVg3KSHeKbOlB5DFsmDFLbllwwzfvo0MpQMht0VyRzMd8doDPSbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c453344-EWR

GET
H3 200 Solarwinds-2-512x354.png
www.reliaquest.com/wp-content/uploads/2020/12/ 9 KB
9 KB 202ms
197ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/uploads/2020/12/Solarwinds-2-512x354.png

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1cf3e53fae14d873db3bb34e6a1a2abe0cde9310a088f45382450e76ec770aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8803
last-modified: Thu, 20 Apr 2023 22:51:39 GMT
server: cloudflare
etag: "6441c1fb-2263"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BMVZvGihEXadVKELmmsvCTxblealpXQ0x4Z8b01Fytlcpbi5p5pO3i%2Fh%2B0Iormh6%2FfrAuQzfJBirrhr42YNuXajj%2BVepdTjbgEA%2FQ%2BUCXx7IerLUFZIc9eFRsEHUICXPxb5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c0242049c463344-EWR

GET
H2 403 d-gdL-_h7f6CM9nhwEVqhxllHkQ8Sb0qhEx8PYGPDQGa6ljOPbZrMogeCSQ1QeZX5GyfCk354GP6h3ZbxjGlOtErkhk3NVbC3T9ZOlrm-MZ9GkPC7caQVvvepWWGx65GodHykzaA
lh5.googleusercontent.com/ 0
0 488ms
421ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh5.googleusercontent.com/d-gdL-_h7f6CM9nhwEVqhxllHkQ8Sb0qhEx8PYGPDQGa6ljOPbZrMogeCSQ1QeZX5GyfCk354GP6h3ZbxjGlOtErkhk3NVbC3T9ZOlrm-MZ9GkPC7caQVvvepWWGx65GodHykzaA
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 QLXgn8dj3cVtsVxZrKcb5V2uMR-ZNz8igvWQNx0DiASEK7jfeWJqYrkCy5j4_4LfqMmVoIykMS2nMFRMr3ia2eoRgzckwwVoyvn6IlWN-tNmf4qZgmLKOgbjWyaippr4W4eKJvUD
lh6.googleusercontent.com/ 0
0 384ms
317ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh6.googleusercontent.com/QLXgn8dj3cVtsVxZrKcb5V2uMR-ZNz8igvWQNx0DiASEK7jfeWJqYrkCy5j4_4LfqMmVoIykMS2nMFRMr3ia2eoRgzckwwVoyvn6IlWN-tNmf4qZgmLKOgbjWyaippr4W4eKJvUD
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 lcoggNPlahx2vuXg_Yl3ruG23gN2Z0LBcspKLmLX2LESuHdovd4ZtcxtYUzOiZE4kA564yMRAvQSB647i6hJFMDHAun2F4yZGXbPQe67agnsqCGgaJITpazNP6krTwZrKKzDPw1n
lh4.googleusercontent.com/ 0
0 406ms
339ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/lcoggNPlahx2vuXg_Yl3ruG23gN2Z0LBcspKLmLX2LESuHdovd4ZtcxtYUzOiZE4kA564yMRAvQSB647i6hJFMDHAun2F4yZGXbPQe67agnsqCGgaJITpazNP6krTwZrKKzDPw1n
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 fv1jTZHBF13g-LrG2jjl_ScDEfBcz-CIn0-aYtnCkzaIF8vtdmsgJWKSkN1ot6FguNQM-SPBN_YD1ShbICZ0g2ygTv2mN6dwPVjgaDDw-HDGcH3Gad2Cp3ljKDVveKo4PR5326cj
lh6.googleusercontent.com/ 0
0 330ms
263ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh6.googleusercontent.com/fv1jTZHBF13g-LrG2jjl_ScDEfBcz-CIn0-aYtnCkzaIF8vtdmsgJWKSkN1ot6FguNQM-SPBN_YD1ShbICZ0g2ygTv2mN6dwPVjgaDDw-HDGcH3Gad2Cp3ljKDVveKo4PR5326cj
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 B66NuSHSWIEYYpkH-YXahkpuiW3C4GqYvUJmrTTsGsxWmoFfqW1WJjeVERAvywvPN2_WrRZv8hTxekFEZJIO0cxMYwJsVmEtNM4TIwOJ2jYKbiJ91FRmsKx-ZRbVjzOmwvCEqUgO
lh3.googleusercontent.com/ 0
0 305ms
238ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/B66NuSHSWIEYYpkH-YXahkpuiW3C4GqYvUJmrTTsGsxWmoFfqW1WJjeVERAvywvPN2_WrRZv8hTxekFEZJIO0cxMYwJsVmEtNM4TIwOJ2jYKbiJ91FRmsKx-ZRbVjzOmwvCEqUgO
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 403 blWmtNEQNLHbU31gtvnQBay_G_OInMR1GHqMuhVh8e3psZxjJtDdgeMuurNuUcJ_bfBbvYCQFS2VST7LjNSdMys7ZohyOfmEQ1pJsdABiiflkQ0v3KfSyYouyMLjXiyR6OzQz-Vw
lh4.googleusercontent.com/ 0
0 411ms
345ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh4.googleusercontent.com/blWmtNEQNLHbU31gtvnQBay_G_OInMR1GHqMuhVh8e3psZxjJtDdgeMuurNuUcJ_bfBbvYCQFS2VST7LjNSdMys7ZohyOfmEQ1pJsdABiiflkQ0v3KfSyYouyMLjXiyR6OzQz-Vw
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 facebook.svg
www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/ 1 KB
1 KB 39ms
35ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/facebook.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ea329c09b4cc22cd4391b26ca2b66257eb824e590d4de2a760ccbfccf70bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Mar 2023 20:02:36 GMT
server: cloudflare
etag: W/"6402525c-407"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za1mpRwruEuXK7YJd0PrZblYbnXHaEam7IvMqr8q0wpjsBSP77HAlcJaj%2Ftxx083ZoRcBD2VK61he06RrX66eFE9lkiqQD%2FvPFuVnJxbZNP3wQys0JYeKtJUkpG0Wd7S%2BRW46w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c473344-EWR

GET
H3 200 twitter.svg
www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/ 2 KB
1 KB 40ms
35ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/twitter.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbed512058e04b44d9a434d7df8bd293e1669fce2a5365d6a817361c5fcae8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Mar 2023 20:02:36 GMT
server: cloudflare
etag: W/"6402525c-69a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRcPCLa8vU%2FS4YsiI%2ByL1%2BTI3KFJAmvq9O2iqX4LkkfZ1sKfuZPIKaK1iXOArJNmlw%2BZX3Awr0lhNiW%2F%2FPO3yxzChHOQcbAc8J5CYU7BmMdjl9h43CalBEsQJhxSykSJ1%2FKVeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c483344-EWR

GET
H3 200 linkedin.svg
www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/ 1 KB
1 KB 84ms
79ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/linkedin.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f524309c83549cab1b81b931d905888234eecf709e4aa0ade136daa5edbb5246

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Mar 2023 20:02:36 GMT
server: cloudflare
etag: W/"6402525c-4e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Belkf%2BtVZi1aU38mnSKWuHbi%2BLH%2BTkXlYywXollPfXmboIEX130y0weZzQ7Ie58N3saoREhqd9miqd47bY1pn3Wfzdd80MxtsIoAeGL11QfY9aslBqmzGtOBSux3HqYXdKgVCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c493344-EWR

GET
H3 200 link.svg
www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/ 2 KB
2 KB 84ms
80ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/themes/reliaqv1/assets/images/link.svg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c81c322867056949b4836c5860843392b7da5dcb563ec2e99f8a5c05f7e74106

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Mar 2023 20:02:36 GMT
server: cloudflare
etag: W/"6402525c-913"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWZb4S3N1eomXStEw%2B%2FydWixYyKEBG%2F%2B4AUq6sYNBwvYgT0Ew8TMkPUmERTwYRvcGvcUteZDEVV75c0TmjwT7qFqQXqclQLl85ttx%2FeBepIsbRgKvwB1kCE4wSvucOVsDHKj1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c4b3344-EWR

GET
H3 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/ 79 KB
24 KB 37ms
17ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 19:40:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1363975
x-jsd-version: 5.2.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24684
x-served-by: cache-fra-eddf8230122-FRA, cache-yyz4562-YYZ
x-jsd-version-type: version
etag: W/"13a70-XI9suYM5fetlZzuWGoZXz9YROtk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 main.js Show response
www.reliaquest.com/wp-content/themes/t220908406929/dist/js/ 274 KB
66 KB 37ms
37ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/js/main.js?ver=1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

926773c274b37042dd566c469b55cfc8011475f31ee55fa98507933bb5c5d598

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 17:43:15 GMT
server: cloudflare
etag: W/"644c05b3-4495f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkEhqvnFJ2qbAYkW%2FvFJdHBrjtkv8J%2F%2FCxk8MHSZnK8XYmQaziv%2FL7WjdMT41cuzj1VFLAtnqKsCggfCs1h2Js8IKcVoJrH0V8%2FxsYTKgF9Kfn%2BKh9GGYgsu6IR9X6ae5yOSBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242047c1c3344-EWR

GET
H3 200 theme.js Show response
www.reliaquest.com/wp-content/themes/t220908406929/ 7 KB
2 KB 27ms
26ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/theme.js?ver=1

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3456009db33740c7f2eb412d9d308a3beb1dbd1fc63c73f1d2d8d436915f85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Feb 2023 18:20:37 GMT
server: cloudflare
etag: W/"63ed2275-1da9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhuJx9HnWD0zZttdpsOu%2FtFvS4LwThieenzx8Z7niejNzQn0ZWzcF5oo23zcwSAuxRO%2BlMJQlX4VW5WOir1IUhz1Mpe%2FDNycKt8QBmGoFjNiW1kQFrhWn8CUi1chREtehrDo8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242048c223344-EWR

GET
H3 200 asl-prereq.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 20 KB
7 KB 66ms
65ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:55 GMT
server: cloudflare
etag: W/"63dd5c7b-4e74"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF3Hdc3yA2NBQWnQ08GEVPg8ITWM4js%2FZb1cSa98w9y6tHjhwHrgz4KsaJtRmcnfSHaZGVn0e%2FWnCCEAgUd5SLID6ztH4wlmP0sHxXPH1oULbzIMSarWjA01gxZt4VY8DUsF0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242048c313344-EWR

GET
H3 200 asl-core.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 39 KB
11 KB 68ms
62ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a759130737e704a439f7ff5343435b471664cc63c53bf209ad736ab172c77dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 20:53:32 GMT
server: cloudflare
etag: W/"64498f4c-9b3a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdyG7ZRGj58GGEHzipUBi6zvB97EZ3u26FmDd3riuoDtnmosz4aMq01%2BjoFUohF2BQdUAMoCgcmicDZzZ4gphrchXfpyRD%2BrnfC5BJvJ%2Ftxn6q9lAz1mvhZWLpAN4Idm5Oodow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c3a3344-EWR

GET
H3 200 asl-results-vertical.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 1 KB
1 KB 80ms
75ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:55 GMT
server: cloudflare
etag: W/"63dd5c7b-566"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO9iQlfo7Obp%2By5NzNrrKr4f8Zy28ZhDZ%2BgxW%2F0iKATnOhLoXdA5xoPuWCV7Cx1flRjv8r%2Bqy6diP7vn7KKMDgCUYlzvYx7UYJaIN25BZErVRIQB2q92byc33oJKP545nFR2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c3c3344-EWR

GET
H3 200 asl-autocomplete.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 2 KB
1 KB 40ms
34ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

358d031ae310f2f7949026440ade6a6e0d1bf52733503156366796bf2d401347

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:55 GMT
server: cloudflare
etag: W/"63dd5c7b-680"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bljt9aJ3AXIgoyOQXiN2nk9TO9i0RkwY%2Bh0yhK2isrFb4mHYO0tF2wBDlEqYO%2BRc73zQRYV1cg31Xy7EOCJf7lJD0x2SOV7WCBbs0VSmeGzjpAI62Z2VfnHoSaaaCecZLqm6eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c3e3344-EWR

GET
H3 200 asl-load.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 71 B
552 B 41ms
35ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 19:11:56 GMT
server: cloudflare
etag: W/"63dd5c7c-47"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTrNTFS3ks6hsA%2FBuhZnX4P3DCnB0pYcKfI%2FtReNYdbKVEgdOcQHu12Q%2FZZQgGIu1rC%2BLKgzNEz5zE3AR%2BFTdtRSCIpZgGIu%2BFBXlIu%2FsThoGZc92HthAxMKBjkQFFtTT9JLew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c3f3344-EWR

GET
H3 200 asl-wrapper.js Show response
www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/ 5 KB
2 KB 83ms
77ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4758

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24ae6a65149ffe0da1014b697c38330cd07a74017d231e395885378eee4a806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176973
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Apr 2023 20:53:32 GMT
server: cloudflare
etag: W/"64498f4c-146d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p0%2B0jK%2FTgMx6pYviijOdDID9Fm1xmePXr3%2FyAzq2lqXTrr%2FwMN8lnib2AQtdwGMGBymv5WtRn7L%2FQW3%2BWznsMuTbCJhv%2FlN5xJBOx%2BpJ2iLM6LjIsHhKhc%2B2rCbh24GWvG12A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c403344-EWR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 267 KB
91 KB 96ms
46ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f29982ec0ae139ba84a54234418dfdf0a36443c03a78e197082f3c189ddb6cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93250
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.reliaquest.com/wp-includes/js/ 18 KB
5 KB 84ms
80ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 19:48:15 GMT
server: cloudflare
etag: W/"642738ff-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6jGO6ZLeiH8fqt9EIQBvJwy2Xmk3X5GF6qrLYpR7HZ%2FW6dKjH6x%2FsU5pOJgOr8ZfGwEgAWK4DjFZKGj1iTIDBwJA1%2B97SXB2NqRys5us8EdtbgCbaSPLniFXaBmBpCPSjaObg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242049c4c3344-EWR

POST
H3 201 popular-posts Show response
www.reliaquest.com/wp-json/wordpress-popular-posts/v1/ 55 B
809 B 425ms
424ms XHR
application/json 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.1.1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

87f080e5c5ef7ecedf3a6a85178b9c8b30583bff0410d49ac3435945979ca79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.reliaquest.com/

Request headers

Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WP Engine
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
allow: GET, POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.reliaquest.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FGfWM3HmTR%2F%2FMIq2NOTmLuJZPmR%2BkaWT05Wq1jrzSo9ycNPURtb%2FvyO0SEuduwPUrXqZxKJ%2F%2FZ7Ed%2BgVIy%2F5iRIFpeo%2BKBIlGS4Zllf3iFoMdl9tpXt1eYf%2Bfv4jAeTuGg0CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin
access-control-allow-credentials: true
x-frame-options: ALLOW-FROM https://www.reliaquest.com/
x-robots-tag: noindex
link: <https://www.reliaquest.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7c0242045bfa3344-EWR
x-wp-nonce: a6790d0e55

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 113ms
26ms Script
application/javascript 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 102ms
33ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: EW9W7B61HD1M0H3K
age: 812
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Swj407AVIk8IuzGVZ69lRdokIPZfMZke9oWaH3+EP3coFmDeq06hGAyp6G60Uv3AMYPeKnN/JGI=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7c024204fab94bd0-YUL
expires: Sun, 30 Apr 2023 23:40:41 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 71ms
20ms Script
application/x-javascript 2600:1400:9000::687e:74bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=24059
accept-ranges: bytes
content-length: 4777

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 199ms
63ms Script
application/x-javascript 104.111.50.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.50.91 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-50-91.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/15024/ 281 B
590 B 58ms
55ms Script
text/javascript 18.164.116.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15024/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/15024/code/&publishedOn=Tue%20Aug%2024%2016:53:04%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15024/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-120.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: ec4f553db37df8f92703991422df8b24dd0eeb78929f5821634e462e96810987

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 281
x-amz-cf-id: Ml4Y-RSjyU9UCOiONQqiIFoZHEPdvB1n9YM8u9lDj5j9D_wZ6_T0vg==
expires: Sun, 30 Apr 2023 19:40:40 GMT

GET
H2 200 _blog_solarwinds-compromise-what-security-teams-need-to-know_.js Show response
kdl.keywee.co/www.reliaquest.com/ 2 KB
2 KB 156ms
75ms Script
text/plain 2600:9000:24f1:6600:1b:8908:cd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kdl.keywee.co/www.reliaquest.com/_blog_solarwinds-compromise-what-security-teams-need-to-know_.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:6600:1b:8908:cd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa129022a2c6b9211fba781a2b04119fa8b920a06dcfc71368415748f77dc2d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Uu74otiKqujPmJdxtEpMFHgGtQjAAKPp
date: Sun, 30 Apr 2023 19:30:09 GMT
via: 1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 08:39:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 633
etag: "4132c91c9d0daf1e84bdfc152c1df9af"
vary: Accept-Encoding
x-cache: Error from cloudfront
cache-control: max-age=900
accept-ranges: bytes
content-length: 2094
x-amz-cf-id: rxQAiEI2Y5pTaULf-Ij3VaeEZnvpOQbo2xwcQ8o2NoN4RlKkWl79_w==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 116ms
52ms Script
text/javascript 2606:4700::6812:d9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 193
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 7c0242060e377145-YUL
expires: Sun, 30 Apr 2023 19:37:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
20ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:22:40 GMT
x-content-type-options: nosniff
age: 98281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:22:40 GMT

GET
H3 200 icomoon.ttf
www.reliaquest.com/wp-content/themes/t220908406929/dist/fonts/ 4 KB
5 KB 54ms
53ms Font
application/octet-stream 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reliaquest.com/wp-content/themes/t220908406929/dist/fonts/icomoon.ttf?5zkpkv

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/wp-content/themes/t220908406929/dist/css/main.css?ver=1

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaae1d4db82158aa4b92c4286ed1977ad9c3eb18db96573c6404f681fc93a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/wp-content/themes/t220908406929/dist/css/main.css?ver=1
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 174491
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4592
last-modified: Wed, 15 Feb 2023 18:20:41 GMT
server: cloudflare
etag: "63ed2279-11f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFmNHJc5CXO4K03rjSbDF%2F%2B%2FuKQJ5%2FB9JcvRnwVG%2FRfaVw05QrDbDMNx1ZMVpZp7VndoKcOvIg9xFQczuYDZkBmL%2FxtjPRA5hoeeWCWUFHll7hBCHXK1te2v6ui12d80fuwgpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c024204cc963344-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 79ms
40ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:11:51 GMT
x-content-type-options: nosniff
age: 88130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:11:51 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 64ms
25ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 02:56:05 GMT
x-content-type-options: nosniff
age: 146676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 02:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 84ms
46ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 12:47:32 GMT
x-content-type-options: nosniff
age: 111189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 12:47:32 GMT

GET
H2 200 97927 Show response
resources.digitalshadows.com/hubsFront/embed_cta/ Frame 7BB8 102 KB
102 KB 358ms
274ms Document
text/html 3.98.63.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.98.63.202 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-98-63-202.ca-central-1.compute.amazonaws.com

Software

Resource Hash

d1516aa471ad3c2c6a5a119f210f0d765b50c6789db22b6448d21c705a4edfb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reliaquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-language: en-US
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 19:40:41 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 reliaquest-author-logo-80x80.jpg
www.reliaquest.com/wp-content/uploads/ 1012 B
2 KB 31ms
25ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/uploads/reliaquest-author-logo-80x80.jpg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a224384e3fcabcfc0db7562ac96034adef39684cb4e190049003c25582c95219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173367
cf-polished: origFmt=jpeg, origSize=1103
content-disposition: inline; filename="reliaquest-author-logo-80x80.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1012
cf-bgj: imgq:100,h2pri
last-modified: Fri, 21 Apr 2023 20:02:34 GMT
server: cloudflare
etag: "6442ebda-44f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P74ThhKlWLoM843nmVAj2l7LYln4fpSzKN9Pnz2F4%2FvbtTXZwrl3g9Z%2Fwpye0lIVt28U%2FDyE2UqGEf3STdSlBdanbIH9SeKgc%2B2uJFsGK6HbSop9Bp4CZuW%2B64IohAmvBNFeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c024204fce03344-EWR

GET
H2 403 TUoGdsf0K0aOZDuK0qAAELELodH9-QyhMzAv6aelpf6QTqcjbXn7PrbdKr7DrXb3bmJs8HIqXAe8HriXO6LNgkY02XnhZ3iLkqSxV6ba61C_ZP6s7seJKkki8o8g-XAvLTHPc5eO
lh3.googleusercontent.com/ 0
0 310ms
309ms Image
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/TUoGdsf0K0aOZDuK0qAAELELodH9-QyhMzAv6aelpf6QTqcjbXn7PrbdKr7DrXb3bmJs8HIqXAe8HriXO6LNgkY02XnhZ3iLkqSxV6ba61C_ZP6s7seJKkki8o8g-XAvLTHPc5eO
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 reliaquest-author-logo-60x60.jpg
www.reliaquest.com/wp-content/uploads/ 834 B
1 KB 30ms
24ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reliaquest.com/wp-content/uploads/reliaquest-author-logo-60x60.jpg

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

54c9d6b15855705c327a582f8a574b11fbe135c97d91de845eaefcc09601ca4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 173367
cf-polished: origFmt=jpeg, origSize=876
content-disposition: inline; filename="reliaquest-author-logo-60x60.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 834
cf-bgj: imgq:100,h2pri
last-modified: Fri, 21 Apr 2023 20:02:34 GMT
server: cloudflare
etag: "6442ebda-36c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO27we1D5JfAlcA6hd65vbP7kKmT0Bihe3%2BtnOwADCspynJ0EsckFwzjoprautptJcYXyau9aIQaq%2FgVsv7TEdZ%2FG2sEDCGHWnJs8VOXC2XoiSYxGIufyXQeuzCrX3jqQXk7Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c024204fce13344-EWR

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/15024/code/ 2 KB
772 B 30ms
21ms Script
application/javascript 18.164.116.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15024/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15024/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-120.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 00:50:13 GMT
x-amz-version-id: 7qZQu2VMElrCMff4atyFciw3EEvG_vwR
content-encoding: br
via: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 19853429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 24 Aug 2021 16:51:11 GMT
server: CloudFront
etag: W/"45d815f98cb1ba2123f41b1c2cacac1e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: RrbQjEt-w_Szy-RYODL0kRwiW0GHPojA6ZQAaCOoO1DX5II_ZSgv-g==

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
359 B 90ms
25ms XHR
application/json 52.70.155.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDExMzd9.jbjhYTjr5EtKJiZNcg3fApVy8OrVLI90V1gxGsVoF9E

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.70.155.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-155-243.compute-1.amazonaws.com

Software

Resource Hash

aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reliaquest.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 4fa7983b1981898a21345b5e32d3effa

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 68ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 19:22:23 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1098
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 30 Apr 2023 21:22:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 69ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 30 Apr 2023 19:40:40 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B71686D41EB2434689CFDB9DE6DE4585 Ref B: YMQ01EDGE0319 Ref C: 2023-04-30T19:40:41Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H2 200 hotjar-2441060.js Show response
static.hotjar.com/c/ 15 KB
5 KB 70ms
30ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2441060.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

9db5250e145757042c45be7dfd40fc20134ea2b44dc3d01eb1921f3a91bdb969

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 26
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b1103a954059b77cf4bd9e4c7da9c078
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 7LRZiH3HBwSVPADZ9kOZoxhciFOixb3srdkNFwqs0HaS_UI0RCNEjQ==

GET
H2 200 uvut6nv3vzk9.js Show response
js.driftt.com/include/1682883900000/ 221 KB
62 KB 163ms
79ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1682883900000/uvut6nv3vzk9.js

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-amz-version-id: x8TZ8iebDtxhM0duvZHFnO4hbRoyqYO1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Fri, 28 Apr 2023 19:39:03 GMT
server: istio-envoy
etag: W/"1aa02cf06cb1a631ba2d08d343214ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gdalyRIxputwol3PJYwEy8sewgUXAWnZskUBJup_OZk7VkLNjLDpSw==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 90ms
18ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 03:56:11 GMT
Content-Encoding: gzip
Via: 1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 56671
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: u2l93MsRViL7bwG04JTW2zmAZgHooBRCTKqUQ2GjdQy1VN1hNKpOSA==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 50ms
10ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
84 KB 43ms
42ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G6184BWDDN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPQTDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b85ed770968845e1d8c7c5b9edabc809644d1b5b2788b43d3af7ef24fccc07c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 13DF 677 B
541 B 44ms
43ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 877831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7c0242064daca232-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 19:40:41 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 82ms
60ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/
Origin: https://www.reliaquest.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 110851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7c0242066fe1a204-YYZ

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3664348/domain/reliaquest.com/ 36 B
376 B 88ms
19ms XHR
application/json 2600:9000:21ec:8000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3664348/domain/reliaquest.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:8000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:08:56 GMT
content-encoding: gzip
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1905
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: yV-cV5SB8Tse4ozFP-johJ4Qd959J7I7EiTOnJ53mdnTNZ8Spkt_fQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3664348%26time%3D1682883641320%26url%3Dhttps%253A%252F%252Fwww.reliaquest.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=tru...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=tr...

0
487 B

105ms
42ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true&liSync=true&e_ipv6=AQIg2sl4DH5d1AAAAYfTroFWa8jkjs_ccG4fRW-Eo_bpOGLbA_D18O11A2sZGrz_4mEOSK91
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1D5023BC22D447B6A31A4774ED0AC00A Ref B: YMQ01EDGE0317 Ref C: 2023-04-30T19:40:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6kuGqyjLVl3M0LTcpsg==

Redirect headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F97F64315F7E40C19ED663E14A92481F Ref B: YMQ01EDGE0822 Ref C: 2023-04-30T19:40:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3664348&time=1682883641320&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cookiesTest=true&liSync=true&e_ipv6=AQIg2sl4DH5d1AAAAYfTroFWa8jkjs_ccG4fRW-Eo_bpOGLbA_D18O11A2sZGrz_4mEOSK91
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6kuGpH9AAXsVYyLPqCA==

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 32ms
20ms XHR
text/html 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-238-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
314 B 110ms
21ms XHR
text/html 2600:141b:5000::b81c:be9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81c:be9b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a7b321e2aedb7eeb6e47e410d92923c2b37bc5999a80ea24e9584fc6ee88a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467467_3088891543_1311198366_81_885_20_0";dur=1
content-length: 20
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3664348/domain/reliaquest.com/ 36 B
375 B 86ms
20ms XHR
application/json 2600:9000:21ec:8000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3664348/domain/reliaquest.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:8000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:08:56 GMT
content-encoding: gzip
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1905
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: FtSpSStBM3fsvhTLWJ7-SmKQsprykxazb_RQtidF5uq3Nqj8SDq_kg==

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 29ms
20ms XHR
text/html 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-238-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
315 B 106ms
21ms XHR
text/html 2600:141b:5000::b81c:be9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81c:be9b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a7b321e2aedb7eeb6e47e410d92923c2b37bc5999a80ea24e9584fc6ee88a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467467_3088891543_1311198367_22_1258_20_0";dur=1
content-length: 20
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
466 B 25ms
25ms XHR
application/json 52.70.155.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.70.155.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-155-243.compute-1.amazonaws.com

Software

Resource Hash

973294976949397d50fddaf07d27a8ebd83d9ee7764f2a2414bba87f32058fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reliaquest.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: f8d9cbc97e2a5fae2671229fd553ccb5

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
470 B 48ms
45ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=3089143&r=1682883641332&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 3089143
Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvt1hh0LP9ULKdYePwdMhLUJZP7kiyoGOlqiqMtgYKs1Q564sX0snVroagkUlm0XLuyZnmSqPxf4r-iSPVu-rDy9rV9SG1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Sun, 30 Apr 2023 20:40:41 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 74ms
37ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=3089143&r=1682883641332&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.reliaquest.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 30 Apr 2023 19:40:41 GMT
expires: Sun, 30 Apr 2023 19:40:41 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdstw-NHpS5S-qNYn9i5AVFFLWoDOhQ-aSVKSYB-IJRQpSnNroUkjFiE0nw_k51wZh5ZgVBreGkchggHlvb6Si0PrgeabK0N

GET
H2 200 sp-2.10.2.js Show response
cdn.keywee.co/dist/ 96 KB
30 KB 102ms
21ms Script
application/x-javascript 2600:9000:2209:8e00:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.10.2.js
Requested by: Host: kdl.keywee.co
URL: https://kdl.keywee.co/www.reliaquest.com/_blog_solarwinds-compromise-what-security-teams-need-to-know_.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:8e00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:54:15 GMT
content-encoding: gzip
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified: Fri, 01 May 2020 06:03:58 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 2742387
etag: W/"69c0026af7f2b8f2eed23f2f5fc5c68f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=315360000
x-amz-cf-id: lA15ORAR0v-5O1WiL6Z9XUqZTLihnTA0_yrLZtHUWHrwhtLQF6F3Iw==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 120ms
120ms Script
application/x-javascript 104.111.50.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.50.91 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-50-91.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 08 Aug 2023 19:40:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 34ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2058261451&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&ul=en-us&de=UTF-8&dt=SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=10814511&gjid=950814085&cid=1978469662.1682883641&tid=UA-10904891-3&_gid=1766093058.1682883641&_r=1&_slc=1&gtm=45He34q0n71NPQTDR&z=372175219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reliaquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 90ms
34ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G6184BWDDN&gtm=45je34q0&_p=2058261451&_gaz=1&cid=1978469662.1682883641&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682883641&sct=1&seg=0&dl=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&dt=SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6184BWDDN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reliaquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 80ms
36ms Ping
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G6184BWDDN&cid=1978469662.1682883641&gtm=45je34q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6184BWDDN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reliaquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 102ms
38ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G6184BWDDN&cid=1978469662.1682883641&gtm=45je34q0&aip=1&z=2023467404

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 96ms
35ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-10904891-3&cid=1978469662.1682883641&jid=10814511&gjid=950814085&_gid=1766093058.1682883641&_u=YEBAAEAAAAAAACAAI~&z=2072069510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reliaquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.50a80ed62b384955a8b2.js Show response
script.hotjar.com/ 263 KB
68 KB 71ms
21ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.50a80ed62b384955a8b2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2441060.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 203674
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69259
last-modified: Fri, 28 Apr 2023 11:05:08 GMT
etag: "64d5841f997872b89ef043f224290bdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: iY9kIBTkqBb_8Y5p8Q5NxtVqjce1J41FNrnqV27ssiZ9WF9-v1Wa-g==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 86ms
41ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1682883641445&id=t2_vref6ti7&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=25ccc73b-db87-4e5e-b74e-a0129b5a8a29&aaid=&em=0000000000000000000000000000000000000000000000000000000000000000&external_id=6871144572570a76b42cd0909194f75b69c2dc968d5edc4bcfe96fb94dc65121&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 204 134470029.js Show response
bat.bing.com/p/action/ 0
119 B 62ms
62ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134470029.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 30 Apr 2023 19:40:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDA8D7CC41A847D381EF1C099B1B89B6 Ref B: YMQ01EDGE0319 Ref C: 2023-04-30T19:40:41Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134470029&tm=gtm002&Ver=2&mid=198ac812-b519-4c43-a6f1-e9a634e64320&sid=e3f98c10e78e11edbc9953a5b12ceb9f&vid=e3f9b100e78e11ed815557df194b500e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest&p=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&r=&lt=1011&evt=pageLoad&sv=1&rn=751810

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Apr 2023 19:40:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A4090B8548B4A3DBCDE3B259AA39DCE Ref B: YMQ01EDGE0319 Ref C: 2023-04-30T19:40:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto.css
content.cdntwrk.com/css/google-fonts/ Frame 7BB8 12 KB
1 KB 86ms
16ms Stylesheet
text/css 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/google-fonts/roboto.css?v=14cb47bd9c1c
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-51.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e881cbaf72e533ab082cff77ad98ec1cb5135a45cc280e75ce46b5ab69aed5e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:35:16 GMT
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 562207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Apr 2023 17:16:40 GMT
server: AmazonS3
etag: W/"33f259762e38e1f46be2db77fda7be12"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: GyJ0FkwaJ3bDHRf1an0h759teCe9DR7L6Snq78gT6rQJ-sR5BCroTw==

GET
H2 200 hubs.6259713dc2ae68fbff14.css
content.cdntwrk.com/css/hubs/ Frame 7BB8 262 KB
44 KB 89ms
20ms Stylesheet
text/css 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/hubs/hubs.6259713dc2ae68fbff14.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-51.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e9a2335261b7402a5ac34f6ee844b780f1809863e70a5f203e731cfb372c76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 19:05:54 GMT
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 520488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Apr 2023 19:03:26 GMT
server: AmazonS3
etag: W/"a97673515dfac50b8736ca57d9339a45"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: uc6nVV2APqFTSfE4KuBQ_JeCzrR1t05ZMqHJEIDJdvOedPyxIhudtg==

GET
H2 200 style.css
cihost.uberflip.com/digitalshadows/master/build/ Frame 7BB8 514 KB
60 KB 134ms
49ms Stylesheet
text/css 2600:9000:2511:5800:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5800:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3407a3936d74297824dd73d7604a88519c25eebe2259cf29b56932641bceb25d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:41 GMT
content-encoding: gzip
via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
last-modified: Thu, 16 Dec 2021 07:15:07 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1639638904/ctime:1639638904/gid:121/gname:docker/md5:126fa9e07dbc2828797e6ed296623a4f/mode:33188/mtime:1639638904/uid:1001/uname:runner
x-amz-cf-pop: JFK50-P6
age: 9000
etag: W/"126fa9e07dbc2828797e6ed296623a4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: ZVd9JlZLyWTrd_iBXDYTQd2yxEWfFEWMGTzWxFiS7hE-mMnmULrSAA==

GET
H2 200 ionicons.min.css
unpkg.com/ionicons@4.5.10-0/dist/css/ Frame 7BB8 44 KB
7 KB 60ms
24ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16890959
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FJ24673FNFYAN97EG4W403CD
server: cloudflare
etag: W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c0242077a957133-YUL

GET
H2 200 grp0jzg.css
use.typekit.net/ Frame 7BB8 2 KB
870 B 145ms
55ms Stylesheet
text/css 2600:1400:9000::687e:74b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/grp0jzg.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74b2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3b3177703047afcbd53dca306d94d7d10b1e5975cff6ac198325b7f1d836cab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sun, 30 Apr 2023 19:40:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 638

GET
BLOB 200
OK 2a47ba5b-11f2-4f03-a74e-937ba3200908
https://www.reliaquest.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.reliaquest.com/2a47ba5b-11f2-4f03-a74e-937ba3200908
Requested by: Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ Frame 7BB8 54 KB
13 KB 69ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PA3YPJCEHS0XHRS2
age: 608640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NTh8J2wunY9Sj5Jo9lJ6Lsk5iHcpkD/uZi3i95h0rSX65bi9o1VM/KSL0pPSHPgYhYhB1OqLoiI=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0YzNHS7r5%2FQhwBWL5egYkiZNRgsdfH3VdZR1cwpCAv51TVUmHnZeZGC0hFmkwUqeDT77mq%2BLsXbD%2Be0m69WOjvjjxa79xPTq4sww31bdng8fm2fRnHBGBkO6gpVpyCSFSiz6EiczRc3gXi0AOQq3Fls"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c0242077dae43ff-EWR

GET
H2 200 DS_reliaquest_company_logo_whitetext.png
digitalshadows.com/wp-content/themes/new-ds/assets/images/ Frame 7BB8 14 KB
14 KB 35ms
33ms Image
image/png 2600:9000:2511:aa00:9:91af:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digitalshadows.com/wp-content/themes/new-ds/assets/images/DS_reliaquest_company_logo_whitetext.png
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:aa00:9:91af:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0278f9c007d917bb27776b525dc5bfaa55bed5ba4d86b590136e09324b622c24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
via: 1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
last-modified: Wed, 03 Aug 2022 12:18:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 92
etag: "0bb48e141ff89017cd0303015290eccc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 13872
x-amz-cf-id: 6_LK12qubgzOniaAGhNf-pUx5pAkFepK-rScXFFYtsXz0OAH88Mjfg==

GET
H3 200 ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ Frame 7BB8 3 KB
3 KB 20ms
19ms Image
image/gif 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=19a554b579c4
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.85.61.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-51.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:36:48 GMT
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
age: 368704
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2707
last-modified: Tue, 04 Apr 2023 17:16:47 GMT
server: AmazonS3
etag: "5217392f882b27d35ec2e72946f2df7e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: DugQjo4IPh9KX3AcdyLU4POF402Yg6WE4P6pr7MbhKpP68a7AbaUuA==

GET
H2 200 hubs_app.6259713dc2ae68fbff14.js Show response
content.cdntwrk.com/js/hubs/ Frame 7BB8 1 MB
313 KB 21ms
21ms Script
application/javascript 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/hubs/hubs_app.6259713dc2ae68fbff14.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-51.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c24cdc38d0e64c40ade6b6fe8aa3d935b7bb9daa553242aeb78b0a9a187fc0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 19:05:54 GMT
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 520488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Apr 2023 19:03:35 GMT
server: AmazonS3
etag: W/"b734f33df5c46905bf341179a26a7ad3"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: hmrrsMgTYUmdB1kInhNxPZ44HmJoSYMDJdjeKzTSZmN_rM6C2KJtbA==

GET
H2 200 onbrand.bundle.js Show response
cihost.uberflip.com/digitalshadows/master/build/ Frame 7BB8 303 KB
94 KB 36ms
35ms Script
application/javascript 2600:9000:2511:5800:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/onbrand.bundle.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5800:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61ca9a85068733286db7daf3ba42d259a38df43f7e1a5cbe22d2ffd9947e6b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 17:10:42 GMT
content-encoding: gzip
via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 20:00:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1637697602/ctime:1637697602/gid:121/gname:docker/md5:5ac7387f8a1b5df73caa2193cd550268/mode:33188/mtime:1637697602/uid:1001/uname:runner
x-amz-cf-pop: JFK50-P6
age: 9000
etag: W/"5ac7387f8a1b5df73caa2193cd550268"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MueS8P5-e4SWDPAqiwP5L5vBffq9p_q4GqpEixLebyFbud1the_fbg==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 7BB8 152 KB
24 KB 304ms
257ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1070
cdn-cachedat: 01/17/2023 03:43:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d12a0529f77fca6293ead48a44956e70
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7c0242097c6c4bc5-YUL
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 7BB8 21 KB
7 KB 17ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1551162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoTLnW230o3%2B1Xm%2BGLpDSzWrqRQh5P7ItYXoEpA%2Bllp5i%2FxJGEuCZ8wz4MVjXTit%2F9EYb1eGum19CDs2Iav2L4bG2%2B4K661TZRRbPcpcBIGv7%2B7Qy0HM%2ByGR5HbcJUybNOPQGWhCtktxRyp846Y9GE%2FD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c0242096a367154-YUL
expires: Fri, 19 Apr 2024 19:40:41 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 7BB8 57 KB
16 KB 267ms
256ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
cdn-cachedat: 07/07/2022 17:49:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0477bf58cdea40441837acab39b7aa35
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7c0242097c6e4bc5-YUL
cdn-requestpullsuccess: True

GET
H2 200 i
co-events.anyword.com/ 43 B
295 B 111ms
24ms Image
image/gif 34.225.123.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://co-events.anyword.com/i?stm=1682883641528&e=se&se_ca=klm&se_ac=view&se_va=10&tv=js-2.10.2&tna=cf&aid=2927&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=d3006d5c-5558-4d6d-997b-23f1468f3e2e&dtm=1682883641526&vp=1600x1200&ds=1600x5934&vid=1&sid=1080e431-da27-44a9-bddb-dd2678e52366&duid=8e6afb5a-f09b-4739-8e12-092bc209cd16&fp=792662924&url=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjby5rZXl3ZWUvY3VzdG9tX2tkbF9jb250ZXh0L2pzb25zY2hlbWEvMS0wLTIiLCJkYXRhIjp7InZhcmlhbnRzIjpbXSwiY2FtcGFpZ25faWQiOiIiLCJleF9pZHMiOltdLCJzdGF0dXMiOiJjbXBfbm90X2ZvdW5kIn19XX0

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.123.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-123-41.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

status: 200 OK
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: nginx/1.21.3
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 91ms
36ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10904891-3&cid=1978469662.1682883641&jid=10814511&_u=YEBAAEAAAAAAACAAI~&z=966253813

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 38ms
35ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10904891-3&cid=1978469662.1682883641&jid=10814511&_u=YEBAAEAAAAAAACAAI~&z=966253813

Requested by

Host: www.reliaquest.com
URL: https://www.reliaquest.com/blog/solarwinds-compromise-what-security-teams-need-to-know/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
438-kyk-786.mktoresp.com/webevents/ 2 B
318 B 143ms
42ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://438-kyk-786.mktoresp.com/webevents/visitWebPage?_mchNc=1682883641541&_mchCn=&_mchId=438-KYK-786&_mchTk=_mch-reliaquest.com-1682883641540-19408&_mchHo=www.reliaquest.com&_mchPo=&_mchRu=%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:41 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f7d36682-15a3-4249-ad1e-5cb31f0b1fff

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2441060/ 148 B
322 B 496ms
275ms XHR
application/json 18.202.10.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2441060/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.202.10.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-10-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 css
fonts.googleapis.com/ Frame 7BB8 3 KB
748 B 35ms
34ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e553533d28524e15d82626e82f797afe6db8582382606af03666b4719191db93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 19:11:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ Frame 7BB8 152 KB
42 KB 794ms
466ms Script
application/x-javascript 104.65.240.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=digitalshadows

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.65.240.220 Miami, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-65-240-220.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

324ba78d0d3427c5063729e07d319e785cd48eb5c342797e54b8575cfe68a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Date: Sun, 30 Apr 2023 19:40:42 GMT
Last-Modified: Tue, 28 Mar 2023 22:55:10 GMT
Server: Jetty(9.4.45.v20220203)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Length: 42617

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7BB8 236 KB
78 KB 265ms
264ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95f4a488858d3b1cb66e3f6819d97123df10a0b7b164dc9583d92eb840094a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79848
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 19:40:41 GMT

GET
H2 200 p.css
p.typekit.net/ Frame 7BB8 5 B
181 B 100ms
18ms Stylesheet
text/css 2600:1400:9000::687e:74b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=grp0jzg&ht=tk&f=32231.32232&a=82983317&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/grp0jzg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74b1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/grp0jzg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
last-modified: Thu, 28 Jul 2022 21:30:08 GMT
server: nginx
etag: "62e2ffe0-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 subscriber.gif
cihost.uberflip.com/digitalshadows/assets/images/ Frame 7BB8 14 KB
15 KB 413ms
413ms Image
image/gif 2600:9000:2511:5800:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/digitalshadows/assets/images/subscriber.gif
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5800:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6720e7c06d90bcf38f0ae5c17205409563dc38f2e69f9b05c849af6a6f775334

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
via: 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 21:12:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1570735108/ctime:1570733733/gid:20/gname:staff/md5:35b560ddc8043efc45dd6f57f6020a7c/mode:33188/mtime:1570733733/uid:502/uname:modip
x-amz-cf-pop: JFK50-P6
etag: "35b560ddc8043efc45dd6f57f6020a7c"
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 14819
x-amz-cf-id: ablVNZxNEWYBg8bBmXBVuuOLKjvK6_0hE1qA8Mg2JoNIKpkeskpZwQ==

GET
H2 200 DINOffc-Bold.woff2
cihost.uberflip.com/digitalshadows/master/build/fonts/ Frame 7BB8 17 KB
17 KB 271ms
33ms Font
font/woff2 2600:9000:2511:5800:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/digitalshadows/master/build/fonts/DINOffc-Bold.woff2
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5800:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53d1cc9d5f2f9d37d74ac14d71656bbf3961c22be1825c54fc0453f8f8fb3d15

Request headers

Referer: https://cihost.uberflip.com/digitalshadows/master/build/style.css
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 06:30:15 GMT
via: 1.1 54a56da0fe0bae919389c7d572d4720e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 47428
x-cache: Hit from cloudfront
content-length: 17136
last-modified: Mon, 04 Oct 2021 12:20:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633350041/ctime:1633350041/gid:121/gname:docker/md5:4761c20e0aa5fd1415278b7f92e483e9/mode:33188/mtime:1633350041/uid:1001/uname:runner
etag: "4761c20e0aa5fd1415278b7f92e483e9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: _h65zNaT_K9d_oEB7EvSKtk7a_X5E3U3FV9CY_uyESPG40PQCItavw==

GET
H2 200 ajax_ping Show response
resources.digitalshadows.com/hubsFront/ Frame 7BB8 49 B
160 B 146ms
146ms XHR
application/json 3.98.63.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.6259713dc2ae68fbff14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.98.63.202 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-98-63-202.ca-central-1.compute.amazonaws.com

Software

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
content-type: application/json
content-length: 49
x-xss-protection: 1; mode=block

POST
H2 200 ajax_trackCtaView Show response
resources.digitalshadows.com/hubsFront/ Frame 7BB8 0
66 B 136ms
136ms XHR
text/html 3.98.63.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digitalshadows.com/hubsFront/ajax_trackCtaView

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.6259713dc2ae68fbff14.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.98.63.202 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-98-63-202.ca-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
content-type: text/html; charset=UTF-8
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 stats_temp_embed_cta_97927x4caa53f4c93f1cc283021cbbbb684fd985e653dab102275fbcb966769f32018f1682883641d0a23ba7e3030d22792358a48945651f953308b666d69ea5a7d910fa63fec6a5
resources.digitalshadows.com/hubsFront/signalMetricsTemp/ Frame 7BB8 2 B
77 B 126ms
126ms Image
text/html 3.98.63.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.digitalshadows.com/hubsFront/signalMetricsTemp/stats_temp_embed_cta_97927x4caa53f4c93f1cc283021cbbbb684fd985e653dab102275fbcb966769f32018f1682883641d0a23ba7e3030d22792358a48945651f953308b666d69ea5a7d910fa63fec6a5?t=1682883641979

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.98.63.202 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-98-63-202.ca-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en-US
content-type: text/html; charset=UTF-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 7BB8 1 KB
1 KB 142ms
142ms Script
application/x-javascript 104.111.50.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.50.91 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-50-91.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/ Frame 7BB8 77 KB
24 KB 144ms
19ms Script
text/javascript 2600:9000:23cb:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72df5f1cc64215e3539219c9317ddbc2a1c6aaa96d5c03694cc6ed199a3bd9e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: hjL8fR5KQgaJfo8J.FwRmhI4BCsywtHV
Content-Encoding: gzip
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Date: Sun, 30 Apr 2023 19:39:10 GMT
Age: 93
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 28 Apr 2023 11:53:06 GMT
Server: AmazonS3
Etag: W/"6844c51b6acc31785b557e9172a91945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EfalQuP9T3DR_PpNToiKHRzyc59rjBMse11cYsnl42GhtjPdBHrwvg==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 536ms
299ms XHR
application/json 52.209.49.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.49.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-49-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a85637a934a9982bab9e0bc5957dc6724c757603670f78e5ffc872017eefc9a5

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 19:40:42 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
content.cdntwrk.com/fonts/roboto/ Frame 7BB8 49 KB
50 KB 39ms
19ms Font
binary/octet-stream 52.85.61.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/fonts/roboto/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/google-fonts/roboto.css?v=14cb47bd9c1c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.85.61.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-51.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

Request headers

Referer: https://content.cdntwrk.com/css/google-fonts/roboto.css?v=14cb47bd9c1c
Origin: https://resources.digitalshadows.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 06:30:27 GMT
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
age: 223740
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 50476
last-modified: Tue, 04 Apr 2023 17:16:45 GMT
server: AmazonS3
etag: "ee26c64c3b9b936cc1636071584d1181"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: jRsvxhxiy3Vej_-JRtExXxbAX04oc3qJDMvIfB_N36wST_qEOdnXyg==

GET
H/1.1 200
OK flipbot-v2.min.js Show response
flipbot.uberflip.com/js/ Frame 7BB8 19 KB
19 KB 117ms
27ms Script
application/javascript 54.237.159.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flipbot.uberflip.com/js/flipbot-v2.min.js?_=1682883641845
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.6259713dc2ae68fbff14.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.237.159.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-159-171.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d69867f57a52885b676a974a0dd8aec3c7e39b0327ed55289094f8716786219c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Via: 1.1 vegur
Last-Modified: Fri, 07 Apr 2023 12:23:11 GMT
Server: Apache
Etag: "4a12-5f8be16a5e9c0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18962

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 7BB8 13 KB
5 KB 19ms
19ms Script
application/x-javascript 2600:1400:9000::687e:74bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=24058
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 7BB8 56 KB
15 KB 81ms
23ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG934MV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100092-IAD

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ Frame 7BB8 11 KB
5 KB 59ms
59ms Script
application/x-javascript 104.111.50.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.50.91 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-50-91.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 08 Aug 2023 19:40:42 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 7BB8
Redirect Chain

https://s.adroll.com/j/exp/M2GUWUTBBJFFRJ7RPYG7FT/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

20ms
19ms

Script
application/javascript

2600:9000:23cb:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Server: 2600:9000:23cb:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Sun, 30 Apr 2023 08:32:04 GMT
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Age: 40121
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FDnPviFqxQ-hcpw07h3Q54E-DGj2XWpbgjsIlWjUT66lQ8RyEZYYgg==

Redirect headers

Date: Sun, 30 Apr 2023 17:10:42 GMT
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Age: 9000
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: YbUVkKlGgCXn4uyp7L2MoEYqv2GtmMrzpP1DXi6FLFLI3q22_i2Wxg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4082420/domain/resources.digitalshadows.com/ Frame 7BB8 36 B
375 B 27ms
27ms XHR
application/json 2600:9000:21ec:8000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4082420/domain/resources.digitalshadows.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:8000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:31:29 GMT
content-encoding: gzip
via: 1.1 d2d900512286e3d26077b241153e569c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 553
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: O1X0akAvgK0fmSvPRcQBCmcFO0B3Uj1JVp4iSTDrUZIEsncF4bMtkw==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 7BB8
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F&e_ipv6=AQL1Sn9S5pNsnwAAAYfTroNf_swDx16idEmXZDy0DoCSvjicokXWAJl0fCouCXRaoNPC8-aW

0
365 B

71ms
71ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F&e_ipv6=AQL1Sn9S5pNsnwAAAYfTroNf_swDx16idEmXZDy0DoCSvjicokXWAJl0fCouCXRaoNPC8-aW
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 49A08C013A584A3E8693D1F96F4BB898 Ref B: YMQ01EDGE0317 Ref C: 2023-04-30T19:40:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6kuGx2YQGFXuppkd8Ew==

Redirect headers

date: Sun, 30 Apr 2023 19:40:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B6044C2DD44748A18761CD73C84D37BB Ref B: YMQ01EDGE0822 Ref C: 2023-04-30T19:40:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4082420&time=1682883642183&url=https%3A%2F%2Fwww.reliaquest.com%2F&e_ipv6=AQL1Sn9S5pNsnwAAAYfTroNf_swDx16idEmXZDy0DoCSvjicokXWAJl0fCouCXRaoNPC8-aW
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6kuGxFt4uZUts4Qq6zw==

POST
H/1.1 200
OK visitWebPage
457-xey-671.mktoresp.com/webevents/ Frame 7BB8 2 B
482 B 405ms
126ms Ping
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://457-xey-671.mktoresp.com/webevents/visitWebPage?_mchNc=1682883642233&_mchCn=&_mchId=457-XEY-671&_mchTk=_mch-digitalshadows.com-1682883642233-58662&_mchHo=resources.digitalshadows.com&_mchPo=&_mchRu=%2FhubsFront%2Fembed_cta%2F97927&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.reliaquest.com%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f4b3ce84-292f-43b8-a0d4-76d93360da01

GET
H2 200 adsct
t.co/i/ Frame 7BB8 43 B
377 B 130ms
42ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6d924510-3917-4cb5-81d2-8183930729be&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54dc0ea4-008a-4131-bfba-a11ab9aef26e&tw_document_href=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&tw_document_referrer=https%3A%2F%2Fwww.reliaquest.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6klt&type=javascript&version=2.3.29

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 6
date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 3a125691521dbff1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2f7eb5de23915d55849d632520abd329cf41185a541d26bbfa2bb927575465b6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 7BB8 43 B
394 B 141ms
42ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6d924510-3917-4cb5-81d2-8183930729be&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54dc0ea4-008a-4131-bfba-a11ab9aef26e&tw_document_href=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&tw_document_referrer=https%3A%2F%2Fwww.reliaquest.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6klt&type=javascript&version=2.3.29

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 30 Apr 2023 19:40:41 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: b5c78f84f76c4b96
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8979e78ddacb940f446bd4d7a68e23045ef0af5bb13bb15c05c2f1b627225e68
content-length: 43

GET
H2 200 M2GUWUTBBJFFRJ7RPYG7FT Show response
d.adroll.com/consent/check/ Frame 7BB8 463 B
949 B 89ms
23ms Script
application/javascript 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/M2GUWUTBBJFFRJ7RPYG7FT?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&_s=5999128e14a46b05d9ff5c2371bb73a8&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b9bfbcda70c0fa1ff65a8ff023013d4b64498a17f52e0052b1210eb160de8a5e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 463
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame 7BB8 8 KB
3 KB 20ms
19ms Script
application/javascript 2600:9000:23cb:f400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding: gzip
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Date: Sun, 30 Apr 2023 14:59:41 GMT
Age: 16863
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 21:48:50 GMT
Server: AmazonS3
Etag: W/"9f2aa6ae991d93164d9512029d813cad"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: z-PRPrVYO_3exH_F-6glAp9bn36aSLHlHX8qrAnkr3QCWpfolcdoSQ==

GET
H2 200 VD4NA2LPTRDHFCOWWLH536 Show response
d.adroll.com/segment/M2GUWUTBBJFFRJ7RPYG7FT/ Frame 7BB8 42 B
975 B 23ms
23ms XHR
image/gif 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&no-cookies=1&adroll_s_ref=https%3A//www.reliaquest.com/&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/M2GUWUTBBJFFRJ7RPYG7FT/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
x-segment-display-name: Resources Center - LP
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.1
x-rule: *resources.digitalshadows.com*
x-segment-eid: DTU3QQ67CZHH7PXZJ5SXHH
content-type: image/gif
access-control-allow-origin: https://resources.digitalshadows.com
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
x-segment-name: fa667bdf
access-control-allow-headers: *
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
x-conversion-currency

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/b/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

43 B
510 B

37ms
37ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
Date: Sun, 30 Apr 2023 19:40:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

in
d.adroll.com/cm/g/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/g/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=4gw5SRPHeAFEU9HwZWiTxw
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=4gw5SRPHeAFEU9HwZWiTxw&google_tc=
https://d.adroll.com/cm/g/in

42 B
552 B

23ms
22ms

Image
image/gif

2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/index/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642&C=1

43 B
766 B

20ms
18ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642&C=1
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 19:40:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 19:40:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=105&external_user_id=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expiration=1714419642&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/l/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://idsync.rlcdn.com/377928.gif?partner_uid=e20c394913c778014453d1f0656893c7
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzcQABoNCLqIu6IGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=7a9093bd69e7946648df9ef3ee3842b6f4fb2d077f518eaedccfe4ad037e8354791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3YTkwOTNiZDY5ZTc5NDY2NDhkZjllZjNlZTM4NDJiNmY0ZmIyZDA3N2Y1MThlYWVkY2NmZTRhZDAzN2U4MzU0NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3YTkwOTNiZDY5ZTc5NDY2NDhkZjllZjNlZTM4NDJiNmY0ZmIyZDA3N2Y1MThlYWVkY2NmZTRhZDAzN2U4MzU0NzkxNDI2YjU0MTdkY2UyMRAAGgwIuoi7ogYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=6d2cfdb9-f362-4419-b593-23510bb8b4ce

42 B
60 B

46ms
45ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=6d2cfdb9-f362-4419-b593-23510bb8b4ce
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=6d2cfdb9-f362-4419-b593-23510bb8b4ce
date: Sun, 30 Apr 2023 19:40:42 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/n/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expires=365

42 B
799 B

117ms
25ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expires=365
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&expires=365
pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/o/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent=

43 B
180 B

15ms
14ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent=
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e20c394913c778014453d1f0656893c7&gdpr=0&gdpr_consent=
date: Sun, 30 Apr 2023 19:40:42 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/outbrain/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=

0
287 B

89ms
23ms

Image
text/plain

70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: HTTP/1.1
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 19:40:42 GMT
Cache-Control: no-cache
X-TraceId: 5c70bcb1aae34daa21c86cb8c903b13a
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 121
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
493 B

70ms
20ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 30 Apr 2023 19:40:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/r/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
121 B

27ms
27ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Sun, 30 Apr 2023 19:40:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/taboola/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

0
222 B

86ms
23ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21720

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/triplelift/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://eb2.3lift.com/xuid?mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

25ms
25ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 30 Apr 2023 19:40:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7BB8
Redirect Chain

https://d.adroll.com/cm/x/out?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&advertisable=M2GUWUTBBJFFRJ7RPYG7FT
https://ib.adnxs.com/setuid?entity=172&code=ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

43 B
1 KB

34ms
34ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc

Requested by

Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927

Protocol

HTTP/1.1

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 19:40:42 GMT
AN-X-Request-Uuid: e12bde8e-d989-4a57-9342-a664f9d6f56a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 19:40:42 GMT
AN-X-Request-Uuid: ea3344c6-0ac5-40e2-b583-08ea16046567
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 VD4NA2LPTRDHFCOWWLH536
ipv4.d.adroll.com/seg4/M2GUWUTBBJFFRJ7RPYG7FT/ Frame 7BB8 42 B
609 B 96ms
23ms Image
image/gif 3.226.150.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/seg4/M2GUWUTBBJFFRJ7RPYG7FT/VD4NA2LPTRDHFCOWWLH536?pv=87546209218.75558&arrfrr=https%3A%2F%2Fresources.digitalshadows.com%2FhubsFront%2Fembed_cta%2F97927&no-cookies=1&adroll_s_ref=https%3A//www.reliaquest.com/&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: resources.digitalshadows.com
URL: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.150.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-150-14.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://resources.digitalshadows.com/hubsFront/embed_cta/97927
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
x-segment-display-name: Resources Center - LP
x-rule-type: s
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.1
x-rule: *resources.digitalshadows.com*
x-segment-eid: DTU3QQ67CZHH7PXZJ5SXHH
content-type: image/gif
access-control-allow-origin
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: VD4NA2LPTRDHFCOWWLH536
x-segment-name: fa667bdf
access-control-allow-headers: *
x-advertisable-eid: M2GUWUTBBJFFRJ7RPYG7FT
x-conversion-currency

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 29 B
995 B 77ms
39ms XHR
application/json 68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ea505562a9e36fffcdb50913ad7e5394360d2d7c482375aa0dc2e3567321a346

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 19:40:42 GMT
AN-X-Request-Uuid: 346c09b3-6716-4f77-8c45-17d7dec79faf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.reliaquest.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
204 B 20ms
19ms XHR
text/html 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-238-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
314 B 38ms
37ms XHR
text/html 2600:141b:5000::b81c:be9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81c:be9b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a7b321e2aedb7eeb6e47e410d92923c2b37bc5999a80ea24e9584fc6ee88a0d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 19:40:42 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.reliaquest.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467467_3088891543_1311202323_17_926_18_0";dur=1
content-length: 20
expires: Sun, 30 Apr 2023 19:40:42 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 742A 2 KB
1 KB 40ms
39ms Document
text/html 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1682883900000/uvut6nv3vzk9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reliaquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 19:40:42 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-id: qQKav0fwcQg4P0Tvgv7yu4O_XbsyNn8zEKH8o40O31m1QGXP0EuCog==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 8F86 2 KB
1 KB 36ms
36ms Document
text/html 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1682883900000/uvut6nv3vzk9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reliaquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 19:40:42 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-id: kLcE6ZMHTuqKrLoVF-oou3cVSNjDjStRasrvKp5Ojl6lMnPKOLHkwQ==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 25

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 9DF9
Redirect Chain

https://insight.adsrvr.org/track/up?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0

938 B
969 B

30ms
26ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: cdf902339c16a54db46d8c02887b9e256924d9a89b848c72cf06ce0c2ba452f0

Request headers

Referer: https://www.reliaquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 30 Apr 2023 19:40:42 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 399
date: Sun, 30 Apr 2023 19:40:42 GMT
location: https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0
server: Kestrel

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 81ms
68ms Image
image/gif 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=cdfe02635f87832f7fb37442e2a57166&svisitor=null&visitor=ca3f67a5-2d30-4ead-8549-66e4295716d0&session=6bf23307-012d-4a2d-8326-f6c31bf8308e&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A7%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&pageViewId=505abb42-aa70-4630-89fd-e571bcb2c838

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 6 KB
3 KB 18ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YgoAzPBBZQVGAJmk3zMMlTTdFc5vG3pliB7mwjXANtDIoYkrV8IuWw==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 35 KB
13 KB 20ms
19ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: umDRh3UQS9dYpmKCPtw.RQIXsyWJwF9b
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2453137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dVzSKvjJIKDS7eKOp3uzJqVpfLkIvVt2IExZEnMRbuvRUa5SW80dmw==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 7 KB
3 KB 21ms
20ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 17:08:38 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2514724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7SQy7vNK7h_7uoBE3z1g1K4Yc7pnYeJbgCBfXDg99nURWQORQOC7BA==

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame 742A 6 KB
3 KB 18ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6P7gCzRdZLbjxVynweAadwdYuU_PK_em4v1NC44nDnmHhawfmT3UIw==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 35 KB
13 KB 19ms
19ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: umDRh3UQS9dYpmKCPtw.RQIXsyWJwF9b
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2453137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YkDlTT8mFhb26oG_IZU9JVKf9ZBl6SiFauDVhM3WT4SKEGGcvqWeWQ==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 7 KB
3 KB 21ms
20ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 17:08:38 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2514724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bBZUJrl95rCuTF6LtVpeR-N6YLGmBgv_Iwa_P2RZdPA08TtEK9Vfdw==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 23 KB
8 KB 19ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 07:50:30 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4967412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lXVmjqbm2Spu40umfcrW0v5MMnfraBFMa8BrtB_Wo2mMGD3_i_6Y0g==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 36 KB
10 KB 20ms
19ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:17:25 GMT
x-amz-version-id: MdGIvvi9YQ2J9_G5jz.yGOdFqcXwYS05
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4598597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 07 Mar 2023 18:47:39 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SZq0r2WoS6eNOQwq0Ls7lMVHpFeYLAN5L1KJ7l0xNrI6LBGeqnyEDA==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 32 KB
11 KB 21ms
20ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:56:04 GMT
x-amz-version-id: xQr6ANfVlQ8ZNn8hdXa_W5U6ZfwWeUA7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4020278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xBkLu_XnSvfPI5-wBEiW2LkaIAHN48MgAGStMOsta-c11XQHHSTU9w==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 17 KB
6 KB 23ms
22ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 07:50:00 GMT
x-amz-version-id: ybw1GI09u1lKCGavyikm1inUvvRdufu3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5313042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pCVO5J2v-dCEoQTCWz-tOm5vDnBbEB29CVaiPbIwdGnfMPhQlY5-ew==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 25 KB
8 KB 24ms
23ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: jad7ciYmD1.UhEFDgYSX13KMAlfo2TQd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3217392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5xkaAZmr-Ncn36gA7ip7WEXz-K_Jl3koZboqx2QXms8YCKzPqggVtQ==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 74 KB
23 KB 25ms
24ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: eYkhGQjP40unMXdcN3HHYihjadR4802e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3217392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u9K16Gu-Cc0syxDZPeG9VnQq4jVlGziQijV54CSrN4SRZ4WWIIHpog==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 66 KB
20 KB 27ms
26ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:39 GMT
x-amz-version-id: aivTM5q4EqbjZyr6ZPDp3uMtkv8Qsctw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2294163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Mon, 03 Apr 2023 20:09:54 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XXu4bwxt4n8I-Glo-7m5CQYTf0vVweZpAdYMG_k22ukc-f-CSn-6sw==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 91 KB
28 KB 30ms
29ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:27:21 GMT
x-amz-version-id: KF_bDZ.1exmwYIyY06clZwyCnDWvALFo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3381201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Wed, 22 Mar 2023 14:57:52 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QVOwF_FFG-vSa0Cexra6KurGZ2Dys2vspXXQB7JzaNa3gAmEcYxcwQ==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 23 KB
7 KB 33ms
32ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:05:28 GMT
x-amz-version-id: 7gSekl93DRdHS1ssd38pWgXby3n2Vww2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5056514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Thu, 02 Mar 2023 19:44:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LdPjs-fSZ9SoEpM8YJEKZow4zyjbxbYlgqsdbFApSd5ex0dUZsPySw==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 62 KB
20 KB 34ms
34ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:15 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4280127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zI125HJjIPl5d5_7D4NJ9ud8CPz0aoKaj1_Cn5s1DonhFb4FBYbTrg==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 105 KB
34 KB 36ms
35ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:15:32 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3497110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zdwQ4sMsxdVtcXxGP2cDieZlqcFH78v0Nar3FQQQ7cne8NesGQ2h5g==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 12 KB
4 KB 39ms
39ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:20:09 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3932433
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w0XVjiS34truCIP4L64PfuL1zAWZs8on_GqlD2jhEUH0dbBCOS_DLg==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 13 KB
6 KB 39ms
39ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:27:23 GMT
x-amz-version-id: KfFiV07Qwge7fnCeWZbfTMhDt2mAlVTi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3543199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xGHF3KBUkE3lnHCIP9qcg4P-nJIJ0te5vRQvWxQ7N-hKtzm2LTKKJg==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 17 KB
7 KB 40ms
40ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:40:20 GMT
x-amz-version-id: 7tFKkY8k35k4vJ09bMwXA3x5y_p.mEn4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2206822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0q-XJi4OKYEuplukvesUn95c2ylISAkuhNdir4YPZX5KzG-G_0Pyjw==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 31 KB
4 KB 40ms
39ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:08:37 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2457125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IzzylzgqdQVe2Mc6BijB3RewxpkE0IvGcZi5_xzNj_1nZRKspMLMJA==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 80 KB
25 KB 41ms
40ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:10:33 GMT
x-amz-version-id: ky.11J_dzfrQl7TBwMrL03LxCIIayqY7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2676609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Wed, 29 Mar 2023 16:46:56 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YpDQuwA78y__lfJSBqvUnSvaSjp--7t6nluIzS3lK9C6QdAms-I4NA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 24 B
696 B 42ms
41ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:43 GMT
x-amz-version-id: 9ti2s36gCLYUtp4L.4GakqTilGIjKEb5
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3487079
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gdvcvawGxQMX_lTL2ta2XIu5-JOupNZ2KJiyifPpjCCmOiT4IwQK_w==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 91 KB
23 KB 43ms
43ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1049954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 140
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V7LqdERHcIsl7QLtbUsqIs2HhGBKE75KBr1XUVslcMo_e7npr4ixcA==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 50 KB
14 KB 45ms
45ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3Cfo07shxXeNpBpsk8Ebq5CeSwCX7aF6MRiRR51qGmCW4Z58vCFQnA==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 40 KB
13 KB 46ms
46ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Akcfk4SGkRAdaqNNzKNDbA_b2gB4JpPzJvAiT534km3GQeDvf_EgIQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 42ms
41ms Image
image/gif 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=cdfe02635f87832f7fb37442e2a57166&svisitor=null&visitor=ca3f67a5-2d30-4ead-8549-66e4295716d0&session=6bf23307-012d-4a2d-8326-f6c31bf8308e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sun%2C%2030%20Apr%202023%2019%3A40%3A41%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2030%20Apr%202023%2019%3A40%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22cdfe02635f87832f7fb37442e2a57166%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2030%20Apr%202023%2019%3A40%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2030%20Apr%202023%2019%3A40%3A41%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&pageViewId=505abb42-aa70-4630-89fd-e571bcb2c838&an_uid=6917147059973758152

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:42 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 23 KB
8 KB 40ms
38ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 07:50:30 GMT
x-amz-version-id: Sn3EkueCHC_tRtPqOFFwTznveO4.Ubsv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4967412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTDEFg1lt9HIlYuhKAhkMlBJvATd6VeCmb3G3RF8piiMg1loSqtzig==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 36 KB
10 KB 40ms
37ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:17:25 GMT
x-amz-version-id: MdGIvvi9YQ2J9_G5jz.yGOdFqcXwYS05
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4598597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 07 Mar 2023 18:47:39 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3PHM3pxI_yBsgx_iuUi8MdgtS66Ux_s4TFbt7ejaAON2N0ZGYujv5g==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 32 KB
11 KB 41ms
38ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:56:04 GMT
x-amz-version-id: xQr6ANfVlQ8ZNn8hdXa_W5U6ZfwWeUA7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4020278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QfsLwPN3rFZ-iV2-od1XVaUZOjpokVGtw0sgHmU30iMIukbzTj6vVg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 17 KB
6 KB 42ms
39ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 07:50:00 GMT
x-amz-version-id: ybw1GI09u1lKCGavyikm1inUvvRdufu3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5313042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 27 Feb 2023 18:09:14 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B0vIx2MWPzzChWkJZKdM89v73j6IJ13kp9OZYrAPQCe7mUpd0xe9OA==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 25 KB
8 KB 42ms
35ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: jad7ciYmD1.UhEFDgYSX13KMAlfo2TQd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3217392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dxOb1pqAlG-Rs4rxoayJsv-6MxtEbuJ7-bnEVDlREzGY1jG59a9aIg==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 74 KB
23 KB 43ms
36ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: eYkhGQjP40unMXdcN3HHYihjadR4802e
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3217392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N-mtPMTdfhY7ix4lT_l0SYOS4Sx5Ydtdla3qAooU1QHEg-y-aP65Nw==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 66 KB
20 KB 44ms
37ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:24:39 GMT
x-amz-version-id: aivTM5q4EqbjZyr6ZPDp3uMtkv8Qsctw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2294163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Mon, 03 Apr 2023 20:09:54 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: am_Cqo_p_CFFv4xKgnWwhTfi04QINAKhIRgBVcFlaty0FcDlJuvt1g==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 91 KB
28 KB 44ms
38ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:27:21 GMT
x-amz-version-id: KF_bDZ.1exmwYIyY06clZwyCnDWvALFo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3381201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Wed, 22 Mar 2023 14:57:52 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -bc3i0ghQ10Ap-lMuA64e6y3aS7fuwoVRUnm9bIFrMJvReXZQ9UBjA==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 23 KB
7 KB 45ms
38ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 07:05:28 GMT
x-amz-version-id: 7gSekl93DRdHS1ssd38pWgXby3n2Vww2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5056514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Thu, 02 Mar 2023 19:44:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8GkeAa2VFFjp9K8VDS3p6Ucv-ty5vqIkXKZRb7R-VCtVQGwKnF6F8g==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 62 KB
20 KB 46ms
39ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:15 GMT
x-amz-version-id: sBgpDPg4E8n1uoNzBbNz7l_qusJlmRBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4280127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u10kTwT-V2Y08f16IW7d5FiGQxqbkoB92wmpYf871C1iRbB8w2PvZw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 105 KB
34 KB 47ms
41ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:15:32 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3497110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 88
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vTanygVKtFiC1Yb4SHqQ9VchMVvv7kWsxE1juB_GpONdjpyuwAsy7Q==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 12 KB
4 KB 48ms
42ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 07:20:09 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3932433
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 07l5SPvmKtZIQo2GwxQEXZis0rcIEQrfOGVrjmkju1V1GCR3H72OJA==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 13 KB
6 KB 48ms
42ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:27:23 GMT
x-amz-version-id: KfFiV07Qwge7fnCeWZbfTMhDt2mAlVTi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3543199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bamFGxEf5j5vMU_5NYZVQ_K4KWXkjcKzQ1D5cipYtKWnz5x_QhDQcA==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 17 KB
7 KB 49ms
43ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:40:20 GMT
x-amz-version-id: 7tFKkY8k35k4vJ09bMwXA3x5y_p.mEn4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2206822
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 22KCxR4kL19GmgLdAbZYUMF2p_MzKYqMjCgy-_vkBPJ-2XZ9Y8DfOA==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 742A 31 KB
4 KB 49ms
44ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:08:37 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2457125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RPM8gBzciIPPvVd-Q-V4GPu_2M0Tbsu6I-e4noBSAH-tSu6GdtrKkQ==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 80 KB
25 KB 50ms
45ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 20:10:33 GMT
x-amz-version-id: ky.11J_dzfrQl7TBwMrL03LxCIIayqY7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2676609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Wed, 29 Mar 2023 16:46:56 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T24ly1a3hViwmLu73kZW6OiDIf5ASvOzic38cGV8a30HNlcDamQ7zw==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 742A 24 B
695 B 49ms
44ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:43 GMT
x-amz-version-id: 9ti2s36gCLYUtp4L.4GakqTilGIjKEb5
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3487079
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hNoLAp4xiqVpmlucwAHLraYebEfcITZBDd61v9LopNJ_42_9kuAbbQ==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 91 KB
23 KB 51ms
46ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1049954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 140
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PMCU3FeeOTEqHkdWTf20_Y7HdxY8Ojz65h8P7Sn_oAfRitJ7QGREmw==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 50 KB
14 KB 51ms
47ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N_1SQeRQBeCHHdJvKdMpFbEC9ci62K_vW74WEtih8a8aIx1Ty673sA==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 40 KB
13 KB 52ms
48ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172911
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X-SoAm8Mqnh9crN_UhRgWklmoBqxsWTcb6Q78dNCai2t0Lb43O4NNw==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9DF9 487 B
964 B 21ms
17ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=e1vlmxc&ref=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&upid=nzz4w81&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 22:32:47 GMT
Via: 1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 76077
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 7an5p7tpZFKJKVc1TibKb-Qi9ubjpxvO1d_OvY8LRKZWMYz29jpeSQ==

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 728 B
577 B 80ms
26ms XHR
application/json 34.237.152.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.152.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-152-5.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b3cd3c10f2b00ffe9b2275648e095d8f93b3294f4ee008b76f7d7977e1867bc

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
Authorization: Token 9d9682d9d7358cc3cb8a55dfb8b3412e24d01fad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.reliaquest.com
access-control-allow-credentials: true
content-length: 390

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 92ms
25ms Preflight 34.237.152.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.152.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-152-5.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.reliaquest.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.reliaquest.com
access-control-max-age: 1800
date: Sun, 30 Apr 2023 19:40:43 GMT
server: nginx

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 3 KB
1 KB 18ms
17ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:45:16 GMT
x-amz-version-id: P3aycBysthgmcENcPayqohBO44enSkZR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4280127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BRixHyhry_jVeDiluQkbIYf7ZKQzOMVidOXnePmoN4V-Wn2pJepWeg==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 3 KB
2 KB 19ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:46:57 GMT
x-amz-version-id: UxCT8aDYj_hNgM93MexUSctwVxa1i.5F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4503226
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Thu, 09 Mar 2023 16:34:01 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dsOA79sZCfb1FGPmHgHUk9ETMVi_HnrL0JwnojZ36ja2kVzySlYuCw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 9 KB
3 KB 18ms
17ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 08:30:39 GMT
x-amz-version-id: 0aUHqB3JyDvTcbj3ZNyuEur3Iva146Ss
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2459404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HVRzWj1lBWpRkIKfzGdX0_PW5AsZUfAR3TBppaZluBsSy_Jtzjkcqw==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 35 KB
35 KB 20ms
19ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:22:49 GMT
x-amz-version-id: neSopBF0zHVZ2Zs8icGDQEPMBXWE9Dni
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 5095074
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
content-length: 35483
last-modified: Thu, 02 Mar 2023 19:44:21 GMT
server: istio-envoy
etag: "0ad089f0617a0fa8014a23c2afa90ddd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -_jn5FPPbLRpRyrdfSm07omVfpEbKVGMQd0zjIlGgiOWVAjAKrWNLg==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 742A 8 KB
2 KB 19ms
18ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 11:02:44 GMT
x-amz-version-id: UFE22JlREJuiBg.jVL7yG7vdjdjU5pnT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3487079
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Mon, 20 Mar 2023 19:06:53 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d5QiaeCF8V-tzl7-czdheGrDoBwFD1O8qMUHOjemxeUHqJ5-4mC4DQ==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 14 KB
6 KB 20ms
20ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:56 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2943107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 52
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y9XhImuXkUrVscPA7vm2hBCBMQvxwophcimDmld1DkJ5JqOsGR4L3Q==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 742A 365 B
1 KB 21ms
21ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:11:29 GMT
x-amz-version-id: 7vZxo7ymCEpTMOiGbASq140o6O_xaOt7
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 2780954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
content-length: 365
last-modified: Mon, 27 Mar 2023 17:53:22 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wJo4OZb9KUpXBUxe78fi1p44iRV6texVIdzahEr985hQNI1qyv8F_g==

GET
H2 200 23.ed4e6d8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 91 KB
25 KB 21ms
21ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.ed4e6d8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:38:37 GMT
x-amz-version-id: xN70QZOgyKQKNnP0o5N59vnLWimajx0E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 356526
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Wed, 26 Apr 2023 15:35:22 GMT
server: istio-envoy
etag: W/"697b9f051ece7b5f2c5dbe85f673b6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dWHILigUGJMWzigp5RFFbO1JHZUypXHQozq2vLv4YHE_VPe6BRZhrg==

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 1A63
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=feb618e9-aebb-4eb8-bbcc-66e6628fd189&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
470 B

25ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 30 Apr 2023 19:40:43 GMT
server: Kestrel

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame D359
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZmViNjE4ZTktYWViYi00ZWI4LWJiY2MtNjZlNjYyOGZkMTg5&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e66...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189&google_gid=CAESEMz1sWb8_U1XF7HcxawbBgc&google_cver=1

70 B
470 B

25ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189&google_gid=CAESEMz1sWb8_U1XF7HcxawbBgc&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 30 Apr 2023 19:40:43 GMT
server: Kestrel

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 19:40:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189&google_gid=CAESEMz1sWb8_U1XF7HcxawbBgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 06EB
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6917147059973758152&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189

70 B
469 B

25ms
25ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6917147059973758152&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sun, 30 Apr 2023 19:40:43 GMT
server: Kestrel

Redirect headers

AN-X-Request-Uuid: 77748bba-72dd-47de-b66b-7a20406a2dff
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Apr 2023 19:40:43 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6917147059973758152&ttd_tdid=feb618e9-aebb-4eb8-bbcc-66e6628fd189
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.187; 149.56.153.187; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 9 KB
3 KB 18ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 08:30:39 GMT
x-amz-version-id: 0aUHqB3JyDvTcbj3ZNyuEur3Iva146Ss
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2459404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Fri, 31 Mar 2023 03:20:36 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P1lQGKjP0Ri8ZZnGKQh1mC6jZFa3Oc-B9UjtF3BB8KP0d8RBDc-2vQ==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 7 KB
2 KB 19ms
18ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:49:44 GMT
x-amz-version-id: Q2PqwaAGurDGgY8YzFfQs2Uv742NLD.g
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3621059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 17 Mar 2023 17:38:15 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _Lgraf6ZlANixZePEqODySRLFSfZjr2W5NBbUnboeoOTzO-MYBDBiA==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 54 KB
15 KB 19ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 13:57:30 GMT
x-amz-version-id: Y8UJ84CmfvTL1vvwN0fzWZBCq4eSl45h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3217393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P4xipwb3lCVS4fbjBQK-RwyMW_sAPV17almodUWts8sSvd_wIoqhQA==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 44 KB
7 KB 19ms
18ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 09:15:37 GMT
x-amz-version-id: nJZ6zADpWV11YakUyza533NKRNONyBtw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2283906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Mon, 03 Apr 2023 20:09:51 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Y3MnruJ4-s5YB59WceyotWrGeKzuka7019BiBMTuIFV35UhlZvFEw==

GET
H2 200 1.dd688aaf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 53 KB
17 KB 20ms
19ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.dd688aaf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: EYuyMkYTdV6Sz.Tu3e2Qz8Z_YPV77rIe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2157051
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 05 Apr 2023 19:06:48 GMT
server: istio-envoy
etag: W/"456df11dba646f06e80bbae67a65aad8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z46ZTvJKuH97clpwGYrnf_L1vgWdYPr7b-LBoUHaWTCxDAL1MhpgTw==

GET
H2 200 4.b4477698.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 23 KB
10 KB 22ms
21ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.b4477698.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:52 GMT
x-amz-version-id: 0s5HvDu7I8ZUWeiRZtf_7BJNbUsVlUik
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2157051
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"ec2b0368f8359c0e46e2bfb9cf8e79ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lCkNs5Wi8jU67DgcKEqe6BYoyWGhI4OVTCdR51M_BGQaWiD6n4eTwA==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 8F86 14 KB
3 KB 22ms
22ms Stylesheet
text/css 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:11:06 GMT
x-amz-version-id: .Qx9Y0gU9g3o.rVP1g.ErQa6wXaiIqXc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3824977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6FgdsdJGQS1ANZMhBXEdaGeNv784Xn1dGqTf_wdvBDVSyw53cHLPbw==

GET
H2 200 35.46d29dea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 12 KB
5 KB 23ms
23ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.46d29dea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: xuvYWNeKM10RQbhB8D3mlc4N6CStBtYA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 172912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"8195467360aaef75c927565e2e787326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wMyHNglU0ExxuD7U_eknmeixlgnsV2fkgtVr_YFmHha1ZPgk3IQ2hw==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 742A 147 B
587 B 127ms
36ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

4fe42375195dc2f38588dc2af2238892586b6b70b7094cf504be1b35587d53d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 21ca90ab1bbc5eb2
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2058261451&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F&ul=en-us&de=UTF-8&dt=SolarWinds%20Compromise%3A%20What%20security%20teams%20need%20to%20know%20-%20ReliaQuest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1978469662.1682883641&tid=UA-10904891-3&_gid=1766093058.1682883641&gtm=45He34q0n71NPQTDR&cd1=&cd2=&cd3=Canada&cd5=&cd7=&z=456440089

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 02:56:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60256
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 742A 25 B
89 B 44ms
36ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: d06b8fc67c4944cd
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 742A 31 KB
8 KB 602ms
602ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a8f7149603879ada805d9983dd7b1690140ffe4da4c5c6852d3af8357c79e845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: da2a0244c158f092
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 568
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

POST
H2 204 /
csmetrics.hotjar.com/ 0
70 B 301ms
93ms Ping
text/plain 34.252.150.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csmetrics.hotjar.com/?v=3
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2441060.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.150.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-150-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reliaquest.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 30 Apr 2023 19:40:43 GMT
vary: Origin

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 53ms
52ms Image
image/gif 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:43 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 34ms
25ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 30 Apr 2023 19:40:44 GMT
requestid: drifta15d39243abb040ef5139c4714c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 track Show response
event.api.drift.com/ Frame 742A 659 B
718 B 26ms
25ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

7a8b1cb78c761b12541606ae26d56c356e674d3e9d56d622de793060d4788d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEwMTk2MjUzOSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNjIyMjciLCJleHAiOjE3MTQ1MDYwNDMsImlhdCI6MTY4Mjg4MzY0M30.QHl8HJsEdvX9yc-sdfsFyA8ZRAaPo24n0Rs0JZD3IP8-fO_Pw47W9vd90ukXxr-4Z2D7k2IsBkpsHzUKRVjfVQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 19:40:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 797df081abfe9c79
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 659

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 34ms
26ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 30 Apr 2023 19:40:44 GMT
requestid: driftbb64fa146af9ab52042cd0eb38b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 742A 2 KB
663 B 27ms
27ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

88ac32d45fd0ca4aaaf56fc6e9353c378a4ba617f1555dbfa231a4d32d34cfac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEwMTk2MjUzOSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNjIyMjciLCJleHAiOjE3MTQ1MDYwNDMsImlhdCI6MTY4Mjg4MzY0M30.QHl8HJsEdvX9yc-sdfsFyA8ZRAaPo24n0Rs0JZD3IP8-fO_Pw47W9vd90ukXxr-4Z2D7k2IsBkpsHzUKRVjfVQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Apr 2023 19:40:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 76fce6fdd218455
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 601

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 742A 18 KB
7 KB 18ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=uvut6nv3vzk9&eId=uvut6nv3vzk9&region=US&forceShow=false&skipCampaigns=false&sessionId=2e2649f1-9aef-4965-ad0b-f665fadf6144&sessionStarted=1682883642.837&campaignRefreshToken=38d8a6e9-048e-4076-9810-ce3869c3c4b7&hideController=false&pageLoadStartTime=1682883640870&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.reliaquest.com%2Fblog%2Fsolarwinds-compromise-what-security-teams-need-to-know%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: k5uZ.9PW.JvNHCZ_RpRIj6kuYFtHIceG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2453139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zC9KkXVME7-br99NZRqSc456cSqR1gJxxU1PxC6fI-5B4QEay4zktg==

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8F86 18 KB
7 KB 18ms
18ms Script
application/javascript 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1682883640870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 10:15:05 GMT
x-amz-version-id: k5uZ.9PW.JvNHCZ_RpRIj6kuYFtHIceG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2453139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: huv7jfyH2nSAtVt3cxihrbaUsznwFlYVE1RWI5JYZv-Z3oRvvafYLA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 742A 38 KB
39 KB 18ms
18ms Font
font/woff2 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5010977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 77
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SbssdlZF6B04ggTgbcM7yqWLMjTPUSMHqxxMBHbJCm_pUUIQe1jqZg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 8F86 38 KB
39 KB 18ms
18ms Font
font/woff2 13.225.223.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-92.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 5010977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 77
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jSbav95_74jX6Dm4tiJBUyO1YZJ554-gRiYkcnlurxKwGBRT_YO5BQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 42ms
41ms Image
image/gif 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:44 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 42ms
42ms Image
image/gif 23.33.238.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.33.238.177 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-33-238-177.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reliaquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:40:45 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 742A 25 B
112 B 40ms
40ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Apr 2023 19:40:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6fa705ffc95db41f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reliaquest.com/	1970-01-20 13:37:39	Name: _gcl_au Value: 1.1.158144953.1682883641
.techtarget.com/	1970-01-20 11:28:05	Name: __cf_bm Value: QgGdvTRTVRvTTtOE6c_KvMZG4zxTrETv_VgbDVtCV2Q-1682883641-0-AVQRVwGJD4ol1repLGVg6Z8Av0bCXb4ZoQdNvVrYzHbd6W6ade8RijWZkyzBbR7oJZL80V3y9MN03IGGuOhpPao=
www.reliaquest.com/	1970-01-20 11:38:08	Name: slireg Value: https://scout.us2.salesloft.com
www.reliaquest.com/	1970-01-20 20:13:39	Name: sliguid Value: 1a264be0-2e35-4a36-84c5-bf15c0b76a06
www.reliaquest.com/	1970-01-20 20:13:39	Name: slirequested Value: true
.reliaquest.com/	1970-01-20 11:29:30	Name: _gid Value: GA1.2.1766093058.1682883641
.reliaquest.com/	1970-01-20 11:28:03	Name: _gat_UA-10904891-3 Value: 1
www.reliaquest.com/	1970-01-20 11:29:30	Name: ln_or Value: eyIzNjY0MzQ4IjoiZCJ9
.reliaquest.com/	1970-01-20 13:37:39	Name: _rdt_uuid Value: 1682883641444.25ccc73b-db87-4e5e-b74e-a0129b5a8a29
.reliaquest.com/	1970-01-20 11:29:30	Name: _uetsid Value: e3f98c10e78e11edbc9953a5b12ceb9f
.reliaquest.com/	1970-01-20 20:49:39	Name: _uetvid Value: e3f9b100e78e11ed815557df194b500e
.linkedin.com/	1970-01-20 13:37:39	Name: li_sugr Value: a0e1f3c9-59aa-4147-9a0d-d7e6faac4baa
.linkedin.com/	1970-01-20 20:13:39	Name: bcookie Value: "v=2&1e36840c-a49f-4da6-8aa4-a9d6b7abbcec"
.linkedin.com/	1970-01-20 11:29:30	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2895:u=1:x=1:i=1682883641:t=1682970041:v=2:sig=AQF2S-ob7SQD8rvJ78Dg-_Fa2YP5a5pG"
.bing.com/	1970-01-20 20:49:39	Name: MUID Value: 3FD3A45E20706DC31A2AB75D21A66C23
.bat.bing.com/	1970-01-20 11:38:08	Name: MR Value: 0
.linkedin.com/	1970-01-20 12:11:15	Name: UserMatchHistory Value: AQL6tYOz8sCuywAAAYfTroChbuSY8j38nuTsY6m-EYV8-ttyMc-U6M3JDYM7MULZ4MJ9GbTdaNJBCA
.linkedin.com/	1970-01-20 12:11:15	Name: AnalyticsSyncHistory Value: AQLFmrwdsfc-WgAAAYfTroChxevWccnsyX9NsAKMoYPN9VR-B8_z_1lBnVLFwPFemUbik7C4HvQLSK9bzNeW1A
.reliaquest.com/	1970-01-20 21:04:03	Name: _mkto_trk Value: id:438-KYK-786&token:_mch-reliaquest.com-1682883641540-19408
.reliaquest.com/	1970-01-20 20:13:39	Name: _hjSessionUser_2441060 Value: eyJpZCI6IjdmYWUyYTI4LTNkMTUtNTBhZi1iZGNiLWRhYjY5ZmMwNmZlMCIsImNyZWF0ZWQiOjE2ODI4ODM2NDE1NzYsImV4aXN0aW5nIjpmYWxzZX0=
.reliaquest.com/	1970-01-20 11:28:05	Name: _hjFirstSeen Value: 1
.reliaquest.com/	1970-01-20 11:28:03	Name: _hjIncludedInSessionSample_2441060 Value: 1
.reliaquest.com/	1970-01-20 11:28:05	Name: _hjSession_2441060 Value: eyJpZCI6IjBmYWJjMmFmLTZiNjItNDI4Ny1hOTQ4LWJkZGFkZjFiYzU2NiIsImNyZWF0ZWQiOjE2ODI4ODM2NDE1ODUsImluU2FtcGxlIjp0cnVlfQ==
.reliaquest.com/	1970-01-20 11:28:05	Name: _hjAbsoluteSessionInProgress Value: 0
.www.linkedin.com/	1970-01-20 20:13:39	Name: bscookie Value: "v=1&2023043019404191598c76-31d2-42a5-87df-e3b9373cd26aAQFd73Q4pa3oq9pp8nvqRMwIf8-fOUHU"
.t.co/	1970-01-20 21:04:03	Name: muc_ads Value: 49179195-77a9-48d5-82cb-12d79a037895
.twitter.com/	1970-01-20 21:04:03	Name: personalization_id Value: "v1_5xzafIGPcc3op49w+IoFxg=="
.openx.net/	1970-01-20 20:13:39	Name: i Value: 9b9f99b7-7354-4b94-ac41-ff662608eabc\|1682883642
.adnxs.com/	1970-01-20 13:37:39	Name: uuid2 Value: 6917147059973758152
.rlcdn.com/	1970-01-20 20:13:39	Name: rlas3 Value: uCEmV8v/FuW/C6oqt/xwxEE+gXe7qDlBCY3LsxxkIjM=
.pubmatic.com/	1970-01-20 13:37:39	Name: KRTBCOOKIE_10 Value: 22808-ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc&KRTB&22883-ZTIwYzM5NDkxM2M3NzgwMTQ0NTNkMWYwNjU2ODkzYzc
.pubmatic.com/	1970-01-20 12:11:15	Name: PugT Value: 1682883641
.3lift.com/	1970-01-20 13:37:39	Name: tluid Value: 1168312041836244315413
.taboola.com/	1970-01-20 20:13:39	Name: t_gid Value: e7640fd9-18a1-4008-89a2-2b517e791eac-tuctb4849ba
.casalemedia.com/	1970-01-20 20:13:39	Name: CMID Value: ZE7EOlGMK2hFUMI9by0bOwAA
.casalemedia.com/	1970-01-20 13:37:39	Name: CMPS Value: 1299
.casalemedia.com/	1970-01-20 13:37:39	Name: CMPRO Value: 1299
.adnxs.com/	1970-01-20 13:37:39	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2IlbdVGfT!]tbPl@/@8$-^=$U_hBfF9j%U^Ks0jKr/c^LdK:LJ`wgXVlM.CffqyED_(N[3.mkK$e)U_K@[)m5Ft5bpRzqF1`b_GB-=%vz
.bidswitch.net/	1970-01-20 20:13:39	Name: tuuid Value: 5a71e8e9-fc30-47e5-bfd0-57eb9bed6861
.bidswitch.net/	1970-01-20 20:13:39	Name: c Value: 1682883642
.bidswitch.net/	1970-01-20 20:13:39	Name: tuuid_lu Value: 1682883642
.rubiconproject.com/	1970-01-20 20:13:39	Name: khaos Value: LH3TGX3I-1G-1Y5L
.rlcdn.com/	1970-01-20 12:54:27	Name: pxrc Value: CLqIu6IGEgUI6AcQABIFCOhHEAA=
.doubleclick.net/	1970-01-20 20:49:39	Name: IDE Value: AHWqTUkMTDyIxYIcKnpaT6qTxi2u2EFXMwykDbGEW1TD6dvOe6Rz9zWFCZ_-TtdGzB0
.yahoo.com/	1970-01-20 20:14:01	Name: A3 Value: d=AQABBDrETmQCEB9gNR9Fi6LSCUYS_ohUSwkFEgEBAQEVUGRYZAAAAAAA_eMAAA&S=AQAAAhuCNU451W0dTUeNOY5x6ys
.d.adroll.com/	1970-01-20 20:56:51	Name: __adroll Value: e20c394913c778014453d1f0656893c7-g_1682883642-a_1682883642
.adroll.com/	1970-01-20 20:56:51	Name: __adroll_shared Value: e20c394913c778014453d1f0656893c7-g_1682883642-a_1682883642
.analytics.yahoo.com/	1970-01-20 20:13:39	Name: IDSYNC Value: 1770~2bdv
.pippio.com/	1970-01-20 20:13:39	Name: did Value: xx_uR-Gi7NQbmJBZ
.pippio.com/	1970-01-20 20:13:39	Name: didts Value: 1682883642
.pippio.com/	1970-01-20 12:54:27	Name: nnls Value:
.pippio.com/	1970-01-20 12:54:27	Name: pxrc Value: CLqIu6IGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-20 20:13:39	Name: rmuid Value: 6d2cfdb9-f362-4419-b593-23510bb8b4ce
.linksynergy.com/	1970-01-20 20:13:39	Name: icts Value: 2023-04-30T19:40:42Z
www.reliaquest.com/	1970-01-20 11:28:05	Name: drift_campaign_refresh Value: 38d8a6e9-048e-4076-9810-ce3869c3c4b7
www.reliaquest.com/	1970-01-20 21:04:03	Name: _gd_visitor Value: ca3f67a5-2d30-4ead-8549-66e4295716d0
www.reliaquest.com/	1970-01-20 11:28:18	Name: _gd_session Value: 6bf23307-012d-4a2d-8326-f6c31bf8308e
www.reliaquest.com/	1970-01-20 11:38:08	Name: _an_uid Value: 6917147059973758152
.adsrvr.org/	1970-01-20 20:15:06	Name: TDID Value: feb618e9-aebb-4eb8-bbcc-66e6628fd189
.6sc.co/	1970-01-20 21:04:03	Name: 6suuid Value: adee2117c74800003ac44e64c2030000c8160200
.rubiconproject.com/	1970-01-20 20:13:39	Name: audit Value: 1\|ifodoSNCRqOGgnEUwGyJRDIU2YyFdaVDiWgEOVLJQhceECEUBMheivCY0yYvI0KZK88x8fRKQaswHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNpj+FzfkvFGjkJ9Zt9R/89lF9/l1sBCrOsMP9tDgooXV8FV4n5W39bpYMjOpl9NPwybyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA==
.adsrvr.org/	1970-01-20 20:15:06	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCI7t-JWa7-Q7EAUSFQoGZ29vZ2xlEgsIsLPql5rv5DsQBRIXCghhcHBuZXh1cxILCLzc-ZWa7-Q7EAUYBSABKAMyCwjcv_vCsO_kOxAFQg8iDQgBEgkKBXRpZXIzEAFaB2UxdmxteGNgAQ..
.reliaquest.com/	1970-01-20 21:04:03	Name: _ga Value: GA1.2.1978469662.1682883641
.reliaquest.com/	1970-01-20 21:04:03	Name: _ga_G6184BWDDN Value: GS1.1.1682883641.1.0.1682883643.58.0.0
www.reliaquest.com/	1970-01-20 21:04:03	Name: drift_aid Value: 1ee11713-65d3-4977-85c3-62bbc89144df
www.reliaquest.com/	1970-01-20 21:04:03	Name: driftt_aid Value: 1ee11713-65d3-4977-85c3-62bbc89144df

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/B66NuSHSWIEYYpkH-YXahkpuiW3C4GqYvUJmrTTsGsxWmoFfqW1WJjeVERAvywvPN2_WrRZv8hTxekFEZJIO0cxMYwJsVmEtNM4TIwOJ2jYKbiJ91FRmsKx-ZRbVjzOmwvCEqUgO Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh6.googleusercontent.com/fv1jTZHBF13g-LrG2jjl_ScDEfBcz-CIn0-aYtnCkzaIF8vtdmsgJWKSkN1ot6FguNQM-SPBN_YD1ShbICZ0g2ygTv2mN6dwPVjgaDDw-HDGcH3Gad2Cp3ljKDVveKo4PR5326cj Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh6.googleusercontent.com/QLXgn8dj3cVtsVxZrKcb5V2uMR-ZNz8igvWQNx0DiASEK7jfeWJqYrkCy5j4_4LfqMmVoIykMS2nMFRMr3ia2eoRgzckwwVoyvn6IlWN-tNmf4qZgmLKOgbjWyaippr4W4eKJvUD Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh4.googleusercontent.com/lcoggNPlahx2vuXg_Yl3ruG23gN2Z0LBcspKLmLX2LESuHdovd4ZtcxtYUzOiZE4kA564yMRAvQSB647i6hJFMDHAun2F4yZGXbPQe67agnsqCGgaJITpazNP6krTwZrKKzDPw1n Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh4.googleusercontent.com/blWmtNEQNLHbU31gtvnQBay_G_OInMR1GHqMuhVh8e3psZxjJtDdgeMuurNuUcJ_bfBbvYCQFS2VST7LjNSdMys7ZohyOfmEQ1pJsdABiiflkQ0v3KfSyYouyMLjXiyR6OzQz-Vw Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh3.googleusercontent.com/TUoGdsf0K0aOZDuK0qAAELELodH9-QyhMzAv6aelpf6QTqcjbXn7PrbdKr7DrXb3bmJs8HIqXAe8HriXO6LNgkY02XnhZ3iLkqSxV6ba61C_ZP6s7seJKkki8o8g-XAvLTHPc5eO Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lh5.googleusercontent.com/d-gdL-_h7f6CM9nhwEVqhxllHkQ8Sb0qhEx8PYGPDQGa6ljOPbZrMogeCSQ1QeZX5GyfCk354GP6h3ZbxjGlOtErkhk3NVbC3T9ZOlrm-MZ9GkPC7caQVvvepWWGx65GodHykzaA Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.reliaquest.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

438-kyk-786.mktoresp.com
457-xey-671.mktoresp.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
b.6sc.co
bat.bing.com
bootstrap.api.drift.com
c.6sc.co
cdn.jsdelivr.net
cdn.keywee.co
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cihost.uberflip.com
cm.g.doubleclick.net
co-events.anyword.com
code.jquery.com
content.cdntwrk.com
content.hotjar.io
csmetrics.hotjar.com
d.adroll.com
digitalshadows.com
dsum-sec.casalemedia.com
eb2.3lift.com
epsilon.6sense.com
event.api.drift.com
flipbot.uberflip.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ibc-flow.techtarget.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
insight.adsrvr.org
ipv4.d.adroll.com
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
kdl.keywee.co
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
lonrtp1-cdn.marketo.com
match.adsrvr.org
metrics.api.drift.com
munchkin.marketo.net
nexus.ensighten.com
p.typekit.net
pippio.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
resources.digitalshadows.com
s.adroll.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.addtoany.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
t.co
tags.rd.linksynergy.com
targeting.api.drift.com
trk.techtarget.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
www.digitalshadows.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.reliaquest.com
x.bidswitch.net
104.111.50.91
104.244.42.197
104.244.42.67
104.65.240.220
107.178.254.65
108.138.106.126
13.107.42.14
13.225.223.92
134.213.193.62
141.193.213.20
141.226.224.48
142.251.35.162
143.204.138.162
146.75.32.157
151.101.193.140
162.248.18.37
18.164.116.120
18.164.96.87
18.202.10.197
192.28.144.124
192.40.39.223
2001:4860:4802:34::181
2001:4de0:ac18::1:a:1a
23.33.238.177
2600:1400:9000::687e:74b1
2600:1400:9000::687e:74b2
2600:1400:9000::687e:74bb
2600:141b:5000::b81c:be9b
2600:1f18:61c0:2204:cd48:3f8a:770b:2c7c
2600:9000:21ec:8000:2:53b2:240:93a1
2600:9000:2209:8e00:e:ec66:e40:93a1
2600:9000:23cb:f400:6:9280:1080:93a1
2600:9000:24f1:6600:1b:8908:cd40:93a1
2600:9000:2511:5800:12:53a8:95c0:93a1
2600:9000:2511:aa00:9:91af:d140:93a1
2606:4700:10::ac43:2794
2606:4700::6810:7eaf
2606:4700::6811:190e
2606:4700::6811:4341
2606:4700::6812:acf
2606:4700::6812:d9f
2606:4700:e2::ac40:840f
2607:f8b0:4004:c17::9a
2607:f8b0:4006:807::200a
2607:f8b0:4006:80d::2003
2607:f8b0:4006:817::2004
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::2003
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:600::485
2a04:4e42::396
3.226.150.14
3.33.220.150
3.98.63.202
34.111.208.231
34.200.65.202
34.225.123.41
34.237.152.5
34.252.150.197
34.98.64.218
34.98.67.3
35.190.60.146
35.211.178.172
35.71.139.29
50.16.7.188
52.209.49.222
52.70.155.243
52.85.61.51
54.237.159.171
68.67.160.132
68.67.179.164
69.173.151.100
70.42.32.223
0278f9c007d917bb27776b525dc5bfaa55bed5ba4d86b590136e09324b622c24
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2298d58f76f75135d021b0f1aa558defa9e66a1cc384b3eedde0f0904fa72def
2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0
277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
324ba78d0d3427c5063729e07d319e785cd48eb5c342797e54b8575cfe68a64b
3407a3936d74297824dd73d7604a88519c25eebe2259cf29b56932641bceb25d
358d031ae310f2f7949026440ade6a6e0d1bf52733503156366796bf2d401347
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
3ad146cbd18d3a4a3c3a0671f43154e31f49e623e5123771f4054258f6a02430
3b3177703047afcbd53dca306d94d7d10b1e5975cff6ac198325b7f1d836cab1
45ae39b83ce75a8dbf0febf1e5b630fc54a713039ccfad6b46238212a1b858a9
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe42375195dc2f38588dc2af2238892586b6b70b7094cf504be1b35587d53d0
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
53d1cc9d5f2f9d37d74ac14d71656bbf3961c22be1825c54fc0453f8f8fb3d15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c9d6b15855705c327a582f8a574b11fbe135c97d91de845eaefcc09601ca4e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f1594ba40c75345c40700d534d166e7ecc71b50961a0d3e69f1418cb283918d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61ea329c09b4cc22cd4391b26ca2b66257eb824e590d4de2a760ccbfccf70bf7
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6720e7c06d90bcf38f0ae5c17205409563dc38f2e69f9b05c849af6a6f775334
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6daf77b61e152369a6b812e2bc3398d1dc62dc78875d1e9fcf7dcfdadbefdc35
72df5f1cc64215e3539219c9317ddbc2a1c6aaa96d5c03694cc6ed199a3bd9e3
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db
7a8b1cb78c761b12541606ae26d56c356e674d3e9d56d622de793060d4788d4e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b3cd3c10f2b00ffe9b2275648e095d8f93b3294f4ee008b76f7d7977e1867bc
7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c24cdc38d0e64c40ade6b6fe8aa3d935b7bb9daa553242aeb78b0a9a187fc0
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87f080e5c5ef7ecedf3a6a85178b9c8b30583bff0410d49ac3435945979ca79e
88ac32d45fd0ca4aaaf56fc6e9353c378a4ba617f1555dbfa231a4d32d34cfac
8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90cd085fb1b820cab7d04a52702a189d2a3cf9ffbcf1ef3b354283d65d7fa24a
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
926773c274b37042dd566c469b55cfc8011475f31ee55fa98507933bb5c5d598
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
95f4a488858d3b1cb66e3f6819d97123df10a0b7b164dc9583d92eb840094a39
973294976949397d50fddaf07d27a8ebd83d9ee7764f2a2414bba87f32058fd7
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9d1faf9bd9dfb8aa89f59852a79665717d0d5e551b39ceebca1d209dc4b117ff
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
9db5250e145757042c45be7dfd40fc20134ea2b44dc3d01eb1921f3a91bdb969
a224384e3fcabcfc0db7562ac96034adef39684cb4e190049003c25582c95219
a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae
a759130737e704a439f7ff5343435b471664cc63c53bf209ad736ab172c77dff
a7b321e2aedb7eeb6e47e410d92923c2b37bc5999a80ea24e9584fc6ee88a0d6
a85637a934a9982bab9e0bc5957dc6724c757603670f78e5ffc872017eefc9a5
a8f7149603879ada805d9983dd7b1690140ffe4da4c5c6852d3af8357c79e845
a9cd64ca9fca199d4366d499a84f6678bf0a2da7f87fa16217a042b6813d4ca5
a9e9a2335261b7402a5ac34f6ee844b780f1809863e70a5f203e731cfb372c76
aa011ed383cb780028a85caaa0dda67dce19b0f4bc596f4f708d1857015c1362
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24ae6a65149ffe0da1014b697c38330cd07a74017d231e395885378eee4a806
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae
b85ed770968845e1d8c7c5b9edabc809644d1b5b2788b43d3af7ef24fccc07c8
b9bfbcda70c0fa1ff65a8ff023013d4b64498a17f52e0052b1210eb160de8a5e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbed512058e04b44d9a434d7df8bd293e1669fce2a5365d6a817361c5fcae8bc
bc46e11ef889c4607d9befe335305d246d312cb0cda290d3beb75a722d417979
be08df326777a8b33cbcd047765e7dc6b8ddf620dcf64a85402ffc8fa006caab
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c81c322867056949b4836c5860843392b7da5dcb563ec2e99f8a5c05f7e74106
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
cdf902339c16a54db46d8c02887b9e256924d9a89b848c72cf06ce0c2ba452f0
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d1516aa471ad3c2c6a5a119f210f0d765b50c6789db22b6448d21c705a4edfb6
d3456009db33740c7f2eb412d9d308a3beb1dbd1fc63c73f1d2d8d436915f85f
d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c
d46dac91d649962de0e5ee214add05b95f1558ca59aa0b7914cb5c4f20bd7400
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
d69867f57a52885b676a974a0dd8aec3c7e39b0327ed55289094f8716786219c
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
dab69af700e302b9d41e9267aeff95d778fe26e000f4038b7b07cc1e3c87034e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e29ee33096bf86713f05642843b5b0493c1886d942c2c89cfcaa7f44b7acdb40
e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e553533d28524e15d82626e82f797afe6db8582382606af03666b4719191db93
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
e61ca9a85068733286db7daf3ba42d259a38df43f7e1a5cbe22d2ffd9947e6b2
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e881cbaf72e533ab082cff77ad98ec1cb5135a45cc280e75ce46b5ab69aed5e0
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
ea505562a9e36fffcdb50913ad7e5394360d2d7c482375aa0dc2e3567321a346
eaae1d4db82158aa4b92c4286ed1977ad9c3eb18db96573c6404f681fc93a78d
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec4f553db37df8f92703991422df8b24dd0eeb78929f5821634e462e96810987
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ec9bd365a7c60ee6c9c7c5c9be05f7f18ef7023cd4d44d062a96af1364842c7a
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cf3e53fae14d873db3bb34e6a1a2abe0cde9310a088f45382450e76ec770aa
f29982ec0ae139ba84a54234418dfdf0a36443c03a78e197082f3c189ddb6cfd
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f524309c83549cab1b81b931d905888234eecf709e4aa0ade136daa5edbb5246
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f838c4e8cdd29bcfca2067e65c001a8a300b30252263aca6ec24dd333ab7c622
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa129022a2c6b9211fba781a2b04119fa8b920a06dcfc71368415748f77dc2d2
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

www.reliaquest.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

94 %HTTPS

42 %IPv6

58 Domains

87 Subdomains

73 IPs

5 Countries

2793 kBTransfer

8786 kBSize

66 Cookies

12 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.reliaquest.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

94 %
HTTPS

42 %
IPv6

58
Domains

87
Subdomains

73
IPs

5
Countries

2793 kB
Transfer

8786 kB
Size

66
Cookies

248 HTTP transactions
0 data transactions