Submitted URL: https://engage.beyondtrust.com/api/mailings/click/PMRGSZBCHIZDGOBQGUYSYITVOJWCEORCNB2HI4DTHIXS6YTFPFXW4ZDUOJ2XG5BOMRZGSZTUFZRWY...
Effective URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Submission: On February 04 via manual from MX

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 52.72.25.212, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is beyondtrust.drift.click.
TLS certificate: Issued by Amazon on August 6th 2019. Valid for: a year.
This is the only time beyondtrust.drift.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.95.102.103 14618 (AMAZON-AES)
8 52.72.25.212 14618 (AMAZON-AES)
1 2 3.219.207.136 14618 (AMAZON-AES)
1 52.216.241.204 16509 (AMAZON-02)
2 143.204.214.14 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a03:2880:f12... 32934 (FACEBOOK)
17 7
Domain Requested by
8 beyondtrust.drift.click beyondtrust.drift.click
2 www.facebook.com beyondtrust.drift.click
2 connect.facebook.net beyondtrust.drift.click
connect.facebook.net
2 js.driftt.com beyondtrust.drift.click
js.driftt.com
2 file2.api.drift.com 1 redirects beyondtrust.drift.click
1 drift-prod-file-uploads.s3.amazonaws.com beyondtrust.drift.click
1 engage.beyondtrust.com 1 redirects
17 7

This site contains links to these domains. Also see Links.

Domain
www.beyondtrust.com
www.us-cert.gov
www.cisecurity.org
file2.api.drift.com
Subject Issuer Validity Valid
*.drift.click
Amazon
2019-08-06 -
2020-09-06
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2021-03-12
a year crt.sh
drift.com
Amazon
2019-10-03 -
2020-11-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Frame ID: C307066C921C4F4457A7C5A7D74D93C6
Requests: 17 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: EF8308EE418447A1DE874A5BB02E418B
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://engage.beyondtrust.com/api/mailings/click/PMRGSZBCHIZDGOBQGUYSYITVOJWCEORCNB2HI4DTHIXS6YTFPFXW4ZDUO... HTTP 302
    https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

17
Requests

94 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2266 kB
Transfer

4287 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://engage.beyondtrust.com/api/mailings/click/PMRGSZBCHIZDGOBQGUYSYITVOJWCEORCNB2HI4DTHIXS6YTFPFXW4ZDUOJ2XG5BOMRZGSZTUFZRWY2LDNMXTMLKNPF2GQ4ZNN5TC2UCBJU7WIX3VORVT2ZRSGNTDEZDDGIWTENDCMUWTINBYGIWWCMZVG4WWCNRYHA2TGZRYGE2DKYS4OUYDAMRWL5XW2PJSGM4DANJREIWCE33SM4RDUIRXGFTDCYLDGI2S2ODDGE4S2NBZHE2S2YRSHA4S2YJYGY4DSMJTGRTDMYJVEIWCE5TFOJZWS33OEI5CENBCFQRHG2LHEI5CE4DXON2WGRBUJBFTIMLUONDEETRNMVBEK2CML55E243FMQZDASTXJVUFC52FOFJXAV2FJE6SE7I= HTTP 302
    https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://file2.api.drift.com/drift-prod-file-uploads/382d%2F382d94ca4c4c1965762981171dfaed16/bt-logo-245x60.png?mimeType=image%2Fpng HTTP 307
  • https://drift-prod-file-uploads.s3.amazonaws.com/382d/382d94ca4c4c1965762981171dfaed16?response-content-disposition=attachment%3B%20filename%3D%22bt-logo-245x60.png%22%3B%20filename%2A%3DUTF-8%27%27bt-logo-245x60.png&response-content-type=image%2Fpng&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENL%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCR%2FnffYmCaqmJGXTQVOCkc8QW%2F0XZ47f7x3f9gUrmhDgIgT5Mn7Gx51Y5CMPbHGRRvxorNjV3s6acXxt4SQkohyvgq5wMIehAAGgw3NDU2MDM3MDUzNzQiDOsU77PaDdK4C2iBsyrEA62jFJvYDch15muX%2BAhZAXfRE2%2BHIRRdYazFrcg2pT%2FLuuiOtE%2BZf2sbfnKvO2ydCQA3VZ0ivDhHrksdO3ozJIbrKm6GWaNlO6R%2Bf36yUrPgv5Re6Fg8tR87vvhmUuluvqxKxZ5khCUH2emiZ%2F%2FNISeClHW55aSNdSyETlncueloghxWPjj3TLIs2d4vhHndCs4RXiEknX%2BazvzAnPmEPJIAWSKBXpmFuFtH%2Bz8pJa7O%2Bd8L4b0qB7efHvucsFwyOfXeZB3rRkntx6Fz%2B392hbLoQbHKeX9XXUa%2B83t4%2BRf0dLZkE3DGToJe1mTBYOQ%2Bc7OQvSqX%2FQPzn5IJYeMyVjt66Gh5C1bmp9WCYX457gTpmhJwTRzYe8Fx3Jt058Ct4mn5uAzkyRvnGjoK7Yz58X3h1lDaimJKD7T54%2FePyz%2Bd5f6y99pNLCoXegal2%2F5kOxn9DYRwfqhJ9IGvrPVLv0GHSNA8J24FmrEbOBIEJ3wSe3ao0pkEX%2FCITIQQXCKTPHYUp1IbuEaxj2Q4Njr8bKqqRK3C3Hplg8jDE8AdHkXTsEheF%2FYRdv93Mj3R7C%2BaO4tO7205QV1cevNe9AYz2gLjn5RsMN3I5vEFOu8Bj1XM0fDOiqEDgJ8iMeOqz3ZMTeqKWu9fBiRFk7GRkXZVEk3wceMAd12pt4VLI0puhHMp62Y1SkiDypa%2BqlEFQ%2FHhhqeT742O3%2FpnI9hP9T6%2BEcunvv8wyNSQz75fo9vmhjbnX6D10c%2Fv0V3G%2BJ1keAizvrFBhoAg8w9K6PW%2BQAdrfiFIJD47o6%2F9HU1sWNIO6iCGpqrdEtvEX%2BZFbefPdmSFD9Qa2alodHTVLuYgt0Oc%2FxNKD91TmNGFdZN5oRp2IURcCz8pkrzy6KZBleJDER1zolBfRCkAIOdRIOH7EsK3ADFxECFvm4MxWEXxusI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200204T182248Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA23GLRVIPBTCVNGPM%2F20200204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=41aafba44b8e3c13e82013d89b0894415ec0dbe851855eaed48f1d0d034bab9e

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 6-Myths-of-PAM
beyondtrust.drift.click/
Redirect Chain
  • https://engage.beyondtrust.com/api/mailings/click/PMRGSZBCHIZDGOBQGUYSYITVOJWCEORCNB2HI4DTHIXS6YTFPFXW4ZDUOJ2XG5BOMRZGSZTUFZRWY2LDNMXTMLKNPF2GQ4ZNN5TC2UCBJU7WIX3VORVT2ZRSGNTDEZDDGIWTENDCMUWTINBYGIW...
  • https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
8 KB
3 KB
Document
General
Full URL
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Next.js 8.0.3
Resource Hash
304d120197162b3d1f6a9ac07b3994758299ba23a2ee0cdc1ca520452bfce486

Request headers

:method
GET
:authority
beyondtrust.drift.click
:scheme
https
:path
/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Tue, 04 Feb 2020 18:22:48 GMT
content-type
text/html; charset=utf-8
x-powered-by
Next.js 8.0.3
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
etag
"1e2e-OT6tKEASJPSpONjxm3zViLMLo8s"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 04 Feb 2020 18:22:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
127
Connection
keep-alive
Location
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
X-Request-Id
6bb6baf0e2367969aacfad0ed5f620cf
index.js
beyondtrust.drift.click/_next/static/20200122160231-9e7d00f8cb929e666dd782676a371b1c12661ec6/pages/
34 KB
11 KB
Script
General
Full URL
https://beyondtrust.drift.click/_next/static/20200122160231-9e7d00f8cb929e666dd782676a371b1c12661ec6/pages/index.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
855a43265137d02a233a7eb8335bad0f7c6555772d72edf2ea7c290f9362a483

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"86cf-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app.js
beyondtrust.drift.click/_next/static/20200122160231-9e7d00f8cb929e666dd782676a371b1c12661ec6/pages/
159 KB
50 KB
Script
General
Full URL
https://beyondtrust.drift.click/_next/static/20200122160231-9e7d00f8cb929e666dd782676a371b1c12661ec6/pages/_app.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7fc84e72190a7d243ef96291884968fa6d00deaf68e1310b8869bae7162cd3de

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"27cfd-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-33102e6b7b3e2709a1e6.js
beyondtrust.drift.click/_next/static/runtime/
2 KB
1 KB
Script
General
Full URL
https://beyondtrust.drift.click/_next/static/runtime/webpack-33102e6b7b3e2709a1e6.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f29f09974d54698a102b8d2dd386ea4ede054a5bf6dc3837ea0b9eda3e76bdf9

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"622-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
styles.ac61aa6b6aeca832636b.js
beyondtrust.drift.click/_next/static/chunks/
1 MB
377 KB
Script
General
Full URL
https://beyondtrust.drift.click/_next/static/chunks/styles.ac61aa6b6aeca832636b.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
159854b38bd519aad9ca19ce09b837cab4a85fc2d7f02a0b2579f0939b73ba8d

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"148d9c-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-3cfd969c8c1a56a8f3cb.js
beyondtrust.drift.click/_next/static/runtime/
55 KB
18 KB
Script
General
Full URL
https://beyondtrust.drift.click/_next/static/runtime/main-3cfd969c8c1a56a8f3cb.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
33fbe1a5322ad182a4605e18e092bd257b07012ab6545fab373bfcb7813e840f

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"dc18-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
styles.a02ef1d7.chunk.css
beyondtrust.drift.click/_next/static/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://beyondtrust.drift.click/_next/static/css/styles.a02ef1d7.chunk.css
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
44d63ca4e6bee7727e0d825fcddf02c22f11b8b32b00e9dfe830d576e59c8907

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
etag
W/"33dc-16fcdfe4a00"
last-modified
Wed, 22 Jan 2020 16:03:12 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=0, must-revalidate
accept-ranges
bytes
382d94ca4c4c1965762981171dfaed16
drift-prod-file-uploads.s3.amazonaws.com/382d/
Redirect Chain
  • https://file2.api.drift.com/drift-prod-file-uploads/382d%2F382d94ca4c4c1965762981171dfaed16/bt-logo-245x60.png?mimeType=image%2Fpng
  • https://drift-prod-file-uploads.s3.amazonaws.com/382d/382d94ca4c4c1965762981171dfaed16?response-content-disposition=attachment%3B%20filename%3D%22bt-logo-245x60.png%22%3B%20filename%2A%3DUTF-8%27%2...
6 KB
7 KB
Image
General
Full URL
https://drift-prod-file-uploads.s3.amazonaws.com/382d/382d94ca4c4c1965762981171dfaed16?response-content-disposition=attachment%3B%20filename%3D%22bt-logo-245x60.png%22%3B%20filename%2A%3DUTF-8%27%27bt-logo-245x60.png&response-content-type=image%2Fpng&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENL%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCR%2FnffYmCaqmJGXTQVOCkc8QW%2F0XZ47f7x3f9gUrmhDgIgT5Mn7Gx51Y5CMPbHGRRvxorNjV3s6acXxt4SQkohyvgq5wMIehAAGgw3NDU2MDM3MDUzNzQiDOsU77PaDdK4C2iBsyrEA62jFJvYDch15muX%2BAhZAXfRE2%2BHIRRdYazFrcg2pT%2FLuuiOtE%2BZf2sbfnKvO2ydCQA3VZ0ivDhHrksdO3ozJIbrKm6GWaNlO6R%2Bf36yUrPgv5Re6Fg8tR87vvhmUuluvqxKxZ5khCUH2emiZ%2F%2FNISeClHW55aSNdSyETlncueloghxWPjj3TLIs2d4vhHndCs4RXiEknX%2BazvzAnPmEPJIAWSKBXpmFuFtH%2Bz8pJa7O%2Bd8L4b0qB7efHvucsFwyOfXeZB3rRkntx6Fz%2B392hbLoQbHKeX9XXUa%2B83t4%2BRf0dLZkE3DGToJe1mTBYOQ%2Bc7OQvSqX%2FQPzn5IJYeMyVjt66Gh5C1bmp9WCYX457gTpmhJwTRzYe8Fx3Jt058Ct4mn5uAzkyRvnGjoK7Yz58X3h1lDaimJKD7T54%2FePyz%2Bd5f6y99pNLCoXegal2%2F5kOxn9DYRwfqhJ9IGvrPVLv0GHSNA8J24FmrEbOBIEJ3wSe3ao0pkEX%2FCITIQQXCKTPHYUp1IbuEaxj2Q4Njr8bKqqRK3C3Hplg8jDE8AdHkXTsEheF%2FYRdv93Mj3R7C%2BaO4tO7205QV1cevNe9AYz2gLjn5RsMN3I5vEFOu8Bj1XM0fDOiqEDgJ8iMeOqz3ZMTeqKWu9fBiRFk7GRkXZVEk3wceMAd12pt4VLI0puhHMp62Y1SkiDypa%2BqlEFQ%2FHhhqeT742O3%2FpnI9hP9T6%2BEcunvv8wyNSQz75fo9vmhjbnX6D10c%2Fv0V3G%2BJ1keAizvrFBhoAg8w9K6PW%2BQAdrfiFIJD47o6%2F9HU1sWNIO6iCGpqrdEtvEX%2BZFbefPdmSFD9Qa2alodHTVLuYgt0Oc%2FxNKD91TmNGFdZN5oRp2IURcCz8pkrzy6KZBleJDER1zolBfRCkAIOdRIOH7EsK3ADFxECFvm4MxWEXxusI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200204T182248Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA23GLRVIPBTCVNGPM%2F20200204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=41aafba44b8e3c13e82013d89b0894415ec0dbe851855eaed48f1d0d034bab9e
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.241.204 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
39c0704726d29827ada81eae6746498797e06cccfd99ab31d32dd94c59343523

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 04 Feb 2020 18:22:50 GMT
ETag
"382d94ca4c4c1965762981171dfaed16"
Last-Modified
Thu, 15 Aug 2019 17:26:47 GMT
Server
AmazonS3
x-amz-request-id
11A3107C8111E27C
x-amz-server-side-encryption
AES256
Content-Type
image/png
Content-Disposition
attachment; filename="bt-logo-245x60.png"; filename*=UTF-8''bt-logo-245x60.png
Accept-Ranges
bytes
Content-Length
6478
x-amz-id-2
2fI7xsHnoSpyNyF9LuMptTqOqAXYG7NyRapK9g4m6n1NhH/QAkWlLGJq/C3JpuWtbaJ23MliYQM=

Redirect headers

date
Tue, 04 Feb 2020 18:22:48 GMT
access-control-allow-origin
*
requestid
drift827147f4fbab0c0250d7cb68b35
location
https://drift-prod-file-uploads.s3.amazonaws.com/382d/382d94ca4c4c1965762981171dfaed16?response-content-disposition=attachment%3B%20filename%3D%22bt-logo-245x60.png%22%3B%20filename%2A%3DUTF-8%27%27bt-logo-245x60.png&response-content-type=image%2Fpng&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENL%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIQCR%2FnffYmCaqmJGXTQVOCkc8QW%2F0XZ47f7x3f9gUrmhDgIgT5Mn7Gx51Y5CMPbHGRRvxorNjV3s6acXxt4SQkohyvgq5wMIehAAGgw3NDU2MDM3MDUzNzQiDOsU77PaDdK4C2iBsyrEA62jFJvYDch15muX%2BAhZAXfRE2%2BHIRRdYazFrcg2pT%2FLuuiOtE%2BZf2sbfnKvO2ydCQA3VZ0ivDhHrksdO3ozJIbrKm6GWaNlO6R%2Bf36yUrPgv5Re6Fg8tR87vvhmUuluvqxKxZ5khCUH2emiZ%2F%2FNISeClHW55aSNdSyETlncueloghxWPjj3TLIs2d4vhHndCs4RXiEknX%2BazvzAnPmEPJIAWSKBXpmFuFtH%2Bz8pJa7O%2Bd8L4b0qB7efHvucsFwyOfXeZB3rRkntx6Fz%2B392hbLoQbHKeX9XXUa%2B83t4%2BRf0dLZkE3DGToJe1mTBYOQ%2Bc7OQvSqX%2FQPzn5IJYeMyVjt66Gh5C1bmp9WCYX457gTpmhJwTRzYe8Fx3Jt058Ct4mn5uAzkyRvnGjoK7Yz58X3h1lDaimJKD7T54%2FePyz%2Bd5f6y99pNLCoXegal2%2F5kOxn9DYRwfqhJ9IGvrPVLv0GHSNA8J24FmrEbOBIEJ3wSe3ao0pkEX%2FCITIQQXCKTPHYUp1IbuEaxj2Q4Njr8bKqqRK3C3Hplg8jDE8AdHkXTsEheF%2FYRdv93Mj3R7C%2BaO4tO7205QV1cevNe9AYz2gLjn5RsMN3I5vEFOu8Bj1XM0fDOiqEDgJ8iMeOqz3ZMTeqKWu9fBiRFk7GRkXZVEk3wceMAd12pt4VLI0puhHMp62Y1SkiDypa%2BqlEFQ%2FHhhqeT742O3%2FpnI9hP9T6%2BEcunvv8wyNSQz75fo9vmhjbnX6D10c%2Fv0V3G%2BJ1keAizvrFBhoAg8w9K6PW%2BQAdrfiFIJD47o6%2F9HU1sWNIO6iCGpqrdEtvEX%2BZFbefPdmSFD9Qa2alodHTVLuYgt0Oc%2FxNKD91TmNGFdZN5oRp2IURcCz8pkrzy6KZBleJDER1zolBfRCkAIOdRIOH7EsK3ADFxECFvm4MxWEXxusI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20200204T182248Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA23GLRVIPBTCVNGPM%2F20200204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=41aafba44b8e3c13e82013d89b0894415ec0dbe851855eaed48f1d0d034bab9e
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=UTF-8
status
307
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
access-control-max-age
1209600
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
0
uyftdv4t2k95.js
js.driftt.com/v1-include/1580840700000/
136 KB
45 KB
Script
General
Full URL
https://js.driftt.com/v1-include/1580840700000/uyftdv4t2k95.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-14.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:48 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jan 2020 17:34:04 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QaCbVVRzNTvkCp2aC7UN-A9uumR-G_H551BGPJZK3bRwIVeRTKLFZg==
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
ADWDgZGUVLaRLg/wxreAaB5DZsPzfjpJ/rsZwkZYngg8zKC/6NwCjBtvCh8f57h7pjR5rGAJqVxTT90Cd9XfNw==
x-fb-trip-id
2047048586
date
Tue, 04 Feb 2020 18:22:48 GMT, Tue, 04 Feb 2020 18:22:48 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
386263332215591
connect.facebook.net/signals/config/
447 KB
114 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/386263332215591?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a8e04bcc14b041c8a77387fb3876a087b9b5dfb2780143adbd804954825052e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
A+txkM5Xv0FGk22W1JzzxkAxARx5jclKEzj+JOqbMtHTvea090OK5+rZolb3p88f1l5ClWYEyF8hF4GfccXduw==
x-fb-trip-id
2047048586
date
Tue, 04 Feb 2020 18:22:49 GMT, Tue, 04 Feb 2020 18:22:49 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
360 B
Image
General
Full URL
https://www.facebook.com/tr/?id=386263332215591&ev=PageView&dl=https%3A%2F%2Fbeyondtrust.drift.click%2F6-Myths-of-PAM%3Fd_utk%3Df23f2dc2-24be-4482-a357-a68853f8145b%26_om%3D238051&rl=&if=false&ts=1580840569181&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1580840569180.890493472&it=1580840568970&coo=false&rqm=GET
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:49 GMT, Tue, 04 Feb 2020 18:22:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 04 Feb 2020 18:22:49 GMT
11f620d6-d0f6-4e36-87dd-76217c7a30fc
https://beyondtrust.drift.click/
85 B
0
Other
General
Full URL
blob:https://beyondtrust.drift.click/11f620d6-d0f6-4e36-87dd-76217c7a30fc
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/_next/static/chunks/styles.ac61aa6b6aeca832636b.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3207a9794c95af8e443a22e6d20b466faa17fbe43e02939d9b3ca57782804747

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Length
85
index.html
js.driftt.com/deploy/assets/ Frame EF83
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/v1-include/1580840700000/uyftdv4t2k95.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-14.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Tue, 28 Jan 2020 17:34:04 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Feb 2020 17:59:58 GMT
etag
"508cd46eba6fe217807e5e413cb0a3ab"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
rvD6y8KwIOg03TPsbNw_260_g59WIe9gdPcNDbhftLIz6DdEzJmK9w==
BT_WhitePapers_6Myths_2019.pdf
file2.api.drift.com/data/drift-prod-file-uploads/ba92%2Fba92a55738a7c2201566939cc70ef397/
2 MB
2 MB
Fetch
General
Full URL
https://file2.api.drift.com/data/drift-prod-file-uploads/ba92%2Fba92a55738a7c2201566939cc70ef397/BT_WhitePapers_6Myths_2019.pdf?mimeType=application%2Fpdf
Requested by
Host: beyondtrust.drift.click
URL: https://beyondtrust.drift.click/_next/static/20200122160231-9e7d00f8cb929e666dd782676a371b1c12661ec6/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.207.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-207-136.compute-1.amazonaws.com
Software
/
Resource Hash
ebd511ee4f68f2dc71af766b10f9c0c6c61da5c46711c6aad65ee489bfcf5aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
Origin
https://beyondtrust.drift.click

Response headers

date
Tue, 04 Feb 2020 18:22:49 GMT
content-encoding
gzip
status
200
requestid
drift5a613454477ad1cf1b3c9883278
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/pdf
access-control-allow-origin
*
access-control-max-age
1209600
access-control-allow-credentials
true
content-disposition
attachment; filename="BT_WhitePapers_6Myths_2019.pdf"; filename*=UTF-8''BT_WhitePapers_6Myths_2019.pdf
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=386263332215591&ev=Microdata&dl=https%3A%2F%2Fbeyondtrust.drift.click%2F6-Myths-of-PAM%3Fd_utk%3Df23f2dc2-24be-4482-a357-a68853f8145b%26_om%3D238051&rl=&if=false&ts=1580840569685&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BeyondTrust%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Start%20a%20conversation%20with%20BeyondTrust%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1580840569180.890493472&it=1580840568970&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:49 GMT, Tue, 04 Feb 2020 18:22:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 04 Feb 2020 18:22:49 GMT
download-icon.svg
beyondtrust.drift.click/static/
1 KB
938 B
Image
General
Full URL
https://beyondtrust.drift.click/static/download-icon.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-25-212.compute-1.amazonaws.com
Software
/ Express
Resource Hash
84f9170158225243bdce501f6ba3595de6d9db3f4aa5541da8e1a51e9766b62c

Request headers

Referer
https://beyondtrust.drift.click/6-Myths-of-PAM?d_utk=f23f2dc2-24be-4482-a357-a68853f8145b&_om=238051
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 18:22:50 GMT
content-encoding
gzip
etag
W/"576-16fcdfc5218"
last-modified
Wed, 22 Jan 2020 16:01:03 GMT
access-control-allow-origin
*
x-powered-by
Express
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=0, must-revalidate
accept-ranges
bytes
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| drift function| driftt object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ function| fbq function| _fbq object| webpackJsonp object| __NEXT_P object| __NEXT_DATA__ boolean| _pdfjsCompatibilityChecked object| core object| next object| __SENTRY__

3 Cookies

Domain/Path Name / Value
beyondtrust.drift.click/ Name: driftt_sid
Value: cd11a133-70e0-4f66-85f8-a1235a01295a
.drift.click/ Name: _fbp
Value: fb.1.1580840569180.890493472
beyondtrust.drift.click/ Name: driftt_aid
Value: 36df0c6c-e745-40b6-b118-6167d9d59014

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beyondtrust.drift.click
connect.facebook.net
drift-prod-file-uploads.s3.amazonaws.com
engage.beyondtrust.com
file2.api.drift.com
js.driftt.com
www.facebook.com
143.204.214.14
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.219.207.136
3.95.102.103
52.216.241.204
52.72.25.212
0a8e04bcc14b041c8a77387fb3876a087b9b5dfb2780143adbd804954825052e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
159854b38bd519aad9ca19ce09b837cab4a85fc2d7f02a0b2579f0939b73ba8d
304d120197162b3d1f6a9ac07b3994758299ba23a2ee0cdc1ca520452bfce486
3207a9794c95af8e443a22e6d20b466faa17fbe43e02939d9b3ca57782804747
33fbe1a5322ad182a4605e18e092bd257b07012ab6545fab373bfcb7813e840f
39c0704726d29827ada81eae6746498797e06cccfd99ab31d32dd94c59343523
44d63ca4e6bee7727e0d825fcddf02c22f11b8b32b00e9dfe830d576e59c8907
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
7fc84e72190a7d243ef96291884968fa6d00deaf68e1310b8869bae7162cd3de
84f9170158225243bdce501f6ba3595de6d9db3f4aa5541da8e1a51e9766b62c
855a43265137d02a233a7eb8335bad0f7c6555772d72edf2ea7c290f9362a483
99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac
ebd511ee4f68f2dc71af766b10f9c0c6c61da5c46711c6aad65ee489bfcf5aad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29f09974d54698a102b8d2dd386ea4ede054a5bf6dc3837ea0b9eda3e76bdf9