www.secureworks.com Open in urlscan Pro
13.107.237.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.secureworks.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZGK53POJVXGLTDN5WS6YTM...
Effective URL:
https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Submission: On April 05 via api (April 5th 2023, 4:10:37 am UTC) from NZ — Scanned from NZ

Summary HTTP 208 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 44 domains to perform 208 HTTP transactions. The main IP is 13.107.237.59, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.secureworks.com. The Cisco Umbrella rank of the primary domain is 690981.
TLS certificate: Issued by Thawte RSA CA 2018 on January 20th 2023. Valid for: a year.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.209.14.32 54.209.14.32	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.124.82.182 3.124.82.182	16509 (AMAZON-02) (AMAZON-02)
6	13.107.237.59 13.107.237.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
31	184.87.193.92 184.87.193.92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
2	23.7.175.107 23.7.175.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	74.125.200.97 74.125.200.97	15169 (GOOGLE) (GOOGLE)
1	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
11	104.19.188.97 104.19.188.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.144.98 172.64.144.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	74.125.68.101 74.125.68.101	15169 (GOOGLE) (GOOGLE)
10	23.44.5.50 23.44.5.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	172.253.118.156 172.253.118.156	15169 (GOOGLE) (GOOGLE)
4	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	104.18.12.159 104.18.12.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	13.227.254.60 13.227.254.60	16509 (AMAZON-02) (AMAZON-02)
1	23.45.116.82 23.45.116.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.46.109 199.232.46.109	54113 (FASTLY) (FASTLY)
1	34.98.105.146 34.98.105.146	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	152.195.58.59 152.195.58.59	15133 (EDGECAST) (EDGECAST)
2	13.224.254.115 13.224.254.115	16509 (AMAZON-02) (AMAZON-02)
1	199.232.44.157 199.232.44.157	54113 (FASTLY) (FASTLY)
2	23.195.153.54 23.195.153.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.35.8.72 13.35.8.72	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	74.125.200.147 74.125.200.147	15169 (GOOGLE) (GOOGLE)
1	96.17.96.30 96.17.96.30	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.150.227.184 54.150.227.184	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.115 18.155.68.115	16509 (AMAZON-02) (AMAZON-02)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.190.93.146 35.190.93.146	15169 (GOOGLE) (GOOGLE)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	13.35.8.108 13.35.8.108	16509 (AMAZON-02) (AMAZON-02)
1 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 2	13.35.8.69 13.35.8.69	16509 (AMAZON-02) (AMAZON-02)
1	13.35.8.103 13.35.8.103	16509 (AMAZON-02) (AMAZON-02)
1	23.36.49.63 23.36.49.63	16625 (AKAMAI-AS) (AKAMAI-AS)
7	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
208	45

1 54.209.14.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-14-32.compute-1.amazonaws.com

sales.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.82.182 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-82-182.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.237.59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 184.87.193.92 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-92.deploy.static.akamaitechnologies.com

content.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.175.107 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-7-175-107.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.188.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.98 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.68.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.44.5.50 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-5-50.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.159 (None, )

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 13.227.254.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-60.sin52.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.116.82 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-116-82.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.46.109 (Singapore)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.105.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.105.98.34.bc.googleusercontent.com

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.58.59 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.254.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-254-115.sin52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.153.54 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.150.228 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.8.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-72.sin5.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.17.96.30 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-96-30.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.150.227.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-227-184.ap-northeast-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-115.sin52.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.93.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.93.190.35.bc.googleusercontent.com

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.8.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-108.sin5.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.156 (Nashville, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.8.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-69.sin5.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.8.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-103.sin5.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.49.63 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	driftt.com js.driftt.com — Cisco Umbrella Rank: 6010	759 KB
38	secureworks.com 1 redirects sales.secureworks.com www.secureworks.com — Cisco Umbrella Rank: 690981 content.secureworks.com	2 MB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 7318 c.6sc.co — Cisco Umbrella Rank: 10831 ipv6.6sc.co — Cisco Umbrella Rank: 7836 b.6sc.co — Cisco Umbrella Rank: 5453	15 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 433	166 KB
7	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 7159 metrics.api.drift.com — Cisco Umbrella Rank: 7001 event.api.drift.com targeting.api.drift.com flow.api.drift.com Failed	9 KB
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1592 insight.adsrvr.org — Cisco Umbrella Rank: 633 match.adsrvr.org — Cisco Umbrella Rank: 368	7 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	6 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 400 www.linkedin.com — Cisco Umbrella Rank: 579	5 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	778 B
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8513	26 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2004	44 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1521 api.company-target.com — Cisco Umbrella Rank: 4038	2 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 6245 cm.teads.tv — Cisco Umbrella Rank: 6979 t.teads.tv — Cisco Umbrella Rank: 2785	8 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 15281 ibc-flow.techtarget.com — Cisco Umbrella Rank: 19775	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	13 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 691	772 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	801 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2711
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 12431	979 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 429	2 KB
2	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 12989 tracking.monsido.com — Cisco Umbrella Rank: 11918	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	181 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3441	6 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	914 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 687	393 B
1	t.co t.co — Cisco Umbrella Rank: 525	376 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5074	19 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2617	6 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13336	205 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000	376 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1590	157 B
1	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 21651	234 B
1	ml-attr.com 1 redirects s.ml-attr.com — Cisco Umbrella Rank: 18021	284 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 701	15 KB
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 10414	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 853	5 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1446	8 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 648	317 B
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 40477	566 B
0	google.co.nz Failed www.google.co.nz Failed
208	44

	Domain	Requested by
65	js.driftt.com	www.secureworks.com js.driftt.com
31	content.secureworks.com	www.secureworks.com content.secureworks.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
8	b.6sc.co
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	www.secureworks.com	www.secureworks.com www.googletagmanager.com
4	match.adsrvr.org	js.adsrvr.org
4	www.google.com
4	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	px.ads.linkedin.com	2 redirects
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	targeting.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	segments.company-target.com	1 redirects
2	id.rlcdn.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	epsilon.6sense.com	j.6sc.co
2	ibc-flow.techtarget.com	trk.techtarget.com
2	stats.g.doubleclick.net	www.google-analytics.com cdn.bizible.com
2	secure.adnxs.com	2 redirects
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	www.googletagmanager.com	www.secureworks.com www.googletagmanager.com
2	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
1	metrics.api.drift.com	js.driftt.com
1	t.teads.tv
1	api.company-target.com	cdn.bizible.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	cm.teads.tv	p.teads.tv
1	analytics.twitter.com
1	t.co
1	insight.adsrvr.org	1 redirects
1	tag.demandbase.com	www.secureworks.com
1	cdn.pdst.fm	www.secureworks.com
1	cdn.bizibly.com
1	tracking.monsido.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	alb.reddit.com
1	attr.ml-api.io
1	s.ml-attr.com	1 redirects
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	www.secureworks.com
1	app-script.monsido.com	www.googletagmanager.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	snap.licdn.com	www.secureworks.com
1	trk.techtarget.com	www.secureworks.com
1	www.redditstatic.com	www.googletagmanager.com
1	j.6sc.co	www.secureworks.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.secureworks.com
1	app.salesloft.com	1 redirects
1	sales.secureworks.com	1 redirects
0	flow.api.drift.com Failed	js.driftt.com
0	www.google.co.nz Failed
208	63

This site contains links to these domains. Also see Links.

Domain
portal.secureworks.com
twitter.com
www.linkedin.com
www.facebook.com
pages.secureworks.com
github.com
jobs.dell.com
investors.secureworks.com
content.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.secureworks.com Thawte RSA CA 2018	`2023-01-20` - `2024-01-19`	a year	crt.sh
cert00029-azurecdn.akamaized.net R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2023-03-17` - `2023-06-15`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-04-03` - `2023-07-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M02	`2023-02-14` - `2023-05-06`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-03-28` - `2023-06-26`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-25` - `2023-12-25`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Frame ID: 6591C304B5EC586E4179BFA2E1C87453
Requests: 126 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0
Frame ID: 7B44E2A96741DA52F7747BE4449C624A
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
Frame ID: F390CE6ADEB8DF742C6494207966040D
Requests: 37 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
Frame ID: ACC17E36FCA4B951A1A091B97C633FC5
Requests: 34 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-BVei6P9E2uK3_gxJaSxy5IapMEd2p0o-~A&gdpr=0
Frame ID: 75CDB3EB44E6A952682BF268D1380BA6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: FF86DAC2DFFB892F23D9EBB0F607D3E6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2&google_gid=CAESEAHwnicPf5Nqp3lBfFUqM4g&google_cver=1
Frame ID: E5FDDBEB6F424DF12606656CB81B08F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

5 Takeaways from Incident Response Engagements | SecureworksBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://sales.secureworks.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZG... HTTP 302
https://app.salesloft.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZG... HTTP 302
https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

94 %
HTTPS

0 %
IPv6

44
Domains

63
Subdomains

45
IPs

6
Countries

3224 kB
Transfer

7551 kB
Size

55
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements&text=5%20Takeaways%20from%20Incident%20Response%20Engagements&via=Secureworks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements&source=Secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html?_ga=2.98586582.992821853.1618841296-805368899.1615224462
Title: SEND ME UPDATES

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://twitter.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://jobs.dell.com/secureworks-jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://content.secureworks.com/-/media/Files/Corporate/modernslaverystatement_22_v2.ashx?modified=20220621140318
Title: Supply Chain Transparency

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.secureworks.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZGK53POJVXGLTDN5WS6YTMN5TS6NJNORQWWZLBO5QXS4ZNMZZG63JNNFXGG2LEMVXHILLSMVZXA33OONSS2ZLOM5QWOZLNMVXHI4Y=/www-secureworks-com-blog-5-takeaways-from-incident-response-engagements HTTP 302
https://app.salesloft.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZGK53POJVXGLTDN5WS6YTMN5TS6NJNORQWWZLBO5QXS4ZNMZZG63JNNFXGG2LEMVXHILLSMVZXA33OONSS2ZLOM5QWOZLNMVXHI4Y=/www-secureworks-com-blog-5-takeaways-from-incident-response-engagements HTTP 302
https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=www.secureworks.com&pId=3247411548496972547

Request Chain 97

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1680667830040%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%252Fblog%252F5-takeaways-from-incident-response-engagements%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true&liSync=true

Request Chain 105

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0

Request Chain 118

https://ups.analytics.yahoo.com/ups/55953/sync?uid=7d9383b9-8dd2-46ff-ab18-45157e581de2&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7d9383b9-8dd2-46ff-ab18-45157e581de2&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-BVei6P9E2uK3_gxJaSxy5IapMEd2p0o-~A&gdpr=0

Request Chain 119

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7d9383b9-8dd2-46ff-ab18-45157e581de2&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2Q5MzgzYjktOGRkMi00NmZmLWFiMTgtNDUxNTdlNTgxZGUy&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2&google_gid=CAESEAHwnicPf5Nqp3lBfFUqM4g&google_cver=1

Request Chain 121

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLfps6EGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8 HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8&verifyHash=6f697c0215e0f88fc2be40f9f79da3f48b4d32d6

208 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 5-takeaways-from-incident-response-engagements Show response
www.secureworks.com/blog/
Redirect Chain

https://sales.secureworks.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZGK53POJVXGLTDN5WS6YTMN5TS6NJNORQWWZLBO5QXS4ZNMZZG63JNNFXGG2LEMVXHILLSMVZXA33OONSS2ZLOM5QWOZL...
https://app.salesloft.com/t/100210/c/ebbd828a-f0f4-41ef-a1d8-ea865ad6fb3e/NB2HI4DTHIXS653XO4XHGZLDOVZGK53POJVXGLTDN5WS6YTMN5TS6NJNORQWWZLBO5QXS4ZNMZZG63JNNFXGG2LEMVXHILLSMVZXA33OONSS2ZLOM5QWOZLNMVX...
https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

72 KB
78 KB

1456ms
1145ms

Document
text/html

13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2bbe49087cac89195db4217789356d7671ac6c5cf54027062500b134aac47628

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-OWFjZWVlOGFmODA0NGY1OGEzMzM3YzZkNTY0YjY2Mjk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 74173
content-security-policy: object-src 'none'; script-src 'self' 'nonce-OWFjZWVlOGFmODA0NGY1OGEzMzM3YzZkNTY0YjY2Mjk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://*.vimeo.com https://*.vimeocdn.com content.secureworks.com *.secureworks.com id.rlcdn.com *.googletagmanager.com cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com *.google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com *.secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com *.secureworks.com;
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:22 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-azure-ref: 0rvQsZAAAAADa0vl6vstZQp9x84sDfIhoU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: PRIVATE_NOSTORE
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 145
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Apr 2023 04:10:21 GMT
Location: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: c8293c61cf1daf5ee8d7f79589473cbc
X-Runtime: 0.055572
X-XSS-Protection: 1; mode=block

GET
H2 200 html5reset-1.6.1.css
content.secureworks.com/content/app/css/ 1 KB
1 KB 1075ms
234ms Stylesheet
text/css 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/html5reset-1.6.1.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:24 GMT
x-azure-ref-originshield: 0bfX3YwAAAABUwY441BFPQIHt9ZEiOJlsU0lOMjIxMDgwNzE3MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 573
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:19 GMT
server: Microsoft-IIS/10.0
etag: "79add5bdda47d91:0"
x-azure-ref: 0bfX3YwAAAADN3mz05xlJSKGIPH6l81WzU0dFRURHRTA4MTkAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1302269
accept-ranges: bytes

GET
H2 200 western-typographies.css
content.secureworks.com/content/app/css/ 2 KB
836 B 1120ms
280ms Stylesheet
text/css 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/western-typographies.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:24 GMT
x-azure-ref-originshield: 0bfX3YwAAAAA77EGZ2UgAQJOWrG25q6Y/U0lOMjIxMDgwNzE3MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 365
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
server: Microsoft-IIS/10.0
etag: "5c8b48c9da47d91:0"
x-azure-ref: 0bfX3YwAAAAAIyN/qXcsrTrWCeSqK0uN/U0dFRURHRTA4MDYAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1357849
accept-ranges: bytes

GET
H2 200 main.css
content.secureworks.com/content/app/css/ 585 KB
83 KB 1120ms
280ms Stylesheet
text/css 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:24 GMT
x-azure-ref-originshield: 0us4NZAAAAAAYZPJaJ9lpSLPA/NfnNx2+U0lOMjIxMDgwNzE3MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 84253
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:19 GMT
server: Microsoft-IIS/10.0
etag: "3037dfbdda47d91:0"
x-azure-ref: 0us4NZAAAAACrpa1CWG4MQbeAMd/fTzA/U0dFRURHRTA4MTEAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=550605
accept-ranges: bytes

GET
H2 200 jquery-3.6.0.min.js Show response
content.secureworks.com/content/app/js/ 87 KB
31 KB 1075ms
236ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/jquery-3.6.0.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:24 GMT
x-azure-ref-originshield: 07BL4YwAAAAB3MyuWHL1bT5+V+UAhkuyRU0lOMjIxMDgwNzE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 30954
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:01 GMT
server: Microsoft-IIS/10.0
etag: "e4b5a0d6da47d91:0"
x-azure-ref: 07BL4YwAAAAAY2+jBPElDRriMXSlg1y0jU0dFRURHRTA4MTgAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1344712
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 807ms
270ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

e2a9833a3a7ab8cc05068f012697b9fcdd5d57dff78ed58eaf0e2c3fa4c05b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 04:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 04:10:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 04:10:24 GMT

GET
H2 200 IR-Donut-Pie-Chart-01_v2.ashx
content.secureworks.com/-/media/Images/Insights/Blog/2022/5%20takeaways%20from%20ir%20engagements/ 52 KB
53 KB 2320ms
1611ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Blog/2022/5%20takeaways%20from%20ir%20engagements/IR-Donut-Pie-Chart-01_v2.ashx?la=en&modified=20220711163615&hash=DE2B36F84F6619A720FA672EEB1F0627

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

91919ec99542a0a2bd5f917896edce8fd8c6e8197dd4a5a946563726d3442ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Jul 2022 16:36:15 GMT
etag: 616eecbbcf88469dba487a9df083ac7c
x-azure-ref: 20230405T041026Z-zw020gpymx1x936vptp2n1up7400000002tg000000000p76
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="IR-Donut-Pie-Chart-01_v2.png"
accept-ranges: bytes
content-length: 53505
expires: Fri, 05 May 2023 04:10:27 GMT

GET
H2 200 IR-blog-best-practices_v2.ashx
content.secureworks.com/-/media/Images/Insights/Blog/2022/5%20takeaways%20from%20ir%20engagements/ 24 KB
25 KB 2100ms
1392ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Blog/2022/5%20takeaways%20from%20ir%20engagements/IR-blog-best-practices_v2.ashx?la=en&modified=20220711163552&hash=17FF281BBC1D0BB8CF525EF64E7D4696

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

373926cabeb58e6f402ce39bfc52fed260f390564c349cba27e21e010efea8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:27 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Jul 2022 16:35:52 GMT
etag: bd0421317a104024938ae6d05e3eadd4
x-azure-ref: 20230405T041026Z-kq3t61dxp14yd1zb6b3ycavcw400000002w0000000003pqy
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="IR-blog-best-practices_v2.png"
accept-ranges: bytes
content-length: 25048
expires: Fri, 05 May 2023 04:10:27 GMT

GET
H2 200 002-background-treated_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/ 30 KB
30 KB 945ms
237ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/002-background-treated_360x190.ashx?modified=20220621213741

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 21:37:41 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0qooOZAAAAADpi1wZmX4bQ4DOXaBsdqp6U0lOMjIxMDgwNzE4MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 02b515b1c4464caaa68045744107a917
x-azure-ref: 0qooOZAAAAAA6eiBD/AMmS6uAOxht0wEeU0dFRURHRTA4MTcAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/png
cache-control: public, max-age=598906
content-disposition: inline; filename="002-background-treated_360x190.png"
accept-ranges: bytes
content-length: 30267
expires: Wed, 12 Apr 2023 02:32:12 GMT

GET
H2 200 blog-right-sidebar-ad.ashx
content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/ 21 KB
21 KB 1564ms
857ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/blog-right-sidebar-ad.ashx?modified=20221102152447

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 15:24:47 GMT
etag: 9a6cd664e4ae440c96fa0d2bacbcb2db
x-azure-ref: 20230401T235453Z-w0bmc5n3gp78xdmc72yadszsng00000000g000000000t5xd
content-type: image/png
cache-control: public, max-age=2317487
content-disposition: inline; filename="blog-right-sidebar-ad.png"
accept-ranges: bytes
content-length: 21359
expires: Mon, 01 May 2023 23:55:13 GMT

GET
H2 200 state-of-the-threat-2022_500x300.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/ 156 KB
157 KB 988ms
281ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/state-of-the-threat-2022_500x300.ashx?modified=20220930143542

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Sep 2022 14:35:42 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0X4ENZAAAAABUJcP/MAF1Q4xgX1IY5uWyU0lOMjIxMDgwNzE3MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: dca4e3938b8e4a69a36ea6fa76e12158
x-azure-ref: 0X4ENZAAAAACg3Ik4iHh+RIW8sMbrCYYiU0dFRURHRTA4MTEAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/png
cache-control: public, max-age=530797
content-disposition: inline; filename="state-of-the-threat-2022_500x300.png"
accept-ranges: bytes
content-length: 160244
expires: Tue, 11 Apr 2023 07:37:03 GMT

GET
H2 200 s02_360x190.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Podcasts/lets_talk_soc/season%202/ 11 KB
11 KB 1247ms
540ms Image
image/jpeg 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Podcasts/lets_talk_soc/season%202/s02_360x190.ashx?modified=20230221162553

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

fa3e856ab54db23ffbaa56575df8eae6056fa0e0809e92721d78ea25a7aa5a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:25:53 GMT
etag: 7d2c818cfadf449ca94c21409c8c399e
x-azure-ref: 20230405T004650Z-hgwp8m5kb53ch82bb0db9d2p8s00000002rg00000001btne
content-type: image/jpeg
cache-control: public, max-age=2579770
content-disposition: inline; filename="s02_360x190.jpg"
accept-ranges: bytes
content-length: 11166
expires: Fri, 05 May 2023 00:46:36 GMT

GET
H2 200 learning-from-ir_360x190_2.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/learning%20from%20ir%202022%20year%20in%20review/ 46 KB
46 KB 1443ms
737ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/learning%20from%20ir%202022%20year%20in%20review/learning-from-ir_360x190_2.ashx?modified=20230313223601

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

096c87a4c222af4628be1cdddb9b7cd8c2271f95ddcc1a92db96502bfe37c8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Mar 2023 22:36:01 GMT
etag: febe567dbf3042f5a857fbb4107a6230
x-azure-ref: 20230402T104717Z-w0bmc5n3gp78xdmc72yadszsng00000000rg00000001e93b
content-type: image/png
cache-control: public, max-age=2356671
content-disposition: inline; filename="learning-from-ir_360x190_2.png"
accept-ranges: bytes
content-length: 47103
expires: Tue, 02 May 2023 10:48:17 GMT

GET
H2 200 window-of-opportunity_360x190.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Infographics/2023/window%20of%20opportunity/ 30 KB
30 KB 1632ms
926ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Infographics/2023/window%20of%20opportunity/window-of-opportunity_360x190.ashx?modified=20230309210725

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

10f3d14cd7c6160f4ef86670fced61d5f5eb849996ac5ef29765fddab6da5b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Mar 2023 21:07:25 GMT
x-azure-ref-originshield: 08fQeZAAAAAAS8cqCD9UJTpgSX7lq4tBmU0lOMjIxMDgwNzE4MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 57843db3ae7544e89f8cdb45cd90ec8e
x-azure-ref: 0svQsZAAAAABTRzy7as4wQ4Ifk8CV7zY1U0dFRURHRTA4MTYAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="window-of-opportunity_360x190.png"
accept-ranges: bytes
content-length: 30289
expires: Fri, 05 May 2023 04:10:26 GMT

GET
H2 200 close.svg
www.secureworks.com/content/rc/images/ 850 B
1 KB 144ms
144ms Image
image/svg+xml 13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/content/rc/images/close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:24 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:11 GMT
etag: "24dfdcdcda47d91:0"
x-azure-ref: 0sfQsZAAAAAByUMvRC2D/SLTsB4ly5MyrU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 850

GET
H2 200 libs.min.js Show response
content.secureworks.com/content/app/js/ 257 KB
70 KB 419ms
418ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:24 GMT
x-azure-ref-originshield: 0dQj4YwAAAAAFn7OEfDCXRbmMuOitzDUPU0lOMjIxMDgwNzE3MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 70793
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
server: Microsoft-IIS/10.0
etag: "dd69fec5da47d91:0"
x-azure-ref: 0dQj4YwAAAAAAhuElOLxwSrqXtBoJ/MNKU0dFRURHRTA4MTkAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1458145
accept-ranges: bytes

GET
H2 200 main.js Show response
content.secureworks.com/content/app/js/ 73 KB
20 KB 236ms
235ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/main.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:25 GMT
x-azure-ref-originshield: 0bfX3YwAAAACsQ6ASS+ItRZBvBOIv9UsPU0lOMjIxMDgwNzE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 19484
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
server: Microsoft-IIS/10.0
etag: "9e905c6da47d91:0"
x-azure-ref: 07BL4YwAAAABdlnrIbmURR6534G7LYJmKU0dFRURHRTA4MTIAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1344600
accept-ranges: bytes

GET
H2 200 products.js Show response
content.secureworks.com/content/rc/js/ 44 KB
14 KB 235ms
235ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/rc/js/products.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:25 GMT
x-azure-ref-originshield: 0bfX3YwAAAABDGcDoiFGsQLretuLRph+LU0lOMjIxMDgwNzE4MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 13755
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:46 GMT
server: Microsoft-IIS/10.0
etag: "8d80fbcdda47d91:0"
x-azure-ref: 0bfX3YwAAAABM/W3fygxVTYnjOcUyZdjyU0dFRURHRTA4MDcAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1451893
accept-ranges: bytes

GET
H2 200 default.css
content.secureworks.com/content/app/css/highlighter/ 1 KB
1 KB 275ms
275ms Stylesheet
text/css 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/highlighter/default.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:25 GMT
x-azure-ref-originshield: 0bfX3YwAAAADFc78t+WveTadx7XigXmfxU0lOMjIxMDgwNzE3MDI3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 580
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:41 GMT
server: Microsoft-IIS/10.0
etag: "65618bcada47d91:0"
x-azure-ref: 0bfX3YwAAAABXadYz4W8YRrA323Qwn5aPU0dFRURHRTA4MTQAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1452905
accept-ranges: bytes

GET
H2 200 highlight.pack.js Show response
content.secureworks.com/content/app/js/libs/ 50 KB
20 KB 249ms
248ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs/highlight.pack.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:25 GMT
x-azure-ref-originshield: 07RL4YwAAAACp13bTRAfgSppS/anRyYScU0lOMjIxMDgwNzE3MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 20267
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:02 GMT
server: Microsoft-IIS/10.0
etag: "56b366d7da47d91:0"
x-azure-ref: 07RL4YwAAAAB5PwZOkYoaTI5rpH4ORp4yU0dFRURHRTA4MTIAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1377374
accept-ranges: bytes

GET
H2 200 bundle.js Show response
content.secureworks.com/content/micro/ 730 KB
213 KB 275ms
274ms Script
application/javascript 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/micro/bundle.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:25 GMT
x-azure-ref-originshield: 0bfX3YwAAAACTao830CBdR64cQUVMRDIiU0lOMjIxMDgwNzE3MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-length: 217228
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:04 GMT
server: Microsoft-IIS/10.0
etag: "c2e26ed8da47d91:0"
x-azure-ref: 0bfX3YwAAAADG47gK/kIVS6NQ+PIWKeIMU0dFRURHRTA4MjAAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1451812
accept-ranges: bytes

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 919ms
282ms Script
application/x-javascript 23.7.175.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.175.107 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-7-175-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 04:10:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
95 KB 818ms
283ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

68ffc85245f82cb733249e9e740f6f74dab8a857443861d38de22b3f69f06513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96450
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 04:10:25 GMT

GET
H2 200 visuelt-regular.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
34 KB 502ms
502ms Font
application/font-woff 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-regular.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 03 Nov 2022 07:39:42 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0/wOFYwAAAADZeE5R2aAMRr1GjpeMvgvGU0lOMjIxMDgwNzE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "fac7177057efd81:0"
x-azure-ref: 0/wOFYwAAAAApMJUQuzbUS5BDMJNmHNuKU0lOMjIxMDgwNzE5MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=783288
accept-ranges: bytes
content-length: 34560

GET
H2 200 learning-from-ir-jan-mar_1600x650.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/learning%20from%20ir%202022%20jan%20mar/ 371 KB
373 KB 1646ms
966ms Image
image/png 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/learning%20from%20ir%202022%20jan%20mar/learning-from-ir-jan-mar_1600x650.ashx?modified=20230313223243

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae310dc6db96c93767da743eecca5230a9f894008c3ce660415e4d51aefb916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Mar 2023 22:32:43 GMT
x-azure-ref-originshield: 0maYeZAAAAACL5WSFw1psQ7m5jl3YYyhNU0lOMjIxMDgwNzE4MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 7367e4a469694bfd9c72dbcecef6077d
x-azure-ref: 0svQsZAAAAACT36oeujjkSb4VBRpQ4FOaU0dFRURHRTA4MTQAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/png
cache-control: public, max-age=2591968
content-disposition: inline; filename="learning-from-ir-jan-mar_1600x650.png"
accept-ranges: bytes
content-length: 380225
expires: Fri, 05 May 2023 04:09:54 GMT

GET
H2 200 arrow.svg
content.secureworks.com/content/app/img/svg/ 2 KB
1 KB 1539ms
860ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/content/app/img/svg/arrow.svg

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:57 GMT
x-azure-ref-originshield: 0tD8mZAAAAADGsTiNpJPeQbp+N5n1ZBW+U0lOMjIxMDgwNzE4MDIxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Wed, 05 Apr 2023 04:10:26 GMT
etag: "c5a74cd4da47d91:0"
x-azure-ref: 0+/UnZAAAAABIQPk43V0lSoc98zcvRLS3U0dFRURHRTA4MjAAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2264752
accept-ranges: bytes
content-length: 905

GET
H2 200 visuelt-black.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
35 KB 521ms
521ms Font
application/font-woff 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-black.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:53 GMT
etag: "e6d7b9d1da47d91:0"
x-azure-ref: 20230312T071618Z-bn320ua6q92w79kdvug4tbunpc000000030000000000b2xs
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=529593
accept-ranges: bytes
content-length: 35128

GET
H2 200 visuelt-medium.woff
content.secureworks.com/content/app/fonts/visuelt/ 36 KB
36 KB 551ms
551ms Font
application/font-woff 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-medium.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:29 GMT
etag: "a41374c3da47d91:0"
x-azure-ref: 20230312T073807Z-qpry0ku6e90whcgepv1ungrq7800000002y000000000z8a0
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=530764
accept-ranges: bytes
content-length: 36448

GET
H2 200 Visuelt-Light.ttf
www.secureworks.com/content/assets/fonts/ 139 KB
140 KB 145ms
144ms Font
application/font-ttf 13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Light.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:24 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:03 GMT
etag: "47a8d2d7da47d91:0"
x-azure-ref: 0sfQsZAAAAADeU/svnVVFRL9JjyY7GSsXU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 142684

GET
H2 200 icomoon.ttf
content.secureworks.com/content/app/fonts/icomoon-new/ 3 KB
3 KB 579ms
578ms Font
application/font-ttf 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/icomoon-new/icomoon.ttf?8und5p

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:26 GMT
etag: "46589c2da47d91:0"
x-azure-ref: 20230312T073807Z-awqs6qrrh912t4q75269buw02n00000002zg00000001u4u5
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public, max-age=531015
accept-ranges: bytes
content-length: 2904

GET
H2 200 Visuelt-Bold.ttf
www.secureworks.com/content/assets/fonts/ 170 KB
171 KB 289ms
288ms Font
application/font-ttf 13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Bold.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:24 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:03 GMT
etag: "11fc9d7da47d91:0"
x-azure-ref: 0sfQsZAAAAAD9scrj4e9CRa79vkDIRE1VU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 174376

GET
H2 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 16 KB
17 KB 804ms
268ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 03:03:35 GMT
x-content-type-options: nosniff
age: 176811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16832
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 03:03:35 GMT

GET
H2 200 Visuelt.ttf
www.secureworks.com/content/assets/fonts/ 167 KB
168 KB 149ms
148ms Font
application/font-ttf 13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Origin: https://www.secureworks.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:25 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
etag: "542499c6da47d91:0"
x-azure-ref: 0svQsZAAAAAA/BGoQhVS8T5WELUvB6y6fU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 171496

GET
H2 200 warning.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 244 B
739 B 868ms
866ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/warning.ashx?modified=20221020215207

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:52:07 GMT
x-azure-ref-originshield: 0PzQmZAAAAAADuQFyga5cQ6zlhc8zxLLgU0lOMjIxMDgwNzE4MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b370dd3d1a404660b8227483d8eb6fff
x-azure-ref: 0qpArZAAAAABCp9+AretgRrQn1SonfcnpU0dFRURHRTA4MTIAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/svg+xml
cache-control: public, max-age=2500859
content-disposition: inline; filename="warning.svg"
accept-ranges: bytes
content-length: 244
expires: Thu, 04 May 2023 02:51:25 GMT

GET
H2 200 globe.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 2 KB
1 KB 868ms
867ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/globe.ashx?modified=20221020215152

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:26 GMT
x-azure-ref-originshield: 0PzQmZAAAAACMhgbk0/muRoOai+2KNBCOU0lOMjIxMDgwNzE4MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="globe.svg"
content-length: 749
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:52 GMT
etag: 7d221ab6182243ebb9f626238749ba99
x-azure-ref: 0X/UnZAAAAAAiZfvnI+DqRKMEOlSeFoWJU0dFRURHRTA4MTQAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2264480
accept-ranges: bytes
expires: Mon, 01 May 2023 09:11:46 GMT

GET
H2 200 in.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 768 B
1 KB 870ms
870ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/in.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
etag: e3eaed4027ef45f381a9ca6767b60f64
x-azure-ref: 20230401T073144Z-k86cy9x9cp6whcf72kpb2vbe5800000003kg00000000vu09
content-type: image/svg+xml
cache-control: public, max-age=2258483
content-disposition: inline; filename="in.svg"
accept-ranges: bytes
content-length: 768
expires: Mon, 01 May 2023 07:31:49 GMT

GET
H2 200 tw.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 1 KB
1 KB 904ms
904ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/tw.ashx?modified=20221031144531

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:26 GMT
x-azure-ref-originshield: 0nuknZAAAAABz4tSD327BQoCP8EXy3nCWU0lOMjIxMDgwNzE4MDI5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="tw.svg"
content-length: 689
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:31 GMT
etag: 1cfd65ea761243428664256ff1a11d92
x-azure-ref: 0nuknZAAAAACe2mjf5vTtT7IZkEWYjoyzU0dFRURHRTA4MTYAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2261412
accept-ranges: bytes
expires: Mon, 01 May 2023 08:20:38 GMT

GET
H2 200 fb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 403 B
896 B 900ms
900ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/fb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
x-azure-ref-originshield: 0o3wiZAAAAABnQi4U/ezrT4iNImnqJSjJU0lOMjIxMDgwNzE3MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 2972ab029c2e47d18428a81633dd48a5
x-azure-ref: 0nuknZAAAAADATgu4+Mm5S5uGJMN7fMBRU0dFRURHRTA4MTMAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/svg+xml
cache-control: public, max-age=2261488
content-disposition: inline; filename="fb.svg"
accept-ranges: bytes
content-length: 403
expires: Mon, 01 May 2023 08:21:54 GMT

GET
H2 200 gb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 2 KB
2 KB 899ms
898ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/gb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:26 GMT
x-azure-ref-originshield: 0df3dYwAAAADbOnPzxpILR5EJjTxpLap/U0lOMjIxMDgwNzE3MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="gb.svg"
content-length: 1230
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
server: Microsoft-IIS/10.0
etag: e9232effb940416d99f84a976e984c00
x-azure-ref: 0df3dYwAAAABn7wbRiXb7Ro9UUDQnXdHYU0dFRURHRTA4MjAAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1893518
accept-ranges: bytes
expires: Thu, 27 Apr 2023 02:09:04 GMT

GET
H2 200 right-arrow.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/ 270 B
768 B 893ms
893ms Image
image/svg+xml 184.87.193.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/right-arrow.ashx?modified=20221020215130

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.193.92 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-87-193-92.deploy.static.akamaitechnologies.com

Software

Resource Hash

ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:30 GMT
x-azure-ref-originshield: 0C6sfZAAAAABDyEGe4XdqQbjNRWeA8ji6U0lOMjIxMDgwNzE3MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b074483aa26d4f8ebd6e202c749c1289
x-azure-ref: 00+QnZAAAAADMK9q0O4ooTpnTX09Dxw1+U0dFRURHRTA4MTQAM2E2OWIyNGEtZTRiMi00OGEwLWJiOTYtZmVkNGU5ZjM4MmJi
content-type: image/svg+xml
cache-control: public, max-age=2260330
content-disposition: inline; filename="right-arrow.svg"
accept-ranges: bytes
content-length: 270
expires: Mon, 01 May 2023 08:02:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 284ms
281ms Script
application/x-javascript 23.7.175.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.175.107 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-7-175-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 04:10:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 14 Jul 2023 04:10:26 GMT

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 1343ms
337ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1680667826461&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1680667826460-45852&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fblog%2F5-takeaways-from-incident-response-engagements&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 04:10:28 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1dd54d82-bc7e-4853-a042-dceb6b7cbc0e

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 386ms
146ms Script
application/javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
age: 33549
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6741
x-ms-lease-status: unlocked
last-modified: Mon, 03 Apr 2023 20:08:41 GMT
server: cloudflare
etag: 0x8DB347F38216FD1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2a48c0ed-801e-0008-3e72-66c395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef101efcaee9a-AKL

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 376ms
136ms XHR
application/x-javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85cb8f40b8f2b4dfad0c28d4958c38a9358ff3a07c52840b3c157781acbfe8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9UqYg2DV8CO/3EKmukYfjw==
age: 29071
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1614
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 15:52:40 GMT
server: cloudflare
etag: 0x8DB31FFF5626700
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dffb77ea-f01e-008f-79e8-6396ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef1045be4eea6-AKL
expires: Thu, 06 Apr 2023 04:10:27 GMT

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
4 KB 144ms
144ms Script
application/x-javascript 13.107.237.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.237.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 20:30:41 GMT
date: Wed, 05 Apr 2023 04:10:26 GMT
etag: 9adb77ae344748cd8afceba540f40c4c
x-azure-ref: 0s/QsZAAAAAAxCy8JYqNERrP087Zt3xtXU1lEMDNFREdFMTgxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
x-cache: TCP_HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2534370
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
accept-ranges: bytes
expires: Mon, 01 May 2023 14:17:11 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 266 KB
87 KB 279ms
278ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

305e5884844c53385174589135257d4071875505216d1d9e1d06f03eab9b7059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88523
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 04:10:27 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 70 B
317 B 394ms
151ms XHR
application/json 172.64.144.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c943e1df418d1cfae7f0bd991edd5d5b020a6bb580e50861a54d0d71e130c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7b2ef106cf97fb8c-AKL
access-control-allow-headers: Content-Type

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 804ms
267ms Ping
text/plain 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je3430&_p=1160803869&cid=375862546.1680667828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680667828&sct=1&seg=0&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/ 407 KB
98 KB 129ms
128ms Script
application/javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 12zQcT/rVMicuxojEvnp3g==
age: 85434
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 100389
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:31:56 GMT
server: cloudflare
etag: 0x8DB301F4B2F0FB4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: de479cb4-601e-00a3-71c0-621487000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef107be9fee9a-AKL

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/e857f094-76cf-49bc-8384-893aa63c0d31/ 73 KB
14 KB 139ms
139ms Fetch
application/x-javascript 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/e857f094-76cf-49bc-8384-893aa63c0d31/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df76837b85f88e8e50295156c2f8320b78b66c3cb8f0e4c603ebf757e6f1500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fk9bVk7I2EJWcqhkvCxeEQ==
age: 29071
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14089
x-ms-lease-status: unlocked
last-modified: Fri, 31 Mar 2023 15:52:41 GMT
server: cloudflare
etag: 0x8DB31FFF5FD30B1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8fb13cc9-f01e-00c0-60e8-6352a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef109aa07eea6-AKL
expires: Thu, 06 Apr 2023 04:10:28 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 948ms
239ms Script
application/javascript 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Wed, 05 Apr 2023 04:10:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 267ms
267ms Script
text/javascript 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 03:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3917
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 05 Apr 2023 05:05:11 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 550ms
262ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 05 Apr 2023 04:10:28 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B02BCE32A22B47BC9C238D928C37AED2 Ref B: SYD03EDGE1909 Ref C: 2023-04-05T04:10:29Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 3 KB
1 KB 869ms
329ms Script
text/javascript 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1680667828859&cv=11&fst=1680667828859&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&hn=www.googleadservices.com&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&auid=727946224.1680667829&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

e3c808bee3ab78cebeb32eb4e5b14dc2c26fe73b60a89355e2146585eb4961b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6279.js Show response
script.crazyegg.com/pages/scripts/0097/ 6 KB
2 KB 372ms
129ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1376b36c3dd929ed0cba5cbf9a958473f480f5f85657aea1022c76e75c76c2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13135
cf-polished: origSize=6063
ce-version: 11.5.60
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 22:42:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 7b2ef10c5f3a1c50-AKL

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 428ms
142ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/ 3 KB
1 KB 857ms
322ms Script
text/javascript 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934024932/?random=1680667828869&cv=11&fst=1680667828869&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&hn=www.googleadservices.com&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&auid=727946224.1680667829&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

aa64d103dce3425c8bb65c46211fa8d97c8d359d9995f9ff6e689391081f5778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/ 3 KB
2 KB 680ms
317ms Script
text/javascript 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648366107/?random=1680667828870&cv=11&fst=1680667828870&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&hn=www.googleadservices.com&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&auid=727946224.1680667829&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

dc1c6896ab95762f817ffe0dee4988b1dd91fe932361773f37e6938edbf07032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 373ms
131ms Script
text/javascript 104.18.12.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 578
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 7b2ef10eaa77fb8c-AKL
expires: Wed, 05 Apr 2023 04:10:47 GMT

GET
H2 200 2mnfp3myy8iz.js Show response
js.driftt.com/include/1680668100000/ 220 KB
62 KB 1191ms
709ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1680668100000/2mnfp3myy8iz.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b206c3a4f1f6701c3d54df45cf6825372f53d56322b86947538d221df95de4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
x-amz-version-id: 6okqxBgOs6gCaXfszRq8doPip83YVNWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Tue, 04 Apr 2023 15:37:37 GMT
server: istio-envoy
etag: W/"f4ac7917365036320e7e63aefdb5e51f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OsdsiVMz8OtbUGKTVcxlvx6o8BR--aVwvixX4evdEN3aH-89-EAxXQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 724ms
237ms Script
application/x-javascript 23.45.116.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.116.82 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-116-82.deploy.static.akamaitechnologies.com

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81075
accept-ranges: bytes
content-length: 4777

GET
H2 200 40514862.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 779ms
235ms Script
text/javascript 199.232.46.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/40514862.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.46.109 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 135983
date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
via: 1.1 varnish
age: 18607103
x-cache: HIT
content-length: 5579
x-served-by: cache-qpg1283-QPG
last-modified: Thu, 01 Sep 2022 18:23:26 GMT
server: Apache
x-timer: S1680667830.971457,VS0,VE0
etag: "421e-5e7a1b598e380-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-67ff759c65-d4s6p
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Aug 2032 19:32:06 GMT

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 433ms
142ms Script
text/javascript 34.98.105.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.105.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.105.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3dd574f98eedb85c6b690a4211378b1780e5ef432ff089d6e6adb7ab827f6411

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:07 GMT
content-encoding: gzip
age: 22
x-guploader-uploadid: ADPycdtMbmDMgnlgkL0o_m2pnDGc6zTUOGVj4YitMi0SJT1Z8vgenNMFhLvpuTG8tVEUY8DlkWtAz2RSX5zbp8O8vPhARw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2758
last-modified: Wed, 11 Jan 2023 11:22:11 GMT
server: UploadServer
etag: "15f435c3a8c49a34384a1c77dd56daf3"
vary: Accept-Encoding
x-goog-generation: 1673436131172035
x-goog-hash: crc32c=ACeR+g==, md5=FfQ1w6jEmjQ4Shx33Vba8w==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2758
accept-ranges: bytes
expires: Wed, 05 Apr 2023 04:15:07 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 565ms
141ms Script
application/x-javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.58.59 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E78A) /
Resource Hash: bd5050e9441f369db70ed62e418b38812fbe8127517f11f91e9c885cfa084743

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 23:15:01 GMT
server: ECS (nwa/E78A)
age: 24005
etag: "996bd3735d63d91:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25470

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 712ms
235ms Script
application/x-javascript 13.224.254.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.254.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-254-115.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:36:59 GMT
Content-Encoding: gzip
Via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN52-C2
Age: 27212
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: kiDAxdcIYsRR5LZIIcOdATOiNWubceQTADhV9rnourvvv76eRbyw4g==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 712ms
234ms Script
application/javascript 199.232.44.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-qpg1257-QPG

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 942ms
236ms Script
application/javascript 23.195.153.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.153.54 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-153-54.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6f95925bdc32f90e2c25c9582a72f403b4aa655f3ff40b94df2463db359a465

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 04:10:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Mar 2023 09:07:17 GMT
Server: AmazonS3
x-amz-request-id: 1W2QDK0C6XB09R0T
ETag: "28974861fce04960e5bdeed29fdebed3"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=494
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6430
x-amz-id-2: xrtacO3ih/By5BWM3ZUsBbrL0n4Onse2dZCdk7bU97uqnr/Bz6XjCgLJk0oNm4pzlriITWym5fc=

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 10 KB
3 KB 134ms
133ms Fetch
application/json 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179a0ba55c3bbf759340ba2a57846f81a7de249ed7e502b5e8814af2ef964533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PubgfHj+VI+S8CXDj6L+0w==
age: 29071
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2702
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:31:48 GMT
server: cloudflare
etag: 0x8DB301F466AC1E2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 858b2734-301e-00ff-31e8-63e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef10aeb57eea6-AKL

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/ 61 KB
12 KB 139ms
139ms Fetch
application/json 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b382967162c482928529c765a21bf9ae4141dd1ccbdbf480140bdbd67eab8991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 94mqEGmIxKb0iFeUZrbqtw==
age: 29071
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:31:50 GMT
server: cloudflare
etag: 0x8DB301F47517D66
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fbfb32db-801e-00e6-39e8-63c916000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef10aeb59eea6-AKL

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 21 KB
4 KB 134ms
133ms Fetch
text/css 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 29071
x-ms-lease-status: unlocked
last-modified: Wed, 29 Mar 2023 06:32:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f484cc37-f01e-0084-7be8-638ece000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b2ef10aeb5beea6-AKL

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.secureworks.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.secureworks.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=www.secureworks.com&pId=3247411548496972547

0
234 B

1408ms
932ms

Image
application/json

13.35.8.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=www.secureworks.com&pId=3247411548496972547
Protocol: H2
Server: 13.35.8.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-72.sin5.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:33 GMT
via: 1.1 8f2472155c3b6e146855be1d54e7188c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: application/json
x-amz-cf-id: qZE1ZEV9eF7dh3-xWNem9YGw_-cLHTuPrBSUinn_LpYZLZFv1WPPgA==
content-length: 0
apigw-requestid: C4ss8gK4IAMEKkw=

Redirect headers

Date: Wed, 05 Apr 2023 04:10:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 116.90.74.209; 116.90.74.209; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 238f7738-d5e4-4663-893d-6e9fc0f9b6f2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://attr.ml-api.io/?domain=www.secureworks.com&pId=3247411548496972547
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
620 B 132ms
132ms Image
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 93
x-ms-lease-status: unlocked
last-modified: Mon, 03 Apr 2023 20:08:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c18f9e54-701e-001d-25ab-66010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b2ef10c1b81ee9a-AKL

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
511 B 132ms
132ms Fetch
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 29071
x-ms-lease-status: unlocked
last-modified: Mon, 03 Apr 2023 20:08:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bc235af2-001e-009a-35b6-665423000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b2ef10c1cb1eea6-AKL

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/ 22 KB
22 KB 133ms
132ms Image
image/png 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/SW_logo_black_print.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
age: 29071
content-length: 22030
x-ms-lease-status: unlocked
last-modified: Tue, 22 Mar 2022 06:08:54 GMT
server: cloudflare
etag: 0x8DA0BCA71F312CB
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b37aa1b8-f01e-00c0-19e1-5a52a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b2ef1104f9cee9a-AKL

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 149ms
149ms Image
image/svg+xml 104.19.188.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.188.97 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 05 Apr 2023 04:10:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 29980
x-ms-lease-status: unlocked
last-modified: Mon, 03 Apr 2023 20:08:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6f5c0583-f01e-00e9-0fab-6624e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7b2ef1104f9eee9a-AKL

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/site/ 13 KB
3 KB 387ms
150ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/site/www.secureworks.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f834b9f0913495d7fb527b87355f180beeebbbe7af07563840a452060e7757

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13135
ce-version: 11.5.60
content-length: 2983
last-modified: Tue, 04 Apr 2023 22:42:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b2ef10eafa61c4d-AKL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 268ms
266ms XHR
text/plain 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1160803869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&ul=en-us&de=UTF-8&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1302191330&gjid=162928296&cid=375862546.1680667828&tid=UA-1042506-1&_gid=500786286.1680667829&_r=1&_slc=1&gtm=45He3430n71P6Z7M2&z=2110643821

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 267ms
267ms XHR
text/plain 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1160803869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&ul=en-us&de=UTF-8&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1438502639&gjid=1589668846&cid=375862546.1680667828&tid=UA-1281488-1&_gid=500786286.1680667829&_r=1&_slc=1&gtm=45He3430n71P6Z7M2&z=1208647352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 1082ms
796ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1680667829324&id=t2_f8xwyeln&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=59dddee1-96b1-46f9-b2e6-7459aefced6b&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 204 56073499.js Show response
bat.bing.com/p/action/ 0
119 B 505ms
505ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56073499.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 05 Apr 2023 04:10:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A34741B458E444C0BD946AA6AB0D0B63 Ref B: SYD03EDGE1909 Ref C: 2023-04-05T04:10:29Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 289ms
289ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56073499&Ver=2&mid=07791cbb-383c-44af-b760-4b897eb9bda7&sid=cd158b60d36711ed98e2b757ec0c07c3&vid=cd15b3c0d36711edb843e1cf08ac902b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&p=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&r=&lt=8863&evt=pageLoad&sv=1&rn=931664

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E3BF250113D46ECB8DBF56F25DDA8BB Ref B: SYD03EDGE1909 Ref C: 2023-04-05T04:10:29Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
355 B 804ms
268ms XHR
text/plain 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1042506-1&cid=375862546.1680667828&jid=1302191330&gjid=162928296&_gid=500786286.1680667829&_u=YADAAEAAAAAAACAAI~&z=1578182708

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
465 B 369ms
368ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1680667829617&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17588164
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvGWMrsJJQENsuTro5QCJqxxykEgG03rfr4klKpMr5rOj8IunYfoYjOfBhOI6Rg2YU1eYDjUHE5F7MLHfeFpZ1D
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Wed, 05 Apr 2023 05:10:30 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 637ms
350ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17588164&r=1680667829617&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 04:10:30 GMT
expires: Wed, 05 Apr 2023 04:10:30 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdt3pLDOksZARQxzH4Fvo1yqwcQL1vhFSToohy5O0g8xKU26VSTsmIOBc75dUzyPZRUCGXDVSmkWJ3A-AQKrUrvY06nSMDov

GET
H2 200 67db9a20c46cea6ecb19e14bf62ad5bc.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 110 KB
38 KB 135ms
135ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/67db9a20c46cea6ecb19e14bf62ad5bc.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0097/6279.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69687445f4dac4574f422f9c79e6ad06c3eb0760e57279f8505bee6ce2d13f7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Mar 2023 12:51:45 GMT
server: cloudflare
age: 128790
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b2ef10f9db81c50-AKL
content-length: 38415

GET
H2 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
108 B 812ms
274ms Image
image/gif 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1680667828870&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=769379400&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.co.nz/pagead/1p-user-list/648366107/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10934024932/ 42 B
455 B 653ms
274ms Image
image/gif 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10934024932/?random=1680667828869&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=2704213904&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.co.nz/pagead/1p-user-list/10934024932/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/648366107/ 42 B
108 B 595ms
275ms Image
image/gif 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/648366107/?random=1680667828859&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=3526101189&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.co.nz/pagead/1p-user-list/648366107/ 0
0

GET
H2 200 www.secureworks.com.json Show response
script.crazyegg.com/pages/data-scripts/0097/6279/sampling/ 161 B
237 B 128ms
127ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0097/6279/sampling/www.secureworks.com.json?t=466852
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/67db9a20c46cea6ecb19e14bf62ad5bc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b708dff47ffdb1a71218826f5de3b57e24d73b1f807cb293da03a2ddcb680765

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13135
ce-version: 11.5.60
content-length: 150
last-modified: Tue, 04 Apr 2023 22:42:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b2ef110fc6c1c4d-AKL

GET
H2 200 / Show response
c.6sc.co/ 7 B
205 B 238ms
237ms XHR
text/html 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-5-50.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:29 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.secureworks.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
285 B 962ms
240ms XHR
text/html 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-96-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.secureworks.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466852_390796574_96876335_12_509_239_0";dur=1
content-length: 4
expires: Wed, 05 Apr 2023 04:10:30 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 694ms
693ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=8a39933e-74da-4417-8085-f975fd8879cd&session=6db01c27-2fcc-4a92-87bd-0b11c9821088&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22db8067e51eb58581f03147464f6063b2%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22b4a903896ae895a1a6279c68225fd93c979be1d7%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2005%20Apr%202023%2004%3A10%3A29%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20insights%20and%20trends%20discovered%20during%20these%20incident%20response%20(IR)%20engagements%20can%20help%20organizations%20make%20smarter%20decisions%20about%20cybersecurity%20strategy%20and%20tactics.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%225%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&pageViewId=3d918a37-3006-4cef-86f6-d4c16e89bc2a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 2 KB
979 B 745ms
263ms XHR
application/json 54.150.227.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.227.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-227-184.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b2538819b7bd29b27c9626afbc03cb3c1189321081798f4fa4ca88a159206f09

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
Authorization: Token b4a903896ae895a1a6279c68225fd93c979be1d7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.secureworks.com
access-control-allow-credentials: true
content-length: 791

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 727ms
243ms Preflight 54.150.227.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.227.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-227-184.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.secureworks.com
access-control-max-age: 1800
date: Wed, 05 Apr 2023 04:10:30 GMT
server: nginx

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2386324/domain/secureworks.com/ 36 B
376 B 709ms
236ms XHR
application/json 18.155.68.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2386324/domain/secureworks.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-115.sin52.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 03:31:39 GMT
content-encoding: gzip
via: 1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 2331
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: MtVH25uPJ6A58WgdaJHk0RIOishZsYdVbSXiivy0RaB_dxQRLZh1RQ==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2386324%26time%3D1680667830040%26url%3Dhttps%253A%252F%252Fwww.secureworks.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true&liSync=true

0
398 B

363ms
360ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0006F1AE13A64C10B4C9F0D217DC2701 Ref B: SYD03EDGE1409 Ref C: 2023-04-05T04:10:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4jvkb4CCzHmGdOoUt1g==

Redirect headers

content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; script-src-attr 'report-sample' 'none'; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 04:10:30 GMT
linkedin-action: 1
content-security-policy-report-only: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' badges.linkedin.com/profile 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' snap.licdn.com 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri /security/csp?e=p&f=default&ro=true
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAX4jvkWLvDPPf5INj/LAQ==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7C924CB0BD2E4DA38C0091FDA103D003 Ref B: SYD03EDGE1409 Ref C: 2023-04-05T04:10:31Z
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2386324&time=1680667830040&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
tracking.monsido.com/ 43 B
205 B 439ms
145ms Image
image/gif 35.190.93.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=MQ9I_bNdFCKYbfcbs6zs6Q&b=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&c=8121680667830098&f=74C1680667830098&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.93.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.93.190.35.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: 2023-04-05T04:10:30Z
date: Wed, 05 Apr 2023 04:10:30 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
326 B 141ms
141ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=70b531d24b3143e9fa92b9785752f5d0&_biz_s=b006c&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&_biz_t=1680667830102&_biz_i=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&_biz_n=0&rnd=838153&cdn_o=a&_biz_z=1680667830103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.58.59 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E789) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
last-modified: Tue, 04 Apr 2023 22:40:45 GMT
server: ECS (nwa/E789)
age: 19785
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 143ms
141ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=70b531d24b3143e9fa92b9785752f5d0&_biz_s=b006c&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&_biz_t=1680667830105&_biz_i=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&rnd=637087&cdn_o=a&_biz_z=1680667830105
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.58.59 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E78C) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
last-modified: Thu, 30 Mar 2023 16:47:03 GMT
server: ECS (nwa/E78C)
age: 473007
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
514 B 350ms
349ms Script
text/javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=70b531d24b3143e9fa92b9785752f5d0&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.03.30
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.58.59 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E789) /
Resource Hash: 3f3ef7b678910357d7e2bf2469af687ba92e59ae108f389ea3e7c626f5f84623

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:30 GMT
content-encoding: gzip
server: ECS (nwa/E789)
etag: A8ED31F0
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 219

GET
H2 200 u
cdn.bizible.com/m/ 43 B
107 B 141ms
141ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A725-SMC-563%26token%3A_mch-secureworks.com-1680667826460-45852&_biz_u=70b531d24b3143e9fa92b9785752f5d0&_biz_s=b006c&_biz_l=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&_biz_t=1680667830106&_biz_i=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&_biz_n=1&rnd=6845&cdn_o=a&_biz_z=1680667830307
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.58.59 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E789) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
last-modified: Tue, 04 Apr 2023 22:41:09 GMT
server: ECS (nwa/E789)
age: 19761
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 429ms
142ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 03:14:24 GMT
content-encoding: gzip
age: 3366
x-guploader-uploadid: ADPycdvD4M3b4OhSkmVKX8yLzL4Z_jDNbKTJwLjiF3ryDXmp00gXxvqaXwM110UgUSJTm9sR31SBvo5yzm3ACEV03FQSa7Cwz1A9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 05 Apr 2023 04:14:24 GMT

GET
H2 200 aa3cc511947365a3.min.js Show response
tag.demandbase.com/ 68 KB
19 KB 749ms
274ms Script
application/javascript 13.35.8.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/aa3cc511947365a3.min.js

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.8.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-8-108.sin5.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d033b6a91081188d6fefd908429fd0388a67b986a605a89a2683edbf08363386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: i4VENLpqjp7bv381kS2VLm9rk7rM8htQ
content-encoding: gzip
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
date: Wed, 05 Apr 2023 03:11:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: SIN5-C1
age: 3522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:39:48 GMT
server: AmazonS3
etag: W/"e058d6e0ad31d1af017a479d4fc1743c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: jdN-pXVW3O5M0EiDmP_XHy_7pzqApyzIVD6o_4FvCPNutN91JGYWZw==

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 7B44
Redirect Chain

https://insight.adsrvr.org/track/up?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0

927 B
1 KB

145ms
144ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 3179e763591b3926dfb13d38dc119c71dcb60b8f105e273a18f6269392f47770

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:30 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:30 GMT
location: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 273ms
273ms Image
image/gif 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1042506-1&cid=375862546.1680667828&jid=1302191330&_u=YADAAEAAAAAAACAAI~&z=2081027926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.co.nz/ads/ 0
0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 916ms
370ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cc2bdb4e-d37f-49ac-a6ba-fe2cfb1cce70&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f2498a1-6e2d-441c-b477-dc85ac75b821&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 100
date: Wed, 05 Apr 2023 04:10:31 GMT
strict-transport-security: max-age=0
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: be9f303f97d606e1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a34b642b30b92a9253bd56ed0f75739f0ec26f2b135141139e47a9ab679c2ce3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 909ms
369ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cc2bdb4e-d37f-49ac-a6ba-fe2cfb1cce70&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f2498a1-6e2d-441c-b477-dc85ac75b821&tw_document_href=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9jck&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 100
date: Wed, 05 Apr 2023 04:10:31 GMT
strict-transport-security: max-age=631138519
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: e256218d012ef6e2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 703f67286be00625a8ae6c3aee1b34116932714e17fd7d853fe118fce978dbb5
content-length: 43

GET
BLOB 200
OK 46eee236-bdcb-4a7d-a3c9-08fbf3832d0d
https://www.secureworks.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.secureworks.com/46eee236-bdcb-4a7d-a3c9-08fbf3832d0d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 138 B
858 B 1009ms
305ms Fetch
application/json 23.195.153.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&buyer_pixel_id=7246
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.153.54 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-153-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ddb5d792997193bb690c8107bf477699df333fb5bd3df2e56e20fe2a343892b7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 04:10:31 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.secureworks.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 138
Expires: Wed, 05 Apr 2023 04:10:31 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 680ms
680ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 7B44 487 B
987 B 236ms
235ms Script
application/x-javascript 13.224.254.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=6g1y9hy&ref=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&upid=gn5z6gn&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.254.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-254-115.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 12:17:09 GMT
Via: 1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN52-C2
Age: 57203
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: zxnCl1zMHiWPRbPyR0gaPm5HGqSGPKAXUhhYsyUUoR2fQIsVzZjaUg==

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 355ms
354ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 04:10:31 GMT
server: Google Frontend
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 6395156c06ea492ec9458fac63c53503
function-execution-id: ppwkftojwc50
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 702ms
324ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.secureworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:31 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: o6tj10wa2ras
server: Google Frontend
x-cloud-trace-context: 487aa89e992c439c4a296fda555e6757
x-powered-by: Express

GET
H2 200 core Show response
js.driftt.com/ Frame F390 2 KB
1 KB 459ms
458ms Document
text/html 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1680668100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8754635723ce77fb9845de44a21362a73261a964b630c49702758a6d7e36720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:31 GMT
etag: W/"2e4e9057318bcb8eeae6f7dd79eeb1d7"
last-modified: Tue, 04 Apr 2023 15:37:17 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-id: O7EFSD7I4njfQPZgCLb_wsoP5yO3mFV_OeNzppGhjn2jOT4sUnc85g==
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: d0FsXQyeKZ.CIX9Kb1C_2bF7ub1i6Cw9
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 15

GET
H2 200 chat Show response
js.driftt.com/core/ Frame ACC1 2 KB
1 KB 892ms
891ms Document
text/html 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1680668100000/2mnfp3myy8iz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8754635723ce77fb9845de44a21362a73261a964b630c49702758a6d7e36720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 04:10:31 GMT
etag: W/"2e4e9057318bcb8eeae6f7dd79eeb1d7"
last-modified: Tue, 04 Apr 2023 15:37:17 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-id: cjtZxlByBwJaza1XfyXGokhjCWsv9hIr79rfutGJDqNylMvGzyDoLg==
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: d0FsXQyeKZ.CIX9Kb1C_2bF7ub1i6Cw9
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 75CD
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=7d9383b9-8dd2-46ff-ab18-45157e581de2&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7d9383b9-8dd2-46ff-ab18-45157e581de2&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-BVei6P9E2uK3_gxJaSxy5IapMEd2p0o-~A&gdpr=0

70 B
584 B

143ms
143ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-BVei6P9E2uK3_gxJaSxy5IapMEd2p0o-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 05 Apr 2023 04:10:32 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Wed, 05 Apr 2023 04:10:32 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-BVei6P9E2uK3_gxJaSxy5IapMEd2p0o-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame FF86
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7d9383b9-8dd2-46ff-ab18-45157e581de2&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
584 B

142ms
142ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 05 Apr 2023 04:10:32 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame E5FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2Q5MzgzYjktOGRkMi00NmZmLWFiMTgtNDUxNTdlNTgxZGUy&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2&google_gid=CAESEAHwnicPf5Nqp3lBfFUqM4g&google_cver=1

70 B
584 B

144ms
144ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2&google_gid=CAESEAHwnicPf5Nqp3lBfFUqM4g&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 05 Apr 2023 04:10:32 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 04:10:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7d9383b9-8dd2-46ff-ab18-45157e581de2&google_gid=CAESEAHwnicPf5Nqp3lBfFUqM4g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLfps6EGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8&verifyHash=6f697c0215e0f88fc2be40f9f79da3f48b4d32d6

26 B
408 B

448ms
448ms

Image
image/gif

13.35.8.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8&verifyHash=6f697c0215e0f88fc2be40f9f79da3f48b4d32d6
Protocol: HTTP/1.1
Server: 13.35.8.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-69.sin5.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 04:10:33 GMT
Via: 1.1 4bc700d87dc12c5b9fe83b91ddd63bea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 256a1449ed4577ab
X-Amz-Cf-Id: FNuajqSo4OhKUslQKJ5HcqOPAWekVVjPHZF1xRYfTmx5-5nb5dwaMw==

Redirect headers

Date: Wed, 05 Apr 2023 04:10:33 GMT
Via: 1.1 4bc700d87dc12c5b9fe83b91ddd63bea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc1297LwEVTxrkxcevnazKcPhR9lcyhEGy8vCk8kzDwJFjYL8&verifyHash=6f697c0215e0f88fc2be40f9f79da3f48b4d32d6
Connection: keep-alive
trace-id: 1b0c44345b7c9fe7
Content-Length: 0
X-Amz-Cf-Id: Chwv0n9SBgs0GJ6tFdNO2iL_4qccdMbT966B7V8yoQt4RehMoCuE7w==

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 467 B
962 B 907ms
430ms XHR
application/json 13.35.8.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&page_title=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-103.sin5.r.cloudfront.net
Software: nginx /
Resource Hash: d0cbb436d9fcb6016a79ad043e1730cae38f5960e2f5ebc370d11711d33b13ed

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 04:10:32 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
request-id: 1a2d4999-b0fb-4d2c-9770-4f1b90098993
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.secureworks.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T_hNSP_yryvZP0XGNZSK1zrOtIIvVBCyB23d1EYldAWABN_rfphZTA==
expires: Tue, 04 Apr 2023 04:10:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 269ms
269ms XHR
text/plain 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=%5Bobject%20Object%5D&cid=375862546.1680667828&jid=1188494458&gjid=680244498&_gid=500786286.1680667829&_u=aDDAgEABAAAAAGAAI~&z=741538949

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Apr 2023 04:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 268ms
267ms Image
image/gif 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1160803869&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&ul=en-us&de=UTF-8&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aDDAgEABAAAAACAAI~&jid=1188494458&gjid=680244498&cid=375862546.1680667828&tid=%5Bobject%20Object%5D&_gid=500786286.1680667829&gtm=45He3430n71P6Z7M2&cd1=Salesforce&cd2=Software%20and%20Technology&cd3=BVR%20-%20Missed%20Opps%20Marketing%2CFY23%20SIEM%20Alternative%20Campaign%20Audience%2CXDR%20Awareness%2F%20Consideration%20w%20Suppression%2CNGAV%20Promo%20-%20Symantec%2FMcAfee%20Customers&cd4=Awareness&cd5=Strong&cd6=Consideration&cd7=Strong&z=1254635934

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 06:31:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77964
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.42c0fb67.js Show response
js.driftt.com/core/assets/js/ Frame F390 6 KB
3 KB 242ms
241ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbbcc5fe22ed592732cc1f4d48c3e45a4c39c014ff27b686e92ee1457f94c09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: _aOMkyUequDPaUDriIRk8dO6uRENoQVs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 04 Apr 2023 15:21:36 GMT
server: istio-envoy
etag: W/"60a11f88cb3614ff002269cf2bc96f43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T8SAb5ihVM4T6-YhL5A6a2Sy5s8LEM2vf35UdS3YSsa5T-zo8NxV2w==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 35 KB
13 KB 275ms
274ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: UVdMsjRTZM9IZetWKrtgG5QdkPiANbRJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hP7IlvROET7DipPFRo0HYLx-EWc62V3HTlknEapWInSMQ4ak-lLNTw==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 7 KB
3 KB 281ms
280ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:18 GMT
x-amz-version-id: 2A3gFoYN8Looz0.Fj9Bi0YkWhTrjxdv9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Mon, 13 Mar 2023 18:41:53 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4bm1nlbBggJgl9gkpgz4Ak9EsO19K188Lj9T56ijj30JQpXUYA3YEQ==

GET
H2 200 track
t.teads.tv/ 23 B
143 B 1045ms
339ms Image
image/gif 23.36.49.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.13.0_5eadee0&provider=tag&buyer_pixel_id=7246&referer=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&user_session_id=c88dd970-b356-45c8-ae88-40bae2087c88
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.49.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-49-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 05 Apr 2023 04:10:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 717ms
717ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 23 KB
8 KB 264ms
250ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Ss_CR6T2UeGz1pcg.xNoNhEzX_r1AvNm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MreGlejrWjF1AVd4kAHwb6HZ_3BMZND-r8BSE7U7SWsStj0E7QMncg==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 36 KB
10 KB 301ms
286ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: 9a97aS.6BNCjLqWg7ErlH7G1i5OsyVAH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g_E9T7evNkZpyxMe5IGe4J5SuBuKCt4aT-SrGxu9y0Nw_FesLXbN_g==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 32 KB
11 KB 326ms
311ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: XA_4ua4Mc1QdvybS1pWZjlgaFWs12iw1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1DsVH-A-Bk5Thl2Mu36o_Atq7unsbgcTKlQUMGT1znOO1iF9JuHwpQ==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 17 KB
6 KB 338ms
323ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Xr6smWF.zKCuwemf7Zui.jOCxmhBL9RK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8nM8jinR2NorhRDWF_g60jEv9RlNPXoyq8QpWW-LKyQrucjgQaMDqA==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 25 KB
8 KB 362ms
348ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: pNrGBBWbKFeZgDEgzRt8hbfwmOX2K5wP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lb19vB445gftMyqPONCzX7qB9cLuw2TUhTYXH-CC87cOe8DVSD2j9g==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 74 KB
23 KB 399ms
386ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:51:32 GMT
x-amz-version-id: K7UjW.QZOYNKa_std2da3fOE_tgs59NE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1300740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 76
last-modified: Mon, 20 Mar 2023 19:06:56 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oBx-v6G8dsnFmGwoljyi6N5fSaGZ8IpUDBmfV50zJI1HagS1X0NlWA==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 66 KB
20 KB 455ms
442ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: z7UNtWaxhYoZYOxoHhuaNIk8XDdXienG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Fri, 17 Mar 2023 17:38:18 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YMyoygS_UnhnSHyopSrsU6h0_N6Ui34uy4xgA2CPxCaQ6_B-W8MJBQ==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 91 KB
28 KB 505ms
493ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Fwmi4iJWwZJcqZrfoiOKf25V8pINId0d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gp7wZMmRox-8gJNKxcJdIVQpa8Bqgy4Hfr-ufG7knoxeeUb7sFBqmw==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 23 KB
7 KB 548ms
536ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 02:42:41 GMT
x-amz-version-id: RO4lA8yEDOZtfT2PvBv0Xiq3xw4.OB.v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1560471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qg5wKQAMQbdgtJii3XRJDaPGxMuff2S2hH512b8AHMXb0C_5fjTpbQ==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 62 KB
20 KB 592ms
580ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:30 GMT
x-amz-version-id: 5eHfgAcv_jSF3MqDC.lcjzVM4pNV6Jxm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w4Vvw4MQQQS1LSodagNu7oaIEcqEL3LaXGuwdiNE_9__roabagT2PA==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 105 KB
34 KB 633ms
622ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Bxk3GHfkaIN0jq7l2JVp1G4qv3BiK4Fg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 103
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ynZlhC5Dfhp2zNPzNfP7uroUCezNkumhvmSfmiN43MjI3_QO1UlrjQ==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 12 KB
4 KB 665ms
654ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AuAHRys7ChJiQeLV0FKwE2jMDMoXHOBM3GuCKJiiqSe1LRCTVPoKmw==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 13 KB
6 KB 671ms
661ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: tJGogoiKCydDFmLX6ig343gLp7BHovLa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 85
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iVxgagH1K81odQKeMxdv94j0SBk1BVebM9g0bPQEQKptZpfgwJN68Q==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 17 KB
7 KB 677ms
668ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: lqVkold9lbWyxC8vAxhJvhecEqFzj7hG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: velP2Jcw7u-Q3gITS6rY7FDQrKdqCa8VyNn1fxIc90oC7nhXbv5njg==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame F390 31 KB
4 KB 269ms
261ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:40:51 GMT
x-amz-version-id: E3gSdUNTrx7zX2rcnnfGfFSl5si2kag9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1168180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 22 Mar 2023 14:57:50 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pk-ilebTuxMmWVpcW7Y4yR5Tm60Nou_usB_9vdhgxyCUab235n-6NQ==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 80 KB
25 KB 700ms
692ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:53:56 GMT
x-amz-version-id: yjn0Mr9niEwveuUV6Ps9NwvZvY1Il2ab
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 994596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 24 Mar 2023 15:27:33 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M-mWFQoOq3yGMmbDvY7YSsHAsH8cJ-ywBnM1BsUcj208JaHioXmdug==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame F390 24 B
695 B 269ms
262ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:42:34 GMT
x-amz-version-id: 7PFLgyZz7a9JC7krApY9ZtGs_Mf2Wc2U
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SIN52-C3
age: 1974477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 086vBJlhCvLnh3zVrm3y2C0AyWU93l8xlrDpHphtizso2x3VMlLn4g==

GET
H2 200 17.4ba8f73a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 90 KB
23 KB 729ms
722ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4ba8f73a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9abea5b541e8639b2616ee3401146d93c8f383f8fe3df604871095ed87726827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:58:34 GMT
x-amz-version-id: .t3AHTb4hIUUVmXJiwfJLXpNTZ9QDM_1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1257118
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Tue, 21 Mar 2023 14:25:18 GMT
server: istio-envoy
etag: W/"fc376050296248d9fa297b1f2158153e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RM65HE7baPJNWiE2WCz9NjWxPkAC_f9Yiz5_sXM5THvOiWQreh2arw==

GET
H2 200 26.3ccbc715.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 50 KB
14 KB 746ms
740ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.3ccbc715.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

76f9815c524777b7a758e9e2d111da9653fccdf61ea16e2f764dc195ad1dbe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: BH8rPK9yqFYq1ZUXkEsiwHIi3oQBiHAz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Tue, 04 Apr 2023 15:21:35 GMT
server: istio-envoy
etag: W/"131331101b0eb5f30f68695bb8632284"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZgiA5lmO_I9dYATKk9ou76xZcDKzrdgkx14Tig99vFted6OdRtrMJg==

GET
H2 200 18.c88fad2c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 40 KB
13 KB 757ms
751ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c88fad2c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bc6f2e5649164e13036808a774e2c1314bd0ee488377d48de7af9363bac8f59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: 0dKzqAxvC_ZE.Pk.wpWcO.y3e2.qIox1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"d74576212777df54752e517455ec901b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q7T7fzzBecKqp7R1JluaewNGnaL9LE-BkinNUvryJhiFYW0-sW4y7Q==

GET
H2 200 runtime~main.42c0fb67.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 6 KB
3 KB 621ms
619ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbbcc5fe22ed592732cc1f4d48c3e45a4c39c014ff27b686e92ee1457f94c09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: _aOMkyUequDPaUDriIRk8dO6uRENoQVs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Tue, 04 Apr 2023 15:21:36 GMT
server: istio-envoy
etag: W/"60a11f88cb3614ff002269cf2bc96f43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cjIfelQVA2xRbERdqxw9eAGY9890RMmYabeOim77oDcI-jBICh49gg==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 35 KB
13 KB 630ms
629ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: UVdMsjRTZM9IZetWKrtgG5QdkPiANbRJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jgluvvKQ398-ZpylbFKDHmv5lV1XNOY_0S0HFMZhc-JHGbfz5ocqDQ==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 7 KB
3 KB 632ms
631ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
Origin: https://js.driftt.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:18 GMT
x-amz-version-id: 2A3gFoYN8Looz0.Fj9Bi0YkWhTrjxdv9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Mon, 13 Mar 2023 18:41:53 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7qoiIksH4Y1f_7AMo_Wf8edsFnHBqCEXKrH6reu2hhtWdEq8Kcwyfg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 267ms
267ms Image
image/gif 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1160803869&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&ul=en-us&de=UTF-8&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aDDAAEABAAAAAGAAI~&jid=&gjid=&cid=375862546.1680667828&tid=UA-1042506-1&_gid=500786286.1680667829&gtm=45He3430n71P6Z7M2&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=(Non-Company%20Visitor)&cd13=(Non-Company%20Visitor)&cd14=SMB&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=Auckland&cd18=AUK&cd19=New%20Zealand&z=1373100903

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 06:31:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77965
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 9 KB
3 KB 236ms
236ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 03:53:56 GMT
x-amz-version-id: x7IvWIZtQB5d92mMRDOd8zsaifwrjGa5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1988196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Thu, 09 Mar 2023 19:38:33 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tNm_OKujJ4VDrDF86vjvGC_tkXZ02CfqUG4pdZz_QmiC2dksIdzEQQ==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 35 KB
10 KB 241ms
241ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:20 GMT
x-amz-version-id: qTKrnEPlGs2PM_XgbyIYq.V3vkDgTj08
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598531
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YRIVbK3-r5rNt7Yx7JuMzrMNAkb9aKdJkOi_ExQU1H54fDWWlaRlog==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame F390 8 KB
2 KB 242ms
241ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:46:06 GMT
x-amz-version-id: z0D8dNmBsmDdH6SQS.4Ersz3hAXwiniS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1164266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Wed, 22 Mar 2023 14:57:50 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q2IUAixFFv3v0fCu2gzAdIFPSZcoXXMxjlp_xJtN1WFam1sOz3Uw2Q==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 14 KB
6 KB 244ms
243ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:58 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 727294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5VTxvsfuMmCQKFxc9_K_BP17gvX9y1QH7jOcaYb0orb0raf8yU7W3Q==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame F390 365 B
1 KB 242ms
241ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:44 GMT
x-amz-version-id: V4VBdWZ9ABBYNjuFppAhIe67oJcvW8gb
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SIN52-C3
age: 1367148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
content-length: 365
last-modified: Fri, 17 Mar 2023 17:38:15 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: te-A58z2U-IeqM0iaMOkshOz8m0JZAumB7PQWkCkGvH--BlsaobT1Q==

GET
H2 200 23.18176f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F390 91 KB
25 KB 252ms
251ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.18176f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1b5ace958a12ed97eaa50823dfe0520e97043f915f2eb114a69e59ec2a598af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=2mnfp3myy8iz&eId=2mnfp3myy8iz&region=US&forceShow=false&skipCampaigns=false&sessionId=2ae73fcc-1c5c-409b-8740-fb2535a3043c&sessionStarted=1680667831.144&campaignRefreshToken=9867a96d-a306-49f4-a1ad-b515c9507e50&hideController=false&pageLoadStartTime=1680667823924&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:45:55 GMT
x-amz-version-id: oaoOrZdz.PxOt5VYKyLTyGkeOwHuV8Y5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 109477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Mon, 03 Apr 2023 16:05:11 GMT
server: istio-envoy
etag: W/"cf57f94ae70eff9bcf6005267c54a27a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 96Y42yy31RGYS91Xj2gdw--HQCQ0PE8OGxywe1NKxw4OaAUsiILd7Q==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 23 KB
8 KB 246ms
240ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Ss_CR6T2UeGz1pcg.xNoNhEzX_r1AvNm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0-pvRfS1YHXZUIpZdJkbe48qei689JBNpdgPGin8OVXWbE4ETBDR2w==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 36 KB
10 KB 250ms
244ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: 9a97aS.6BNCjLqWg7ErlH7G1i5OsyVAH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xlch321pO4obLASbf6U4QvdoVg1Te-brD3YLXlRMoO3OaN054vePUg==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 32 KB
11 KB 255ms
249ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: XA_4ua4Mc1QdvybS1pWZjlgaFWs12iw1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YKW-qn6bgGsaHi-QN1rapMgnotVyfHYZtIpDLwVjDacxnLbynN83Kg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 17 KB
6 KB 258ms
252ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Xr6smWF.zKCuwemf7Zui.jOCxmhBL9RK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hpuD2jJjw-CuDyi-quxR2uimvqpiX76JcoIkYhBM0Hn9NPQTjWKdBg==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 25 KB
8 KB 457ms
451ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: pNrGBBWbKFeZgDEgzRt8hbfwmOX2K5wP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bmXjP_8M1c6V5nQNLuIa-n_mhNuuquxVc1eyf4pDsWak7kBff5yB-g==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 74 KB
23 KB 464ms
459ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:51:32 GMT
x-amz-version-id: K7UjW.QZOYNKa_std2da3fOE_tgs59NE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1300741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 76
last-modified: Mon, 20 Mar 2023 19:06:56 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cas_EMtN80L8KLn0CsNSmX_PRRo-oSXmk_cPzhzTixKKgIRWbmwm2g==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 66 KB
20 KB 476ms
470ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:29 GMT
x-amz-version-id: z7UNtWaxhYoZYOxoHhuaNIk8XDdXienG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Fri, 17 Mar 2023 17:38:18 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BhdObqBIgOArlr_UHjZOTFP9yt6JpuKOr_vbrnkFSnZcaP4NFpuAkg==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 91 KB
28 KB 488ms
482ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Fwmi4iJWwZJcqZrfoiOKf25V8pINId0d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 74
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n4e7UOkcvT-8QmSmVjmtEJ4bKIO_wuLghDkFSuNrR8xtHOqnVx36Zw==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 23 KB
7 KB 498ms
493ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 02:42:41 GMT
x-amz-version-id: RO4lA8yEDOZtfT2PvBv0Xiq3xw4.OB.v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1560472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WTUCygJ38Sjz8gG1KRb-rIzALuQRtO2mYRdKB87qB9-XL-kTsNUfPw==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 62 KB
20 KB 505ms
500ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:24:30 GMT
x-amz-version-id: 5eHfgAcv_jSF3MqDC.lcjzVM4pNV6Jxm
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1367163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ds9IgAScvHVbhbTfVIOiy7OJfsbjCPqJQ4Xne_uBHSbwA8AAVtKSsw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 105 KB
34 KB 515ms
510ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: Bxk3GHfkaIN0jq7l2JVp1G4qv3BiK4Fg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 103
last-modified: Mon, 13 Mar 2023 18:41:52 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f6x70ofDNzL4IzzU1Pojg7GRC5IsXAySZpmtfzkTT2KCPXUqYo6KSg==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 12 KB
4 KB 525ms
521ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: 5LomjhgUm7._fyzrQBTKl0XmRhJgm3pa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S4f1w82-D-oZaXJh7u_uEF9HCfonUy8ec5pHlEmpbGC2VAlMLqJ5-Q==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 13 KB
6 KB 527ms
524ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: tJGogoiKCydDFmLX6ig343gLp7BHovLa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 85
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _ZdvoybPFc0MXKyjgH94WQ2HKpjryDn-nBQQDWTnZnkF82-IQt36Jg==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 17 KB
7 KB 531ms
528ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:19 GMT
x-amz-version-id: lqVkold9lbWyxC8vAxhJvhecEqFzj7hG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qEhTjqMFVRpOpTDvL_DukTHrofKNcKoXLzmk9flKkZkWZV2-vlONQA==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 31 KB
4 KB 478ms
475ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:40:51 GMT
x-amz-version-id: E3gSdUNTrx7zX2rcnnfGfFSl5si2kag9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1168181
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 22 Mar 2023 14:57:50 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZRVIB9W3nMfHk_2jX9P_Wim9FlK-HYcab_j7Z7AzOVoZi20Du816oA==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 80 KB
25 KB 538ms
535ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:53:56 GMT
x-amz-version-id: yjn0Mr9niEwveuUV6Ps9NwvZvY1Il2ab
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 994597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 24 Mar 2023 15:27:33 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CmSTuBcn7552OfmRypuR9BTBCBmY_-Gr--wlZcHRUAdKIeflACU8KQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 24 B
696 B 478ms
476ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:42:34 GMT
x-amz-version-id: 7PFLgyZz7a9JC7krApY9ZtGs_Mf2Wc2U
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SIN52-C3
age: 1974478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GRsnOVtnjg3dsFxM1jxUs59QEGx3W0m4UFsvBbMNT6RzJwkuhKT0og==

GET
H2 200 17.4ba8f73a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 90 KB
23 KB 550ms
548ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.4ba8f73a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9abea5b541e8639b2616ee3401146d93c8f383f8fe3df604871095ed87726827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:58:34 GMT
x-amz-version-id: .t3AHTb4hIUUVmXJiwfJLXpNTZ9QDM_1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1257119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Tue, 21 Mar 2023 14:25:18 GMT
server: istio-envoy
etag: W/"fc376050296248d9fa297b1f2158153e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3xxnPQIuwCxmNeVQO4BaoIHPN3SYR6Pz4bzHhIG6vVd_j6xJV0RfRg==

GET
H2 200 26.3ccbc715.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 50 KB
14 KB 560ms
558ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.3ccbc715.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

76f9815c524777b7a758e9e2d111da9653fccdf61ea16e2f764dc195ad1dbe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: BH8rPK9yqFYq1ZUXkEsiwHIi3oQBiHAz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Tue, 04 Apr 2023 15:21:35 GMT
server: istio-envoy
etag: W/"131331101b0eb5f30f68695bb8632284"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8204ISOK6yOdY7jYaZGjo4s7egYlmAbAjtHmjRZeJVHGvny19JUPiQ==

GET
H2 200 18.c88fad2c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 40 KB
13 KB 567ms
566ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c88fad2c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bc6f2e5649164e13036808a774e2c1314bd0ee488377d48de7af9363bac8f59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 15:37:17 GMT
x-amz-version-id: 0dKzqAxvC_ZE.Pk.wpWcO.y3e2.qIox1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 45196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"d74576212777df54752e517455ec901b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qdIz5SOdKQmVsIDO7sGeomTtpeESr8zRYoQ2v0W68C7wQYnpAoEh0Q==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 667ms
667ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 3 KB
1 KB 236ms
235ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 03:21:12 GMT
x-amz-version-id: SY1hLKYS4h8BP4ko5DrrZy8.ELs1MQI5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1558161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 17 Mar 2023 17:38:15 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iJq5OBs713bgFTb97lv9502CzgM6VFrEuQ_15WsBqefdNdYKXx1M4g==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 3 KB
2 KB 237ms
236ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:21 GMT
x-amz-version-id: WeeqSHWtzz4ro03duJnKQoYDP9oH3PWo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xNjlbuOijBupbmE1AS1-LHjdr6yz30o4KuNzWRAdme-Qhwd4nprxfA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 9 KB
3 KB 248ms
242ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 03:53:56 GMT
x-amz-version-id: x7IvWIZtQB5d92mMRDOd8zsaifwrjGa5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1988197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Thu, 09 Mar 2023 19:38:33 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Cppl-m5_ZtSXTO71lPfeGZF2lnMM9goc8aUxd_Zyn4wQz1ax9FCeiw==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 7 KB
2 KB 241ms
236ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:27:00 GMT
x-amz-version-id: Q2PqwaAGurDGgY8YzFfQs2Uv742NLD.g
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1381412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 17 Mar 2023 17:38:15 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CkNR-BwGMlrJPW1QSvMqAUIcDFg3gOCYQIUDSm9VRVxqvbfAzeju1Q==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 54 KB
15 KB 254ms
249ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 03:46:31 GMT
x-amz-version-id: 3AI.PRyYk9rBhnKBCwYdUAFuW2ySMSMy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1297442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 105
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uh4KMXhSoGO-Zz8B_yQu8KY7MXm5_MJXW6WzKLQlc8FnXYwah1IJmA==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 44 KB
7 KB 244ms
238ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:21 GMT
x-amz-version-id: zNCH3GA9g9xF0kd_JaZ4R1dgt2gH9hqa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D2OReyP7AArM3hraT-1blIikpIt1furll_gDyMzDtkj6QaMN9QHUHQ==

GET
H2 200 1.f968e629.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 54 KB
17 KB 242ms
242ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.f968e629.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

15d54f2c22ee38d714b21678837801c21dd87c21b1a5238fddf3b123daf23e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:53:56 GMT
x-amz-version-id: 4ReqR1cTzoX38kH92MXiXYE36tY.Lrxx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 994596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 24 Mar 2023 15:27:29 GMT
server: istio-envoy
etag: W/"07aad2186e82983121224321d2947257"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q0XQ7un727At2zIfMfdREraVv-tm7LdW-onLOUAjuJUlkC5hJmkIcg==

GET
H2 200 4.d22a73b9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 23 KB
10 KB 247ms
246ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.d22a73b9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

18abd92d67f10bbac57f69b0d0c896e5898582c455bca4687a6b2ab1a46cdaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:08:21 GMT
x-amz-version-id: Eq.65cj80MlJFRrAUThpVIzbRn0cbmkc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1598532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"446a4e290badae1cd19315d444edecb9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6mswrF3OnfU6kXfyPZ99d_nWoT5ZvZFcUK-b0pT6nX2SE1C1jARaiw==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame ACC1 14 KB
3 KB 245ms
241ms Stylesheet
text/css 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 03:14:33 GMT
x-amz-version-id: Ijyu7m0IDxmUFY2NpmW4.qah_BeIG1EY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1299359
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 48
last-modified: Mon, 20 Mar 2023 19:06:54 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WeyQphSpcFl-1b5KMiwPzt9RFeXWRSEWJ7Fv5g5TYKB1TxmMoWzFCg==

GET
H2 200 35.b9873f48.chunk.js Show response
js.driftt.com/core/assets/js/ Frame ACC1 12 KB
5 KB 249ms
249ms Script
application/javascript 13.227.254.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.b9873f48.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.42c0fb67.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-60.sin52.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c8822c75af241160a7dd1fb2d612e03c727ed1abcc01e9517d5acd9e63d382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1680667823924
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 03:14:33 GMT
x-amz-version-id: Wkxe8GARxM4kLeLZb622QId_QorMmA2h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1299359
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"5f10aff755e83cc47f28e8e2a70fda88"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s69JCdTfmoylReXZQ_dxgbR_Gm2dY_o_ln9314hflalL0V03x9wzJA==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame F390 147 B
588 B 1157ms
342ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

425d72758416a14854a63b541325a68c6398bad1a1c871a0e00e0a0a6444846c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 04:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6044e9fbd6c0d45a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 697ms
696ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:34 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 268ms
267ms Ping
text/plain 74.125.68.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-15MK64YNN6&gtm=45je3430&_p=1160803869&cid=375862546.1680667828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1680667828&sct=1&seg=1&dl=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&dt=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-15MK64YNN6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 04:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.secureworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame F390 25 B
111 B 452ms
347ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 04:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: d23a66b245ff001
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame F390 21 KB
7 KB 888ms
888ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

679ce6f4514f365b68f3b6dae229f6ef6ba580bf6a4349ab663131ad3a9d0630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 04:10:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 561e9de77ee3389f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 553
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 699ms
698ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:35 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 688ms
688ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 679ms
679ms Image
image/gif 23.44.5.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.5.50 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-5-50.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 04:10:37 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame F390 642 B
705 B 338ms
338ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

146c467f1cf85aa2646ac733f3bcc3ac804117f8d9eb12fff1b443ee1f9a1e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-NZ,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNzgzMjM3MjAzNiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTA5ODYiLCJleHAiOjE3MTIyOTAyMzUsImlhdCI6MTY4MDY2NzgzNX0.aw866b-8ZxnqCmfzBXsTPHfeudUpCq3Pc9wHbALD5cbwILVLkwseyYM28zXhyDLimiMoOh_Q8dKJMUT4S9MSbg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 04:10:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 233ac1884138c8f8
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 642

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame F390 2 KB
766 B 338ms
337ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e54613104e017b9fa2516d830f98b52cf5d3cdd37cf0c0fa121d1dacc87cd7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-NZ,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNzgzMjM3MjAzNiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTA5ODYiLCJleHAiOjE3MTIyOTAyMzUsImlhdCI6MTY4MDY2NzgzNX0.aw866b-8ZxnqCmfzBXsTPHfeudUpCq3Pc9wHbALD5cbwILVLkwseyYM28zXhyDLimiMoOh_Q8dKJMUT4S9MSbg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Apr 2023 04:10:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: c918f43dbe00ff51
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 704

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 336ms
335ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 05 Apr 2023 04:10:37 GMT
requestid: driftf85bd084c338d85ab3a6b5ec9b0
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 415ms
338ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 05 Apr 2023 04:10:37 GMT
requestid: driftcf3ffaf485ea5d92540ab496002
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST bulk
metrics.api.drift.com/monitoring/metrics/event3/ Frame F390 0
0

OPTIONS render_initial_v3
flow.api.drift.com/flows/ Frame 0
0

POST render_initial_v3
flow.api.drift.com/flows/ Frame F390 0
0

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.co.nz
URL: https://www.google.co.nz/pagead/1p-user-list/648366107/?random=1680667828870&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=769379400&rmt_tld=1&ipr=y

Domain: www.google.co.nz
URL: https://www.google.co.nz/pagead/1p-user-list/10934024932/?random=1680667828869&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=2704213904&rmt_tld=1&ipr=y

Domain: www.google.co.nz
URL: https://www.google.co.nz/pagead/1p-user-list/648366107/?random=1680667828859&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=3526101189&rmt_tld=1&ipr=y

Domain: www.google.co.nz
URL: https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1042506-1&cid=375862546.1680667828&jid=1302191330&_u=YADAAEAAAAAAACAAI~&z=2081027926

Domain: metrics.api.drift.com
URL: https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Domain: flow.api.drift.com
URL: https://flow.api.drift.com/flows/render_initial_v3

Domain: flow.api.drift.com
URL: https://flow.api.drift.com/flows/render_initial_v3

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=db8067e51eb58581f03147464f6063b2&svisitor=null&visitor=8a39933e-74da-4417-8085-f975fd8879cd&session=6db01c27-2fcc-4a92-87bd-0b11c9821088&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2005%20Apr%202023%2004%3A10%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2005%20Apr%202023%2004%3A10%3A36%20GMT%22%2C%22timeSpent%22%3A%221012%22%2C%22totalTimeSpent%22%3A%228022%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20insights%20and%20trends%20discovered%20during%20these%20incident%20response%20(IR)%20engagements%20can%20help%20organizations%20make%20smarter%20decisions%20about%20cybersecurity%20strategy%20and%20tactics.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%225%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&pageViewId=3d918a37-3006-4cef-86f6-d4c16e89bc2a

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: fe782f07a4a30b728296a249197117bf
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: fe782f07a4a30b728296a249197117bf
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSA Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
.secureworks.com/	1970-01-20 20:27:07	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1680667826460-45852
.secureworks.com/	1970-01-20 13:00:43	Name: _gcl_au Value: 1.1.727946224.1680667829
.secureworks.com/	1970-01-20 19:36:43	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Apr+05+2023+04%3A10%3A29+GMT%2B0000+(GMT)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&groups=C0002%3A1%2CC0004%3A1%2CC0003%3A1%2CC0001%3A1
.secureworks.com/	1970-01-20 20:27:07	Name: _ga Value: GA1.2.375862546.1680667828
.secureworks.com/	1970-01-20 10:52:34	Name: _gid Value: GA1.2.500786286.1680667829
.secureworks.com/	1970-01-20 10:51:07	Name: _gat_UA-1042506-1 Value: 1
.secureworks.com/	1970-01-20 10:51:07	Name: _gat_UA-1281488-1 Value: 1
.secureworks.com/	1970-01-20 13:00:43	Name: _rdt_uuid Value: 1680667829323.59dddee1-96b1-46f9-b2e6-7459aefced6b
.secureworks.com/	1970-01-20 10:52:34	Name: _uetsid Value: cd158b60d36711ed98e2b757ec0c07c3
.secureworks.com/	1970-01-20 20:12:43	Name: _uetvid Value: cd15b3c0d36711edb843e1cf08ac902b
.techtarget.com/	1970-01-20 10:51:09	Name: __cf_bm Value: UKZTRrRBnjD_5OMLW4Vy_3IcCU5grAPLPk0e.fAoYjo-1680667829-0-AUeRLqSm3iU+nEMm0zT+69LEFjUzoqcNeGTybqMluTqXC8CbEh8q2sj1thXtwiRqBnRyh6w1zToJL+IEAvEotq8=
.bing.com/	1970-01-20 20:12:43	Name: MUID Value: 175F6743A25B6D1539D675A9A3CA6CF0
.bat.bing.com/	1970-01-20 11:01:12	Name: MR Value: 0
www.secureworks.com/	1970-01-20 20:27:07	Name: _gd_visitor Value: 8a39933e-74da-4417-8085-f975fd8879cd
www.secureworks.com/	1970-01-20 10:51:22	Name: _gd_session Value: 6db01c27-2fcc-4a92-87bd-0b11c9821088
.secureworks.com/	1970-01-20 19:36:43	Name: _biz_uid Value: 70b531d24b3143e9fa92b9785752f5d0
.secureworks.com/	1970-01-20 10:51:09	Name: _biz_sid Value: b006c
.secureworks.com/	1970-01-20 19:36:43	Name: _biz_nA Value: 2
.bizible.com/	1970-01-20 19:36:43	Name: _BUID Value: 70b531d24b3143e9fa92b9785752f5d0
.secureworks.com/	1970-01-20 19:36:43	Name: _biz_pendingA Value: %5B%5D
www.secureworks.com/	1970-01-20 10:52:34	Name: ln_or Value: eyIyMzg2MzI0IjoiZCJ9
.adsrvr.org/	1970-01-20 19:38:10	Name: TDID Value: 7d9383b9-8dd2-46ff-ab18-45157e581de2
.bizibly.com/	1970-01-20 19:36:43	Name: _BUID Value: 61a4c29fa5646b6a71c5fb734b74520f
.secureworks.com/	1970-01-20 19:36:43	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%7D
.6sc.co/	1970-01-20 20:27:07	Name: 6suuid Value: 2e052c175c680000b6f42c64a0020000d2f60200
.linkedin.com/	1970-01-20 13:00:43	Name: li_sugr Value: b7224995-58ce-4045-98f7-04b06cda1e55
.linkedin.com/	1970-01-20 19:36:43	Name: bcookie Value: "v=2&71f8ec6d-794d-4ea7-8dff-1b75312f4fb8"
.linkedin.com/	1970-01-20 10:52:34	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2971:u=1:x=1:i=1680667830:t=1680754230:v=2:sig=AQGmBjLdE9BqGw7Zo8VaWdw_FZ_ZDik-"
www.secureworks.com/	1970-01-20 19:36:43	Name: __pdst Value: 87d2519639fa4af3b5b9f36aa532270f
www.secureworks.com/	1970-01-20 10:51:09	Name: drift_campaign_refresh Value: 9867a96d-a306-49f4-a1ad-b515c9507e50
.linkedin.com/	1970-01-20 11:34:19	Name: UserMatchHistory Value: AQJlPSFo0FwmuQAAAYdPm-vBACs4SRMUvOcg4Q0Prtp9Mm0vAB7j2rebloz1wciR4IgCisbpjaCfkQ
.linkedin.com/	1970-01-20 11:34:19	Name: AnalyticsSyncHistory Value: AQIUKbEMj_nRvAAAAYdPm-vBp0ZbltkOfcZkA1QYv22WwcZhSCTfYo1ctad0ylTBYT1O0qwPPzYUCpu3zEeMAg
.secureworks.com/	1970-01-20 10:51:07	Name: _dc_gtm_objectObject Value: 1
.adnxs.com/	1970-01-20 13:00:43	Name: uuid2 Value: 3247411548496972547
.t.co/	1970-01-20 20:27:07	Name: muc_ads Value: b9501608-00f1-40dd-b849-528eaba7cdf3
.twitter.com/	1970-01-20 20:27:07	Name: personalization_id Value: "v1_UOW4YFvRL/TPo1+ui2hwaw=="
.secureworks.com/	1970-01-20 10:51:09	Name: tfpsi Value: c88dd970-b356-45c8-ae88-40bae2087c88
.www.linkedin.com/	1970-01-20 19:36:43	Name: bscookie Value: "v=1&20230405041031dde6eddb-8273-4026-8c01-815db9ab15cdAQEh0WeDGPAZymJlzv0O6n2dmx1rqKno"
.yahoo.com/	1970-01-20 19:37:05	Name: A3 Value: d=AQABBLf0LGQCEAAac7IJFu0WAH0-Z6K9By4FEgEBAQFGLmQ2ZAAAAAAA_eMAAA&S=AQAAAkBiR3sjsKLssKtEyG8ocvE
.doubleclick.net/	1970-01-20 20:27:07	Name: IDE Value: AHWqTUkhpo-m6JPsGcsMMXHPLNDtCs76eTGqfK2Beqa5j7LaIXwO3gqln2P46qsJUuU
.rubiconproject.com/	1970-01-20 19:36:43	Name: khaos Value: LG368ERN-1R-M2GL
.rubiconproject.com/	1970-01-20 19:36:43	Name: audit Value: 1\|X5avzWtY5eLa73CD5c04x+trbcEx6O6a6Qjdui8ADk9163fKDzeGgkEBn5ugf81fqcgml0ADx34wHTRO1/p4iHX0qfg68IpFQAPcN3ARK84uon96YQzQ5rr0rpjBVrOfHnEXvCbM6o1rWtvWWZ5xDEjZNJtkqBGU7Bx3fJYMiyzREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.analytics.yahoo.com/	1970-01-20 19:36:43	Name: IDSYNC Value: 1769~2aws
.adsrvr.org/	1970-01-20 19:38:10	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCPrP7qa35do7EAUSFgoHcnViaWNvbhILCPrP7qa35do7EAUSFQoGZ29vZ2xlEgsI1Juvsrfl2jsQBRgFIAIoAzILCPq-3tPN5do7EAVCDyINCAESCQoFdGllcjMQAVoHNmcxeTloeWAB
.secureworks.com/	1970-01-20 20:27:07	Name: _ga_15MK64YNN6 Value: GS1.1.1680667828.1.1.1680667832.0.0.0
.rlcdn.com/	1970-01-20 19:36:43	Name: rlas3 Value: vZVIEw5IOD3Kk3GLpS0aGPPQbml09adJ7gf+eCW22oU=
.rlcdn.com/	1970-01-20 12:17:31	Name: pxrc Value: CLjps6EGEgUI6AcQABIGCMrdKhAA
.company-target.com/	1970-01-20 20:27:07	Name: tuuid Value: 14146f96-dc3d-41f3-b8e0-51a1cad73a18
.company-target.com/	1970-01-20 20:27:07	Name: tuuid_lu Value: 1680667833
www.secureworks.com/	1970-01-20 20:27:07	Name: drift_aid Value: 10732d24-3db9-4b11-839d-a6e4e4afb0b9
www.secureworks.com/	1970-01-20 20:27:07	Name: driftt_aid Value: 10732d24-3db9-4b11-839d-a6e4e4afb0b9

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Message: Refused to load the image 'https://www.google.co.nz/pagead/1p-user-list/648366107/?random=1680667828870&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=769379400&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Message: Refused to load the image 'https://www.google.co.nz/pagead/1p-user-list/10934024932/?random=1680667828869&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=2704213904&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Message: Refused to load the image 'https://www.google.co.nz/pagead/1p-user-list/648366107/?random=1680667828859&cv=11&fst=1680667200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.secureworks.com%2Fblog%2F5-takeaways-from-incident-response-engagements&frm=0&tiba=5%20Takeaways%20from%20Incident%20Response%20Engagements%20%7C%20Secureworks&fmt=3&is_vtc=1&random=3526101189&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".
security	error	URL: https://www.secureworks.com/blog/5-takeaways-from-incident-response-engagements Message: Refused to load the image 'https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1042506-1&cid=375862546.1680667828&jid=1302191330&_u=YADAAEAAAAAAACAAI~&z=2081027926' because it violates the following Content Security Policy directive: "img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-OWFjZWVlOGFmODA0NGY1OGEzMzM3YzZkNTY0YjY2Mjk=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
alb.reddit.com
analytics.twitter.com
api.company-target.com
app-script.monsido.com
app.salesloft.com
attr.ml-api.io
b.6sc.co
bat.bing.com
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdn.pdst.fm
cm.g.doubleclick.net
cm.teads.tv
content.secureworks.com
epsilon.6sense.com
event.api.drift.com
extend.vimeocdn.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.adsrvr.org
metrics.api.drift.com
munchkin.marketo.net
p.teads.tv
pixel.rubiconproject.com
px.ads.linkedin.com
s.ml-attr.com
sales.secureworks.com
script.crazyegg.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.teads.tv
tag.demandbase.com
targeting.api.drift.com
tracking.monsido.com
trk.techtarget.com
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.secureworks.com
b.6sc.co
flow.api.drift.com
metrics.api.drift.com
www.google.co.nz
104.18.12.159
104.19.147.8
104.19.188.97
104.244.42.197
104.244.42.67
104.254.150.228
13.107.21.200
13.107.237.59
13.107.42.14
13.224.254.115
13.227.254.60
13.228.126.19
13.35.8.103
13.35.8.108
13.35.8.69
13.35.8.72
142.250.4.95
151.101.1.140
151.101.129.140
152.195.58.59
172.217.194.154
172.253.118.156
172.64.144.98
18.155.68.115
184.87.193.92
192.28.144.124
199.232.44.157
199.232.46.109
216.239.36.54
23.195.153.54
23.36.49.63
23.44.5.50
23.45.116.82
23.7.175.107
3.124.82.182
34.111.208.231
34.98.105.146
35.190.60.146
35.190.93.146
35.244.142.80
35.71.131.137
54.147.21.139
54.150.227.184
54.209.14.32
68.67.153.60
69.173.158.64
74.125.130.156
74.125.200.147
74.125.200.94
74.125.200.97
74.125.68.101
96.17.96.30
0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80
01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35
096c87a4c222af4628be1cdddb9b7cd8c2271f95ddcc1a92db96502bfe37c8ab
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
10f3d14cd7c6160f4ef86670fced61d5f5eb849996ac5ef29765fddab6da5b96
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
146c467f1cf85aa2646ac733f3bcc3ac804117f8d9eb12fff1b443ee1f9a1e08
14f834b9f0913495d7fb527b87355f180beeebbbe7af07563840a452060e7757
154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733
15d54f2c22ee38d714b21678837801c21dd87c21b1a5238fddf3b123daf23e23
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
179a0ba55c3bbf759340ba2a57846f81a7de249ed7e502b5e8814af2ef964533
18abd92d67f10bbac57f69b0d0c896e5898582c455bca4687a6b2ab1a46cdaf2
1b5ace958a12ed97eaa50823dfe0520e97043f915f2eb114a69e59ec2a598af5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
29c943e1df418d1cfae7f0bd991edd5d5b020a6bb580e50861a54d0d71e130c4
2bbe49087cac89195db4217789356d7671ac6c5cf54027062500b134aac47628
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
305e5884844c53385174589135257d4071875505216d1d9e1d06f03eab9b7059
30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
3179e763591b3926dfb13d38dc119c71dcb60b8f105e273a18f6269392f47770
318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
373926cabeb58e6f402ce39bfc52fed260f390564c349cba27e21e010efea8de
3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0
3dd574f98eedb85c6b690a4211378b1780e5ef432ff089d6e6adb7ab827f6411
3df76837b85f88e8e50295156c2f8320b78b66c3cb8f0e4c603ebf757e6f1500
3f3ef7b678910357d7e2bf2469af687ba92e59ae108f389ea3e7c626f5f84623
425d72758416a14854a63b541325a68c6398bad1a1c871a0e00e0a0a6444846c
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a
64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514
679ce6f4514f365b68f3b6dae229f6ef6ba580bf6a4349ab663131ad3a9d0630
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
68ffc85245f82cb733249e9e740f6f74dab8a857443861d38de22b3f69f06513
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
76f9815c524777b7a758e9e2d111da9653fccdf61ea16e2f764dc195ad1dbe88
7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c8822c75af241160a7dd1fb2d612e03c727ed1abcc01e9517d5acd9e63d382b
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85cb8f40b8f2b4dfad0c28d4958c38a9358ff3a07c52840b3c157781acbfe8fe
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
91919ec99542a0a2bd5f917896edce8fd8c6e8197dd4a5a946563726d3442ae1
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326
9abea5b541e8639b2616ee3401146d93c8f383f8fe3df604871095ed87726827
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
aa64d103dce3425c8bb65c46211fa8d97c8d359d9995f9ff6e689391081f5778
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae310dc6db96c93767da743eecca5230a9f894008c3ce660415e4d51aefb916d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b206c3a4f1f6701c3d54df45cf6825372f53d56322b86947538d221df95de4df
b2538819b7bd29b27c9626afbc03cb3c1189321081798f4fa4ca88a159206f09
b382967162c482928529c765a21bf9ae4141dd1ccbdbf480140bdbd67eab8991
b69687445f4dac4574f422f9c79e6ad06c3eb0760e57279f8505bee6ce2d13f7
b708dff47ffdb1a71218826f5de3b57e24d73b1f807cb293da03a2ddcb680765
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9
baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33
baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f
bc6f2e5649164e13036808a774e2c1314bd0ee488377d48de7af9363bac8f59c
bd5050e9441f369db70ed62e418b38812fbe8127517f11f91e9c885cfa084743
c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad
c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c8754635723ce77fb9845de44a21362a73261a964b630c49702758a6d7e36720
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56
ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d033b6a91081188d6fefd908429fd0388a67b986a605a89a2683edbf08363386
d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162
d0cbb436d9fcb6016a79ad043e1730cae38f5960e2f5ebc370d11711d33b13ed
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3
db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0
dc1c6896ab95762f817ffe0dee4988b1dd91fe932361773f37e6938edbf07032
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddb5d792997193bb690c8107bf477699df333fb5bd3df2e56e20fe2a343892b7
de1376b36c3dd929ed0cba5cbf9a958473f480f5f85657aea1022c76e75c76c2
deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b
e2a9833a3a7ab8cc05068f012697b9fcdd5d57dff78ed58eaf0e2c3fa4c05b53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c808bee3ab78cebeb32eb4e5b14dc2c26fe73b60a89355e2146585eb4961b8
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e54613104e017b9fa2516d830f98b52cf5d3cdd37cf0c0fa121d1dacc87cd7fa
e6f95925bdc32f90e2c25c9582a72f403b4aa655f3ff40b94df2463db359a465
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa3e856ab54db23ffbaa56575df8eae6056fa0e0809e92721d78ea25a7aa5a1e
fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f
fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848
fbbcc5fe22ed592732cc1f4d48c3e45a4c39c014ff27b686e92ee1457f94c09f
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

www.secureworks.com Open in urlscan Pro 13.107.237.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

94 %HTTPS

0 %IPv6

44 Domains

63 Subdomains

45 IPs

6 Countries

3224 kBTransfer

7551 kBSize

55 Cookies

15 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secureworks.com Open in urlscan Pro
13.107.237.59 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

94 %
HTTPS

0 %
IPv6

44
Domains

63
Subdomains

45
IPs

6
Countries

3224 kB
Transfer

7551 kB
Size

55
Cookies

208 HTTP transactions
0 data transactions