www.secureworks.com Open in urlscan Pro
2620:1ec:bdf::45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.cloudseclist.com/CL0/https:%2F%2Fwww.secureworks.com%2Fresearch%2Ftampering-with-conditional-access-policies-usin...
Effective URL:
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Submission: On May 28 via manual (May 28th 2023, 1:46:36 pm UTC) from IN — Scanned from DE

Summary HTTP 72 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 72 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.secureworks.com. The Cisco Umbrella rank of the primary domain is 743740.
TLS certificate: Issued by Thawte RSA CA 2018 on January 20th 2023. Valid for: a year.

This is the only time www.secureworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:223... 2600:9000:223c:6800:17:880d:1a00:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
48	2a02:26f0:780... 2a02:26f0:780::5f65:3679	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	9

1 2600:9000:223c:6800:17:880d:1a00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

click.cloudseclist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a02:26f0:780::5f65:3679 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

content.secureworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

725-smc-563.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	secureworks.com www.secureworks.com — Cisco Umbrella Rank: 743740 content.secureworks.com	3 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	164 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3129	7 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	296 B
1	mktoresp.com 725-smc-563.mktoresp.com	318 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	97 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	cloudseclist.com 1 redirects click.cloudseclist.com	275 B
72	9

	Domain	Requested by
48	content.secureworks.com	www.secureworks.com content.secureworks.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.secureworks.com
6	www.secureworks.com	www.secureworks.com www.googletagmanager.com
2	munchkin.marketo.net	www.secureworks.com munchkin.marketo.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	725-smc-563.mktoresp.com	munchkin.marketo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.secureworks.com
1	fonts.googleapis.com	www.secureworks.com
1	click.cloudseclist.com	1 redirects
72	10

This site contains links to these domains. Also see Links.

Domain
portal.secureworks.com
twitter.com
www.linkedin.com
www.facebook.com
learn.microsoft.com
github.com
developer.mozilla.org
techcommunity.microsoft.com
aadinternals.com
pages.secureworks.com
jobs.dell.com
investors.secureworks.com
content.secureworks.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.secureworks.com Thawte RSA CA 2018	`2023-01-20` - `2024-01-19`	a year	crt.sh
cert00029-azurecdn.akamaized.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Frame ID: 19866B16E2EE17D8090B05C5743D7A60
Requests: 72 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tampering with Conditional Access Policies Using Azure AD Graph API | SecureworksBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://click.cloudseclist.com/CL0/https:%2F%2Fwww.secureworks.com%2Fresearch%2Ftampering-with-conditional-... HTTP 302
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

2978 kB
Transfer

5096 kB
Size

6
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.secureworks.com/portal/loginIDP
Title: Login

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api&text=Tampering%20with%20Conditional%20Access%20Policies%20Using%20Azure%20AD%20Graph%20API&via=Secureworks

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api&source=Secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis
Title: Azure Active Directory

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-methods
Title: authentication methods

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/overview
Title: Conditional Access policies

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/graph/migrate-azure-ad-graph-overview
Title: Azure AD Graph

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/graph/use-the-api
Title: Microsoft Graph

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
Title: roles

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-insights-reporting
Title: Report-only

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs
Title: audit logs

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/graph/api/resources/conditionalaccessroot?view=graph-rest-1.0
Title: well-documented

Search URL Search Domain Scan URL

URL: https://github.com/Azure-Samples/azure-ad-conditional-access-apis/tree/main/01-configure/graphapi
Title: examples

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PATCH
Title: PATCH

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/azure-ad-change-management-simplified/ba-p/2967456
Title: retirement

Search URL Search Domain Scan URL

URL: https://aadinternals.com/aadinternals/
Title: AADInternals

Search URL Search Domain Scan URL

URL: https://github.com/dirkjanm/ROADtools
Title: ROADTools

Search URL Search Domain Scan URL

URL: https://github.com/hedbergtech/AzureActiveDirectory/tree/main/ExportCAPoliciesAsUser
Title: TSxAzureADExport

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview
Title: Log Analytics

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html?_ga=2.98586582.992821853.1618841296-805368899.1615224462
Title: SEND ME UPDATES

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/secureworks

Search URL Search Domain Scan URL

URL: https://twitter.com/secureworks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/secureworks

Search URL Search Domain Scan URL

URL: https://github.com/secureworks

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/email-subscription.html
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://jobs.dell.com/secureworks-jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://investors.secureworks.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://content.secureworks.com/-/media/Files/Corporate/modernslaverystatement_22_v2.ashx?modified=20220621140318
Title: Supply Chain Transparency

Search URL Search Domain Scan URL

URL: https://pages.secureworks.com/UnsubscribePage.html?mkt_unsubscribe=1
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.cloudseclist.com/CL0/https:%2F%2Fwww.secureworks.com%2Fresearch%2Ftampering-with-conditional-access-policies-using-azure-ad-graph-api/1/0102018862875e17-46b51f00-cd04-497e-bec8-48cf46dfa691-000000/RLFSZG5xX4g_C-cRVA03ve8XJ2uMltmaQkfj05VkmwM=302 HTTP 302
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tampering-with-conditional-access-policies-using-azure-ad-graph-api Show response
www.secureworks.com/research/
Redirect Chain

https://click.cloudseclist.com/CL0/https:%2F%2Fwww.secureworks.com%2Fresearch%2Ftampering-with-conditional-access-policies-using-azure-ad-graph-api/1/0102018862875e17-46b51f00-cd04-497e-bec8-48cf46...
https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

92 KB
27 KB

1195ms
1116ms

Document
text/html

2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2873a9c4cda9c8aeb1b306eafcf4a68b5e6c378bee83a86f8ee7c80fc222765f

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-OGQ0YmUxNzExOWY3NDc0YjlmZWE4M2VjYjJiNThhOWM=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: br
content-security-policy: object-src 'none'; script-src 'self' 'nonce-OGQ0YmUxNzExOWY3NDc0YjlmZWE4M2VjYjJiNThhOWM=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://*.vimeo.com https://*.vimeocdn.com https://j.6sc.co https://b.6sc.co https://*.6sc.co https://epsilon.6sense.com https://*.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://*.drift.com https://*.driftt.com https://*.simplecast.com https://*.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://*.on24.com https://*.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://*.redditstatic.com https://*.ensighten.com https://*.ml314.com https://*.choozle.com https://*.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://*.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://*.cloudfunctions.net https://tag.demandbase.com https://*.bidr.io https://*.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://*.vimeo.com https://*.vimeocdn.com content.secureworks.com *.secureworks.com id.rlcdn.com *.googletagmanager.com cdn.cookielaw.org *.gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com *.google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com *.adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com *.crazyegg.com *.redditstatic.com alb.reddit.com *.ensighten.com ml314.com *.choozle.com *.bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com *.clarity.ms analytics.twitter.com t.co *.bidr.io *.company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com *.secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' *.folloze.com *.secureworks.com; worker-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Sun, 28 May 2023 13:46:31 GMT
expires: -1
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-azure-ref: 20230528T134630Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hrup
x-cache: PRIVATE_NOSTORE
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Sun, 28 May 2023 13:46:29 GMT
location: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-id: ONdBq3SL-kfb0zKFsgFqCglH1z-OyttRkfLVJ_0kBBAQokozNWHLFw==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront

GET
H2 200 html5reset-1.6.1.css
content.secureworks.com/content/app/css/ 1 KB
1 KB 197ms
40ms Stylesheet
text/css 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/html5reset-1.6.1.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
x-azure-ref-originshield: 0r/5hZAAAAACOvpSGS6fjSIVO+4cpN8qjRlJBMjMxMDUwNDE4MDExADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "24ef2bc9da47d91:0"
x-azure-ref: 0r/5hZAAAAAAKTxmrpE/fS5m6se23FTpURlJBMzFFREdFMDkxNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1454197
accept-ranges: bytes
content-length: 573

GET
H2 200 western-typographies.css
content.secureworks.com/content/app/css/ 2 KB
817 B 196ms
40ms Stylesheet
text/css 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/western-typographies.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:38 GMT
x-azure-ref-originshield: 0BbtYZAAAAACweihERdExRKXDxvQRI/uaRlJBMjMxMDUwNDE4MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "5c8b48c9da47d91:0"
x-azure-ref: 0sCtiZAAAAACQb1AtgjyZQLz85KqILE0YRlJBMzFFREdFMDQwOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1465684
accept-ranges: bytes
content-length: 365

GET
H2 200 main.css
content.secureworks.com/content/app/css/ 585 KB
83 KB 189ms
32ms Stylesheet
text/css 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:19 GMT
x-azure-ref-originshield: 0s3tjZAAAAAB0jm4eVu6xQqrjc+7ELyO2RlJBMjMxMDUwNDE4MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "3037dfbdda47d91:0"
x-azure-ref: 0s3tjZAAAAABan4uafhngSbj8FxoIRwWTRlJBMzFFREdFMDQxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1551750
accept-ranges: bytes
content-length: 84253

GET
H2 200 jquery-3.6.0.min.js Show response
content.secureworks.com/content/app/js/ 87 KB
31 KB 198ms
41ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/jquery-3.6.0.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
x-azure-ref-originshield: 0E0daZAAAAACRODUgnsi1Qr6KaxjTuDMHRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "d96adfc5da47d91:0"
x-azure-ref: 0E0daZAAAAADI+qKaTtavSoHfJuxiBtTlRlJBMzFFREdFMDkwNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=948487
accept-ranges: bytes
content-length: 30954

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 56ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b817ddec3728ea011d21f345670ed6c213d08a71a15ade591680bfaba85960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 May 2023 13:46:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 May 2023 13:46:31 GMT

GET
H2 200 tampering-with-azure-ad_01.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 46 KB
47 KB 100ms
66ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_01.ashx?la=en&modified=20230521193959&hash=FCB6BB07D92CF09C60384A0D4909D327

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2fa6f3785d219b3929aaad69606e235412ac6684772688169876261b4d6a21d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:39:59 GMT
x-azure-ref-originshield: 0nrZsZAAAAAB1KJjF9YIvQoc8SnHeyLLxRlJBMjMxMDUwNDE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 6c9a34225df846298c3cba2d7e78056a
x-azure-ref: 0nrZsZAAAAADHi4tvCkFxQa6IvU/ovlD1RlJBMzFFREdFMDMxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2156620
content-disposition: inline; filename="tampering-with-azure-ad_01.png"
accept-ranges: bytes
content-length: 47316
expires: Thu, 22 Jun 2023 12:50:11 GMT

GET
H2 200 tampering-with-azure-ad_02.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 36 KB
36 KB 55ms
22ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_02.ashx?la=en&modified=20230521193959&hash=AEE98B0B7412FFB41B6C166E886825A6

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a95bb2a4288218ec1550340deadd67b333d50b538260b6644063d88bef7e5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:39:59 GMT
x-azure-ref-originshield: 0G6tsZAAAAADaM097dxFMSp0TlI4okUHrRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 287aab6e592c4ce4b6d9f6c904e3b65a
x-azure-ref: 0G6tsZAAAAAAIJSPZXNdvSoHnPgU97JSZRlJBMzFFREdFMDQwOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153699
content-disposition: inline; filename="tampering-with-azure-ad_02.png"
accept-ranges: bytes
content-length: 36383
expires: Thu, 22 Jun 2023 12:01:30 GMT

GET
H2 200 tampering-with-azure-ad_03.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 36 KB
37 KB 62ms
29ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_03.ashx?la=en&modified=20230521194000&hash=361C369EF2D4ED3D41ABCA25377A3C28

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0d68a71ebd1e7c5abd93a220c526e9560bd0ac6eb9126f3a5996386c4b55e5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:00 GMT
x-azure-ref-originshield: 0G6tsZAAAAACWcNbKziNrRoD5Bx5yUp/lRlJBMjMxMDUwNDE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 4b98fbea374d4213b2c54ffa41fbcd8b
x-azure-ref: 0G6tsZAAAAADjxwhT/7vMS63jNUP2eknBRlJBMzFFREdFMDMxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153609
content-disposition: inline; filename="tampering-with-azure-ad_03.png"
accept-ranges: bytes
content-length: 37295
expires: Thu, 22 Jun 2023 12:00:00 GMT

GET
H2 200 tampering-with-azure-ad_04.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 50 KB
50 KB 111ms
77ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_04.ashx?la=en&modified=20230521194000&hash=9039894C0323A3738FC104F00D414F1E

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

03e029485707421e0748d64d0e4ee7e06c9f687c5237a2a26e42095ea40e6d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:00 GMT
x-azure-ref-originshield: 0G6tsZAAAAADu2EL6lJ4ESaRvyyoxCbz7RlJBMjMxMDUwNDE3MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: a72e42acde844064a21812bad80a7681
x-azure-ref: 0N1tzZAAAAABU2Ct9daGoSb991xdIwayiRlJBMzFFREdFMDMxOQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591962
content-disposition: inline; filename="tampering-with-azure-ad_04.png"
accept-ranges: bytes
content-length: 50705
expires: Tue, 27 Jun 2023 13:45:53 GMT

GET
H2 200 tampering-with-azure-ad_05.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 79 KB
80 KB 71ms
38ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_05.ashx?la=en&modified=20230521194000&hash=31BD1415E5D114F6DB513B28E69BC593

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

580f93a53e8000358f5a3614df2673819b592823d665d492a3d8c2b8fcc0ca8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:00 GMT
x-azure-ref-originshield: 0XxdyZAAAAADCxa6zA+zRT5LoxvQ32t8RRlJBMjMxMDUwNDE3MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 0888e370ce8442c78c9da05e01233690
x-azure-ref: 0XxdyZAAAAADZHokSYoLKS48FEGiv/hliRlJBMzFFREdFMDkwNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2509045
content-disposition: inline; filename="tampering-with-azure-ad_05.png"
accept-ranges: bytes
content-length: 81324
expires: Mon, 26 Jun 2023 14:43:56 GMT

GET
H2 200 tampering-with-azure-ad_06.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 10 KB
11 KB 75ms
42ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_06.ashx?la=en&modified=20230521194001&hash=5A3FECC1407A48BE3D0ED002989251CC

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce2bd19d440faa31ed05d646e09bebfbbc3a9fd0f9a07ca21a909609a0f5e5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:01 GMT
x-azure-ref-originshield: 0G6tsZAAAAAAg6s5lY8U+TZhSRaZ2NPaGRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: ef126673004a4039bd5ddfaaa147a31f
x-azure-ref: 0G6tsZAAAAAApQSS73BGgQZ3k+dVTw/YKRlJBMzFFREdFMDkxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153796
content-disposition: inline; filename="tampering-with-azure-ad_06.png"
accept-ranges: bytes
content-length: 10457
expires: Thu, 22 Jun 2023 12:03:07 GMT

GET
H2 200 tampering-with-azure-ad_07.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 27 KB
27 KB 85ms
52ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_07.ashx?la=en&modified=20230521194001&hash=CEC9708B562B043FC687FE010EB94330

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7d3a7a686ef4505635cf6a680988fc8daab2b19bcf8cc70cbd985757f506c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:01 GMT
x-azure-ref-originshield: 0G6tsZAAAAAAK1boRmzrjSbMAWZ4KSpRpRlJBMjMxMDUwNDE4MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 79f9c17d5ef34148a70ce8d14ebdc250
x-azure-ref: 0G6tsZAAAAABQtS2v3UIcTbkBRhbqJmtYRlJBMzFFREdFMDMxMAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153768
content-disposition: inline; filename="tampering-with-azure-ad_07.png"
accept-ranges: bytes
content-length: 27245
expires: Thu, 22 Jun 2023 12:02:39 GMT

GET
H2 200 tampering-with-azure-ad_08.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 12 KB
12 KB 237ms
204ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_08.ashx?la=en&modified=20230521194001&hash=0E82C0E3097299A05E8B46EDFC0F5E9F

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f675f2914bdf134d49163a7f780c40d417587c1b14fa58f5071dff9b2cc0655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:01 GMT
x-azure-ref-originshield: 0G6tsZAAAAABaKFJ9l3Q9TJryP+2+Dw8XRlJBMjMxMDUwNDE4MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: dd65de8af5074054847c675d6002c08f
x-azure-ref: 0G6tsZAAAAAAWt3H7v1kFSa8lIdOpmuzWRlJBMzFFREdFMDMxNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153737
content-disposition: inline; filename="tampering-with-azure-ad_08.png"
accept-ranges: bytes
content-length: 11839
expires: Thu, 22 Jun 2023 12:02:08 GMT

GET
H2 200 tampering-with-azure-ad_09.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 31 KB
32 KB 84ms
51ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_09.ashx?la=en&modified=20230521194001&hash=0DE40268EAA9CD1CA78BB994FB80BF3C

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ece8ad5ecde1ff2cf7788665539df6589c0c909fa43a5c6f31bec7f11c2fb0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:01 GMT
x-azure-ref-originshield: 0G6tsZAAAAADrEhx68ArfSIiA1Z/aey+URlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: c725938ccb034412872ecb153da20a0e
x-azure-ref: 0G6tsZAAAAADWrwTPcHqzSIODFHdNz3bBRlJBMzFFREdFMDMxOQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153751
content-disposition: inline; filename="tampering-with-azure-ad_09.png"
accept-ranges: bytes
content-length: 32076
expires: Thu, 22 Jun 2023 12:02:22 GMT

GET
H2 200 tampering-with-azure-ad_10.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 14 KB
14 KB 92ms
59ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_10.ashx?la=en&modified=20230521194002&hash=A4C800E2A51747E891FD93024BAAF30C

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c02d3bd7cf793ce7595b249c20c7bdedd8c407a430e3ff6cc210092eb4119dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:02 GMT
x-azure-ref-originshield: 0G6tsZAAAAAArFnuMZmIHRL3rzU6mJhuzRlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 30af804ebee04c80b79f54dba8db41da
x-azure-ref: 0G6tsZAAAAACAmN6TA8rTQbTZ3Bmiha2oRlJBMzFFREdFMDMyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153774
content-disposition: inline; filename="tampering-with-azure-ad_10.png"
accept-ranges: bytes
content-length: 14173
expires: Thu, 22 Jun 2023 12:02:45 GMT

GET
H2 200 tampering-with-azure-ad_11.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 14 KB
14 KB 871ms
839ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_11.ashx?la=en&modified=20230521194002&hash=BB6B20F3F572BA2DFB1863238F99626E

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d9440fd539ff86f4d5aff8ef988ff3abc88f901699b1272a964d8c5d4e77eda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:32 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:02 GMT
etag: ece4a1bc13fc43488d1fb08f3926683f
x-azure-ref: 20230528T134631Z-7rxfynbyqd46f0wzwdymupu7w00000000cug00000000nv3s
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="tampering-with-azure-ad_11.png"
accept-ranges: bytes
content-length: 13955
expires: Tue, 27 Jun 2023 13:46:32 GMT

GET
H2 200 tampering-with-azure-ad_12.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 18 KB
18 KB 64ms
31ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_12.ashx?la=en&modified=20230521194002&hash=672FD36166788035B0F8FFB9AB246283

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bdc09e89328d3def776e8852321bb917ae3295695d5222f68419605aeefc9dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:02 GMT
x-azure-ref-originshield: 0g6JyZAAAAACdWY0gwDZtRYRz60N4SX/2RlJBMjMxMDUwNDE3MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: e1d18884fc5b4d97a7bce11eee272513
x-azure-ref: 0CUtzZAAAAACfXVKGl9L3TrEPeEL+nxNlRlJBMzFFREdFMDkxNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2587829
content-disposition: inline; filename="tampering-with-azure-ad_12.png"
accept-ranges: bytes
content-length: 17966
expires: Tue, 27 Jun 2023 12:37:00 GMT

GET
H2 200 tampering-with-azure-ad_13.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 4 KB
5 KB 64ms
31ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_13.ashx?la=en&modified=20230521194002&hash=748FD27DFDC159D0E7940BA6B29FB00C

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6dc1b0ab35fb9d4767cb3de9c9be1636d298bb184174d0e5f97f17e09bc9123d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:02 GMT
x-azure-ref-originshield: 0G6tsZAAAAADVupcw/TjoTIS+W18lblFWRlJBMjMxMDUwNDE3MDIxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 9a04e4ae0bb3480ebbdec150dc80ccff
x-azure-ref: 0n7ZsZAAAAAA6rkMvc0hNTK9uTH2UI56QRlJBMzFFREdFMDMxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2156573
content-disposition: inline; filename="tampering-with-azure-ad_13.png"
accept-ranges: bytes
content-length: 4336
expires: Thu, 22 Jun 2023 12:49:24 GMT

GET
H2 200 tampering-with-azure-ad_14.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 98 KB
99 KB 120ms
88ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_14.ashx?la=en&modified=20230521194003&hash=6F2F30522B4A2AF2A2D7BCF988D0E229

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

48877d82a8f49ff6ea6f294e93ba92548b419031b165ddf46be3e73d2fbb8986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:03 GMT
x-azure-ref-originshield: 0n7ZsZAAAAABI4JZLG01JTLizIsScma/hRlJBMjMxMDUwNDE4MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 042080b70d1042f1babdf38ae6a6cbcd
x-azure-ref: 0n7ZsZAAAAAA8NkF2vUhsSZ3GVyG9D5uORlJBMzFFREdFMDMxNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2156664
content-disposition: inline; filename="tampering-with-azure-ad_14.png"
accept-ranges: bytes
content-length: 100436
expires: Thu, 22 Jun 2023 12:50:55 GMT

GET
H2 200 tampering-with-azure-ad_15.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 17 KB
18 KB 116ms
83ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_15.ashx?la=en&modified=20230521194003&hash=70EDA1B3D4472DDB2C982C1921A14ECB

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

de6d8a47cec4588dda5fa6c2e740964935f236bf5dd4ecd55908cf59b558d879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:03 GMT
x-azure-ref-originshield: 0B0FuZAAAAAAltjbMZMwcSZ91OEsG/GUBRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 8de74705d8d643d788b97dd26ddcb44c
x-azure-ref: 0N1tzZAAAAACnN2y1DNoSSoprwCmTSoSZRlJBMzFFREdFMDQxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2592000
content-disposition: inline; filename="tampering-with-azure-ad_15.png"
accept-ranges: bytes
content-length: 17658
expires: Tue, 27 Jun 2023 13:46:31 GMT

GET
H2 200 tampering-with-azure-ad_16.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 38 KB
38 KB 146ms
114ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_16.ashx?la=en&modified=20230521194003&hash=C2E1B979A9F49A5E48FE11AA7758E70A

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abf52b4d1e0faaa69769ba8ff940e9f8ca5a5f3ddc3ef8c4a0f219011e23725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:03 GMT
x-azure-ref-originshield: 0N1tzZAAAAABrtO8iv6opRL/3f0//Jl/vRlJBMjMxMDUwNDE4MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 51cc75f60b604fdaba6e1c16375da330
x-azure-ref: 0N1tzZAAAAADHFOj+6j1yRbXoL+sdIw9uRlJBMzFFREdFMDQwNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591957
content-disposition: inline; filename="tampering-with-azure-ad_16.png"
accept-ranges: bytes
content-length: 38623
expires: Tue, 27 Jun 2023 13:45:48 GMT

GET
H2 200 tampering-with-azure-ad_17.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 33 KB
34 KB 118ms
86ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_17.ashx?la=en&modified=20230521194004&hash=F8AB229859DD49A1091135E980367C78

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d545fb9867ff4a940680efaf5e6808fbd25c02830e0edbbb62e56743117e066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:04 GMT
x-azure-ref-originshield: 0G6tsZAAAAABvNUZ8hNKNRJ0xDC1xpvXvRlJBMjMxMDUwNDE4MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 90305c79aa604cc69c02bf4dbb92044d
x-azure-ref: 0N1tzZAAAAACLlGb1YpJATquYwjSR/0xvRlJBMzFFREdFMDkxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591964
content-disposition: inline; filename="tampering-with-azure-ad_17.png"
accept-ranges: bytes
content-length: 34274
expires: Tue, 27 Jun 2023 13:45:55 GMT

GET
H2 200 tampering-with-azure-ad_18.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 19 KB
19 KB 74ms
43ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_18.ashx?la=en&modified=20230521194004&hash=0AC87C21CA4D9ABECE462878636D0DE9

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4066ce5bd6ae7efabc8d94a17449f3d56f11392ed5190f43e93ad94850ccb312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:04 GMT
x-azure-ref-originshield: 0G6tsZAAAAABterWzgQ/hRY0trBJOK62MRlJBMjMxMDUwNDE3MDE5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 6e9e96da388d46d8a76a08a06c437cf5
x-azure-ref: 0G6tsZAAAAAABKIegsm7BQpotSujeyO5cRlJBMzFFREdFMDMyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153714
content-disposition: inline; filename="tampering-with-azure-ad_18.png"
accept-ranges: bytes
content-length: 19356
expires: Thu, 22 Jun 2023 12:01:45 GMT

GET
H2 200 tampering-with-azure-ad_19.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 48 KB
49 KB 83ms
52ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_19.ashx?la=en&modified=20230521194004&hash=DB044184A11FD3647B8E0A81E9F695DA

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

916e93ef2c52b1fd27410cd200d071c8a53d5270490214b29534c138dc88605c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:04 GMT
x-azure-ref-originshield: 0G6tsZAAAAACkf0JQiCMpSZrisY9gpS6fRlJBMjMxMDUwNDE4MDMzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: bbbfef09c3e24c30893bd481f6f7ca3b
x-azure-ref: 0G6tsZAAAAABdYQRd7u9RSYFgGZjRTv0JRlJBMzFFREdFMDMwOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2153672
content-disposition: inline; filename="tampering-with-azure-ad_19.png"
accept-ranges: bytes
content-length: 49253
expires: Thu, 22 Jun 2023 12:01:03 GMT

GET
H2 200 tampering-with-azure-ad_20.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/ 18 KB
19 KB 129ms
97ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/105%20tampering%20with%20conditional%20access%20policies/tampering-with-azure-ad_20.ashx?la=en&modified=20230521194004&hash=EC4CD33DC66FDC949F6EA2CC51F62C3A

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5dd6dad52096305273e03edc509f476f0b590b6f6df5025e4c47ffe83a2e9ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 May 2023 19:40:04 GMT
x-azure-ref-originshield: 0N1tzZAAAAADdHzssXb51RLGdkqcBC3zjRlJBMjMxMDUwNDE3MDE3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 52a8e7d233d74c1895c09f058b5cd950
x-azure-ref: 0N1tzZAAAAADfgI3B5giKQb9GZzZ1XG7YRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2591998
content-disposition: inline; filename="tampering-with-azure-ad_20.png"
accept-ranges: bytes
content-length: 18785
expires: Tue, 27 Jun 2023 13:46:29 GMT

GET
H2 200 002-background-treated_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/ 30 KB
30 KB 63ms
32ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/002-purple-black-faded-screen/002-background-treated_360x190.ashx?modified=20220621213741

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 21:37:41 GMT
x-azure-ref-originshield: 0TUM1ZAAAAAC/+9coE/8aR6CEssAmS6qZRlJBMjMxMDUwNDE4MDQ5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
server: Microsoft-IIS/10.0
etag: 02b515b1c4464caaa68045744107a917
x-azure-ref: 07rw3ZAAAAAAwhW3pKxdeR4kC2IzLCy8RRlJBMzFFREdFMDMxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=874703
content-disposition: inline; filename="002-background-treated_360x190.png"
accept-ranges: bytes
content-length: 30267
expires: Wed, 07 Jun 2023 16:44:54 GMT

GET
H2 200 blog-right-sidebar-ad.ashx
content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/ 21 KB
21 KB 82ms
51ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Blog/2022%20right%20sidebar%20ads/blog-right-sidebar-ad.ashx?modified=20221102152447

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 15:24:47 GMT
etag: 9a6cd664e4ae440c96fa0d2bacbcb2db
x-azure-ref: 20230517T140316Z-v6x3z8va4h0pmcv2pbd7z9n2d800000000g0000000010dq1
content-type: image/png
cache-control: public, max-age=1642514
content-disposition: inline; filename="blog-right-sidebar-ad.png"
accept-ranges: bytes
content-length: 21359
expires: Fri, 16 Jun 2023 14:01:45 GMT

GET
H2 200 state-of-the-threat-2022_500x300.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/ 156 KB
157 KB 82ms
51ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/state%20of%20the%20threat%202022/state-of-the-threat-2022_500x300.ashx?modified=20220930143542

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Sep 2022 14:35:42 GMT
x-azure-ref-originshield: 0CV1bZAAAAAA5cKi+q0FaS4ORh5H1oNIBRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: dca4e3938b8e4a69a36ea6fa76e12158
x-azure-ref: 0e65bZAAAAADn7RR86NmHTZNrFyXifQO0RlJBMzFFREdFMDMwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=1040471
content-disposition: inline; filename="state-of-the-threat-2022_500x300.png"
accept-ranges: bytes
content-length: 160244
expires: Fri, 09 Jun 2023 14:47:42 GMT

GET
H2 200 014-Abstract-background-treated_360x190.ashx
content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/014-blue-purple-fine-lines/ 24 KB
24 KB 55ms
24ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/2022/abstract%20approved/014-blue-purple-fine-lines/014-Abstract-background-treated_360x190.ashx?modified=20220406121700

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4783c14b454a0845e7df0c96999636e8ae0cf017ce1fc389d606d95c156686b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 12:17:00 GMT
x-azure-ref-originshield: 0J31uZAAAAAACOInsqXDoTr7uSctSKaZ3RlJBMjMxMDUwNDE3MDUzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: cd7b7cceac7441478c3392ca7367bd9c
x-azure-ref: 0J31uZAAAAADA2BfYdAC+QJPxCMLDpWKvRlJBMzFFREdFMDkxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=2272956
content-disposition: inline; filename="014-Abstract-background-treated_360x190.png"
accept-ranges: bytes
content-length: 24484
expires: Fri, 23 Jun 2023 21:09:07 GMT

GET
H2 200 growing-threat-infostealers_6-9-md.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/104%20the%20growing%20threat%20from%20infostealers/ 536 KB
538 KB 75ms
44ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Threat%20Analysis/104%20the%20growing%20threat%20from%20infostealers/growing-threat-infostealers_6-9-md.ashx?modified=20230504131027

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c311e9a6d0771335f6418f47286cd53c621d871486b1a736e0d079712426376e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 May 2023 13:10:27 GMT
x-azure-ref-originshield: 0KWFjZAAAAAAPWou+Ci3HTLkm6gA73/VrRlJBMjMxMDUwNDE3MDI3ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: e2cfeb16b1e84d99a93824b863a5171c
x-azure-ref: 0KWFjZAAAAAARmlYDMGf4QbP7HbIMiuKlRlJBMzFFREdFMDMyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=1545001
content-disposition: inline; filename="growing-threat-infostealers_6-9-md.png"
accept-ranges: bytes
content-length: 549333
expires: Thu, 15 Jun 2023 10:56:32 GMT

GET
H2 200 ti-exec-report-2023-vol-2_16-9-md.ashx
content.secureworks.com/-/media/Images/Insights/Resources/Reports/threat%20intelligence%20report/2023/ 176 KB
177 KB 100ms
69ms Image
image/png 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/Insights/Resources/Reports/threat%20intelligence%20report/2023/ti-exec-report-2023-vol-2_16-9-md.ashx?modified=20230505144400

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a7f3c358625c7880dd47f9ba4cff8f733a793bc00fec26abbb2b5bf36df6ca1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 May 2023 14:44:00 GMT
x-azure-ref-originshield: 0TkNZZAAAAABTb2V1wBP2S6Bkz+gSlUFTRlJBMjMxMDUwNDE3MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: d34c8a8268e14eb1b3ee973d7c38de78
x-azure-ref: 0TkNZZAAAAAD+ljxq2zWpRI0wtE4nU9JBRlJBMzFFREdFMDQxMAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/png
cache-control: public, max-age=882042
content-disposition: inline; filename="ti-exec-report-2023-vol-2_16-9-md.png"
accept-ranges: bytes
content-length: 180667
expires: Wed, 07 Jun 2023 18:47:13 GMT

GET
H2 200 close.svg
www.secureworks.com/content/rc/images/ 850 B
1 KB 18ms
16ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.secureworks.com/content/rc/images/close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:40 GMT
etag: "6de322cada47d91:0"
x-azure-ref: 20230528T134631Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hrzu
x-cache: TCP_HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 850

GET
H2 200 libs.min.js Show response
content.secureworks.com/content/app/js/ 257 KB
70 KB 53ms
53ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs.min.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
x-azure-ref-originshield: 04QhnZAAAAACbWujMM5yxRIlkFSEpFp1ARlJBMjMxMDUwNDE3MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "dd69fec5da47d91:0"
x-azure-ref: 04QhnZAAAAADFfk+TMW+BRrihPYC0/xfrRlJBMzFFREdFMDkxOAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1784517
accept-ranges: bytes
content-length: 70793

GET
H2 200 main.js Show response
content.secureworks.com/content/app/js/ 73 KB
20 KB 17ms
17ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/main.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:33 GMT
x-azure-ref-originshield: 0sCtiZAAAAABG7IYTW8GeSaN9g3EBAryWRlJBMjMxMDUwNDE4MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "9e905c6da47d91:0"
x-azure-ref: 0sCtiZAAAAABtZZPDREv0QKyHZ6PGN1s0RlJBMzFFREdFMDQwNwAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1465747
accept-ranges: bytes
content-length: 19484

GET
H2 200 products.js Show response
content.secureworks.com/content/rc/js/ 44 KB
14 KB 17ms
12ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/rc/js/products.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:46 GMT
x-azure-ref-originshield: 0ZSVqZAAAAAB+PnOAdwDwQ4wcOuNjMpNZRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "8d80fbcdda47d91:0"
x-azure-ref: 0hwZuZAAAAAC05gxNSOSMSKZfhszdWcy2RlJBMzFFREdFMDMxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2242718
accept-ranges: bytes
content-length: 13755

GET
H2 200 default.css
content.secureworks.com/content/app/css/highlighter/ 1 KB
1 KB 24ms
18ms Stylesheet
text/css 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/css/highlighter/default.css?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:41 GMT
x-azure-ref-originshield: 0hdQ+ZAAAAABnEn7ilwmUQ7PDs5B04jbSRlJBMjMxMDUwNDE4MDQ1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "65618bcada47d91:0"
x-azure-ref: 0hdQ+ZAAAAAAzXAkAQcaqTbvv7ZG+xrbyRlJBMzFFREdFMDkxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1459142
accept-ranges: bytes
content-length: 580

GET
H2 200 highlight.pack.js Show response
content.secureworks.com/content/app/js/libs/ 50 KB
20 KB 20ms
15ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/js/libs/highlight.pack.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
x-azure-ref-originshield: 03+hjZAAAAAA2C7qFJ/cpS5uUyDI/a4qfRlJBMjMxMDUwNDE3MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "2c1d72c6da47d91:0"
x-azure-ref: 03+hjZAAAAABsY990E1TnTr3i7nbwm+xlRlJBMzFFREdFMDkwOQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1579713
accept-ranges: bytes
content-length: 20267

GET
H2 200 bundle.js Show response
content.secureworks.com/content/micro/ 730 KB
213 KB 25ms
20ms Script
application/javascript 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/micro/bundle.js?v=02-24-2023

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:02:04 GMT
x-azure-ref-originshield: 0MgliZAAAAAAQZtL+t9VtQJPQNKixMic+RlJBMjMxMDUwNDE3MDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "c2e26ed8da47d91:0"
x-azure-ref: 0sHtjZAAAAABeRgPG7/4zQ4qcbkLhqrxfRlJBMzFFREdFMDMxNAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1551745
accept-ranges: bytes
content-length: 217228

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 298ms
30ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 13:46:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2023 02:09:07 GMT
Server: AkamaiNetStorage
ETag: "fefdb331ffca929fc0e661337b64ed4f:1678241347.158405"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 741

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
97 KB 78ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acab313c63272e3f0bb60aa5a6ed41833ac2b2a7eb487aa88cf492f2754ffa86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99127
x-xss-protection: 0
last-modified: Sun, 28 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 May 2023 13:46:31 GMT

GET
H2 200 arrow.svg
content.secureworks.com/content/app/img/svg/ 2 KB
1 KB 52ms
31ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/content/app/img/svg/arrow.svg

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:57 GMT
x-azure-ref-originshield: 0HwxRZAAAAAB1PDeaorVZQo/OspQ8mfJfRlJBMjMxMDUwNDE3MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
date: Sun, 28 May 2023 13:46:31 GMT
etag: "c5a74cd4da47d91:0"
x-azure-ref: 0MoVVZAAAAABXrudwCb/ETLb/WdYEuW3iRlJBMzFFREdFMDkxMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=636671
accept-ranges: bytes
content-length: 905

GET
H2 200 visuelt-regular.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
34 KB 19ms
18ms Font
application/font-woff 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-regular.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Feb 2023 22:04:45 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0qN3jYwAAAABU2YakViKeRJM1d72HCVlGRlJBMjMxMDUwNDE3MDM5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "e33fe85773ad91:0"
x-azure-ref: 0qN3jYwAAAABanEPIF5JKQaW3nVMq8BzoRlJBMjMxMDUwNDE5MDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2153647
accept-ranges: bytes
content-length: 34560

GET
H2 200 icomoon.ttf
content.secureworks.com/content/app/fonts/icomoon-new/ 3 KB
3 KB 21ms
20ms Font
application/font-ttf 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/icomoon-new/icomoon.ttf?8und5p

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:49 GMT
x-azure-ref-originshield: 0nkxaZAAAAACv748uXE73S4TxTaYICxxVRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "ea28cacfda47d91:0"
x-azure-ref: 0nkxaZAAAAAAhW2XtlUWTR6QYo2GUrE5KRlJBMjMxMDUwNDIwMDIxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public, max-age=949824
accept-ranges: bytes
content-length: 2904

GET
H2 200 visuelt-medium.woff
content.secureworks.com/content/app/fonts/visuelt/ 36 KB
36 KB 29ms
28ms Font
application/font-woff 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-medium.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:29 GMT
x-azure-ref-originshield: 0FRVuZAAAAADdKXhT0RODQrBZQkYCiYYFRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: "a41374c3da47d91:0"
x-azure-ref: 0FRVuZAAAAAAkgIaCR5zGSZUPnIG2h+/9RlJBMzFFREdFMDQxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2246316
accept-ranges: bytes
content-length: 36448

GET
H2 200 visuelt-black.woff
content.secureworks.com/content/app/fonts/visuelt/ 34 KB
35 KB 19ms
18ms Font
application/font-woff 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.secureworks.com/content/app/fonts/visuelt/visuelt-black.woff

Requested by

Host: content.secureworks.com
URL: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://content.secureworks.com/content/app/css/main.css?v=02-24-2023
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:53 GMT
etag: "e6d7b9d1da47d91:0"
x-azure-ref: 0e65bZAAAAAAfqrX+WUz4Qr1h1LAq1e8dRlJBMjMxMDUwNDE3MDE5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1040373
accept-ranges: bytes
content-length: 35128

GET
H2 200 Visuelt-Light.ttf
www.secureworks.com/content/assets/fonts/ 139 KB
140 KB 16ms
15ms Font
application/font-ttf 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Light.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
etag: "9872a7c6da47d91:0"
x-azure-ref: 20230528T134631Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hrzv
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 142684

GET
H2 200 Visuelt-Bold.ttf
www.secureworks.com/content/assets/fonts/ 170 KB
171 KB 27ms
27ms Font
application/font-ttf 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt-Bold.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
etag: "764ba0c6da47d91:0"
x-azure-ref: 20230528T134631Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hrzw
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 174376

GET
H2 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 16 KB
17 KB 47ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 00:17:16 GMT
x-content-type-options: nosniff
age: 394155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16832
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:12:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 00:17:16 GMT

GET
H2 200 Visuelt.ttf
www.secureworks.com/content/assets/fonts/ 167 KB
168 KB 14ms
13ms Font
application/font-ttf 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/content/assets/fonts/Visuelt.ttf

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
Origin: https://www.secureworks.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 23:01:34 GMT
etag: "542499c6da47d91:0"
x-azure-ref: 20230528T134631Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hs1h
x-cache: TCP_HIT
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: public,max-age=2592000
accept-ranges: bytes
content-length: 171496

GET
H2 200 warning.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 244 B
736 B 19ms
18ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/warning.ashx?modified=20221020215207

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:52:07 GMT
x-azure-ref-originshield: 0mhBiZAAAAAD+5KVD6oj9SKbo9YCD0MBZRlJBMjMxMDUwNDE3MDA5ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b370dd3d1a404660b8227483d8eb6fff
x-azure-ref: 0pd5kZAAAAADM6L0pTWU0SL8WE2DDVUdPRlJBMzFFREdFMDkwNgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/svg+xml
cache-control: public, max-age=1642545
content-disposition: inline; filename="warning.svg"
accept-ranges: bytes
content-length: 244
expires: Fri, 16 Jun 2023 14:02:16 GMT

GET
H2 200 globe.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/utility/ 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/utility/globe.ashx?modified=20221020215152

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 May 2023 13:46:31 GMT
x-azure-ref-originshield: 07k8UZAAAAAAdLYXuHTuFRY7dLxahGVsbRlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="globe.svg"
content-length: 749
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:52 GMT
server: Microsoft-IIS/10.0
etag: 7d221ab6182243ebb9f626238749ba99
x-azure-ref: 07k8UZAAAAAC4FjBRdatBTbYKeUrT0Wn4RlJBMjMxMDUwNDIwMDI1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=865298
accept-ranges: bytes
expires: Wed, 07 Jun 2023 14:08:09 GMT

GET
H2 200 in.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 768 B
1 KB 18ms
17ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/in.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
x-azure-ref-originshield: 0bfFcZAAAAAABv2swcMo6Q4VenVy6OJBwRlJBMjMxMDUwNDE3MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: e3eaed4027ef45f381a9ca6767b60f64
x-azure-ref: 0bfFcZAAAAAClJg12YllMRqkgF2a8YZ0hRlJBMzFFREdFMDQyMAAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/svg+xml
cache-control: public, max-age=1123083
content-disposition: inline; filename="in.svg"
accept-ranges: bytes
content-length: 768
expires: Sat, 10 Jun 2023 13:44:34 GMT

GET
H2 200 tw.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 1 KB
1 KB 26ms
25ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/tw.ashx?modified=20221031144531

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 May 2023 13:46:31 GMT
x-azure-ref-originshield: 09JdjYwAAAACjWL4py2iZTJsk7Amd2x+6RlJBMjMxMDUwNDE4MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="tw.svg"
content-length: 689
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:31 GMT
server: Microsoft-IIS/10.0
etag: 1cfd65ea761243428664256ff1a11d92
x-azure-ref: 09JdjYwAAAAA5i67rqYxcRpgEo+Z1Km0PRlJBMjMxMDUwNDIwMDM1ADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1123065
accept-ranges: bytes
expires: Sat, 10 Jun 2023 13:44:16 GMT

GET
H2 200 fb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 403 B
893 B 20ms
19ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/fb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
x-azure-ref-originshield: 0tXtjZAAAAAChx0IiehNmTJbRneimuJfARlJBMjMxMDUwNDE4MDUxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: 2972ab029c2e47d18428a81633dd48a5
x-azure-ref: 0tXtjZAAAAACEVwspKxdkSqRUekSOVRLyRlJBMzFFREdFMDQxMQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/svg+xml
cache-control: public, max-age=1551666
content-disposition: inline; filename="fb.svg"
accept-ranges: bytes
content-length: 403
expires: Thu, 15 Jun 2023 12:47:37 GMT

GET
H2 200 gb.ashx
content.secureworks.com/-/media/Images/shared/icons/social/ 2 KB
2 KB 15ms
15ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/social/gb.ashx?modified=20221031144532

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 May 2023 13:46:31 GMT
x-azure-ref-originshield: 001prZAAAAAAR8GWVipEvTrTUZEfp7xbeRlJBMjMxMDUwNDE4MDIzADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
content-disposition: inline; filename="gb.svg"
content-length: 1230
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 14:45:32 GMT
etag: e9232effb940416d99f84a976e984c00
x-azure-ref: 00lprZAAAAAANSPeEQsckSI8T4vY2CkWaRlJBMzFFREdFMDQyMgAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2067585
accept-ranges: bytes
expires: Wed, 21 Jun 2023 12:06:16 GMT

GET
H2 200 right-arrow.ashx
content.secureworks.com/-/media/Images/shared/icons/buttons/ 270 B
779 B 19ms
19ms Image
image/svg+xml 2a02:26f0:780::5f65:3679
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.secureworks.com/-/media/Images/shared/icons/buttons/right-arrow.ashx?modified=20221020215130

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::5f65:3679 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 13:46:31 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Oct 2022 21:51:30 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0LfrLYwAAAAD8RpEKAOsbQIJjoozvo2XARlJBMjMxMDUwNDE3MDMxADNhNjliMjRhLWU0YjItNDhhMC1iYjk2LWZlZDRlOWYzODJiYg==
etag: b074483aa26d4f8ebd6e202c749c1289
x-azure-ref: 0LfrLYwAAAACvlfAAhucwRb9VwFwTf/NIRlJBMzFFREdFMDQxNQAzYTY5YjI0YS1lNGIyLTQ4YTAtYmI5Ni1mZWQ0ZTlmMzgyYmI=
content-type: image/svg+xml
cache-control: public, max-age=769795
content-disposition: inline; filename="right-arrow.svg"
accept-ranges: bytes
content-length: 270
expires: Tue, 06 Jun 2023 11:36:26 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 46ms
16ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ThapKUuw9e9x4Kb6BZJd6A==
age: 72052
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6767
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 19:30:01 GMT
server: cloudflare
etag: 0x8DB5D566F4AC291
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc59b92d-c01e-0144-08f7-8f42df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bcbc0c18bb-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 15ms
14ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 13:46:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Tue, 05 Sep 2023 13:46:31 GMT

POST
H/1.1 200
OK visitWebPage
725-smc-563.mktoresp.com/webevents/ 2 B
318 B 1150ms
99ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://725-smc-563.mktoresp.com/webevents/visitWebPage?_mchNc=1685281591801&_mchCn=&_mchId=725-SMC-563&_mchTk=_mch-secureworks.com-1685281591800-53768&_mchHo=www.secureworks.com&_mchPo=&_mchRu=%2Fresearch%2Ftampering-with-conditional-access-policies-using-azure-ad-graph-api&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 13:46:32 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d368fba9-9959-42ee-856e-48557cbd6dd9

GET
H2 200 1bdee92e-dd5f-49d1-9ccb-9a788319e959.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/ 4 KB
2 KB 34ms
20ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/1bdee92e-dd5f-49d1-9ccb-9a788319e959.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781dc9c95c41aa6fd5e82cc92fd2387a7ec63fe7c87d2fff40139723a0429052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: biKqC3j7c5ZnW5KBlHEFzA==
age: 43354
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1616
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 22:09:27 GMT
server: cloudflare
etag: 0x8DB5BDA5FBB98A4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ba4f6856-c01e-0004-56c3-8d2d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bceb39bc03-FRA
expires: Mon, 29 May 2023 13:46:31 GMT

GET
H2 200 nanoTrackerv3-0-2.ashx Show response
www.secureworks.com/-/media/Assets/js/shared/ 16 KB
6 KB 17ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.secureworks.com/-/media/Assets/js/shared/nanoTrackerv3-0-2.ashx

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6Z7M2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 20:30:41 GMT
content-encoding: br
vary: Accept-Encoding
x-azure-ref: 20230528T134631Z-9h2hqszh7t6x10ec84f4dean7s00000000w000000001hs20
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=2534662
content-disposition: inline; filename="nanoTrackerv3-0-2.js"
expires: Mon, 26 Jun 2023 07:33:55 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
296 B 64ms
39ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7ce6f1bd2b256955-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/ 401 KB
97 KB 16ms
16ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: f9AvZgohx9TU9t078cCRXA==
age: 58932
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99020
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:14 GMT
server: cloudflare
etag: 0x8DB51E951BA9202
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c1394cd4-d01e-015b-13d8-8399cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bd7d0818bb-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/6100965c-dab8-4356-a34f-a357e219a4fa/ 73 KB
14 KB 26ms
26ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1bdee92e-dd5f-49d1-9ccb-9a788319e959/6100965c-dab8-4356-a34f-a357e219a4fa/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aec55108d757697d2ac5b2893ec4f60377b5415cf8afe029c21d8b2c46d5b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dqk87geaqPhhEGDVgkgrVA==
age: 43354
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14124
x-ms-lease-status: unlocked
last-modified: Tue, 23 May 2023 22:09:31 GMT
server: cloudflare
etag: 0x8DB5BDA62220740
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ba6cf668-401e-009d-1dc3-8da2a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bdac3dbc03-FRA
expires: Mon, 29 May 2023 13:46:31 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 10 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6a316993e74e58abc10e08adf78c437a8a6b4681bdc08b3dde0587a0eb3176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0n+3VGdW2op3e0CnKIlgXA==
age: 43354
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2700
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:09 GMT
server: cloudflare
etag: 0x8DB51E94E9A8614
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3b123ec8-201e-0128-12c3-8de90c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bdec93bc03-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/ 61 KB
12 KB 17ms
17ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: U0I+ien3T2GIYJcFxPdemQ==
age: 43354
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:10 GMT
server: cloudflare
etag: 0x8DB51E94F811CDE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2b4bff26-801e-0047-04c3-8d078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1bdec95bc03-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202304.1.0/assets/ 21 KB
4 KB 18ms
18ms Fetch
text/css 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202304.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 9387
x-ms-lease-status: unlocked
last-modified: Thu, 11 May 2023 06:31:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 71cb85d7-901e-001c-13c3-8d00f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7ce6f1bdec97bc03-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
624 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 33625
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 19:30:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: de8e43c5-101e-0109-498c-8f843d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7ce6f1be0ddd18bb-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
512 B 15ms
14ms Fetch
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202304.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 9387
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 19:30:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 992142c6-601e-00ec-7ab9-8fd09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7ce6f1be1ceebc03-FRA

GET
H2 200 SW_logo_black_print.png
cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/ 22 KB
22 KB 18ms
18ms Image
image/png 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/7465cc90-ea12-4f33-80a4-557abead3b10/1bdee92e-dd5f-49d1-9ccb-9a788319e959/4cc354d6-2763-454f-a29d-f10f1788b6aa/SW_logo_black_print.png

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2qjIoAdJjqAKBeXNXVdNEg==
age: 59273
content-length: 22030
x-ms-lease-status: unlocked
last-modified: Tue, 22 Mar 2022 06:08:54 GMT
server: cloudflare
etag: 0x8DA0BCA71F312CB
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b37aa1b8-f01e-00c0-19e1-5a52a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7ce6f1be2e0618bb-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 23ms
23ms Image
image/svg+xml 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.secureworks.com
URL: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.secureworks.com/research/tampering-with-conditional-access-policies-using-azure-ad-graph-api
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 May 2023 13:46:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 27291
x-ms-lease-status: unlocked
last-modified: Thu, 25 May 2023 19:30:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b3111f2c-101e-00a7-014e-8fe105000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7ce6f1be2e0918bb-FRA

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: bc4d0d589cdd830a74dc42c91effb730
www.secureworks.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: bc4d0d589cdd830a74dc42c91effb730
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSA Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
www.secureworks.com/	1969-12-31 23:59:59	Name: ASLBSACORS Value: 000324501d25b26c9ef74498b383832cf14f430493e57754c5a6d7b2ba2406e6f0a5
.secureworks.com/	1970-01-20 21:44:01	Name: _mkto_trk Value: id:725-SMC-563&token:_mch-secureworks.com-1685281591800-53768
.secureworks.com/	1970-01-20 20:53:37	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+May+28+2023+13%3A46%3A32+GMT%2B0000+(GMT)&version=202304.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.secureworks.com%2Fresearch%2Ftampering-with-conditional-access-policies-using-azure-ad-graph-api&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'nonce-OGQ0YmUxNzExOWY3NDc0YjlmZWE4M2VjYjJiNThhOWM=' 'sha256-wY8ZJu7Uu8c5AFYGRuoE7SNBraw8IAkl5Yz+glnnte8=' 'sha256-UGfgrQ+GKJogDAQthuGt5lpepOeF3ypbYTr2PPxcBdU=' 'sha256-hUiPqjPAx0BTYk+HP/Ohq7cZFW+CFLUDreW74sIBUJk=' 'sha256-MWnKpq2mO4B+C/F7fLTeifs05WkVCc8Hkl+SzXGUmtI=' 'sha256-QiHtJSgKkeO/qh+2A9GCUt3xk8ONLQAa6uua+j+nHLg=' 'sha256-7+1sMW/o6RcIncEOmuvZbRThB6NRZLwQjvsqQAGehKA=' 'sha256-tYinntSHdpRdg0LwZuBycjWqxaMdCzBdOnOGsSZH2Ho=' 'sha256-DP0AJIADL+tS8s/bg6t7xbMHunrd17JCuOgpyNjxt/M=' 'sha256-sqwbnK0D7p9u3WG0lgAYLYmp/byKS9zlT2eFORz1SDY=' 'sha256-L436NBsgbW4nnr2zz6geY9aouLDwQiH+458+ny7TeJ8=' 'sha256-t21JzuoP0AGVdHYfaGtWzFviQ1hj34OuECR3Ur2P1Dk=' 'sha256-kmGPVWtzfwq6b9fEOy1NmWxrKyxreHZU5tKvRxQpDMA=' 'sha256-SAqGhA/G1eraYlnHKoGwPlIvGfOo45eq5hoyKq2LnUY=' 'sha256-+08d4MzO/if2DlZslM+0a0gvpYaPHK7ilzV9yUXHxRo=' 'sha256-5RKybv4IYG3Rt1CcIXoS1OAD7D0vjWLop/a6KVpWxM0=' 'sha256-N/Mk5WIdXnJRlsc5rmMcLJsovC5ozGJ5BmVdRxKOeNc=' 'sha256-XJEfHQ97N7xwKM6MQXMpabeUHxVT647JYAYwrOX6sQQ=' 'sha256-sdKFLBOaDq01ySztbW/n0JnIwsMIlCr7AaMAznJOqA0=' 'sha256-7pyFNQ34QDbIyjfqF4dboUBH/FqtGtJgw7KPgC+aKY8=' 'sha256-yYGe3YxZ1stILsg6s+TKQ7ACovlrQ/V7H5hpGiko1EI=' 'sha256-JcTUCZru8bIzmyUfGjmyP1Nwn0ccUuwLyJA5/jgV2jI=' 'sha256-zEF/ALwwDYV2nZ+rdYGh2XpjU1lbO3oZ2osZayOlmpw=' 'sha256-ErdS+5vyua60ApoR4T4MK5hMhAxO8I75iqTuR4st0lk=' 'sha256-dgOinhXczUSm4ADnOKjecy4HqoIpihiWY1xMUGi3KiE=' 'sha256-bAZaADjFxXYURQUP9Z4p4eiIim+gCGst1ZWemjLGJxo=' 'sha256-x3E2vOOOHY24kNAmZOQxorAyW5o6cX3R7J5Jg+RTqZY=' 'sha256-WJHVKi7ReHnWJF4AUmd9vWDpqeX8GVtEsyAJP01M130=' 'sha256-mvYU2m+aQi6xWWVpxauZ/UaXg+HkwxCv4r/qVBDAm3A=' 'sha256-IgMQOOOedQeMPBl7lSreMVPmJvU62bc6l8HcsGXnbWc=' 'sha256-Ov0LRI92VqZTYbOhyIvK8iFCm9rBs/HXaYLwlDMrra0=' 'sha256-HjgaVwCCuGQHih00gvN/PUGZuGwVIWd/6sThgUEi83E=' 'sha256-7oEVqsTDSU0XTGoiH3B7bXM3sMDjv58JCTndWi8pUKw=' 'sha256-ZlXTkZmAmWswFmM/VCVi0DLagBh+F9JWQiK/yRsf7yc=' 'sha256-76Yt/S5cofMdn9d5/cJOU32zSvhw1A8QJDSgL1c0YRI=' 'sha256-z4pF+zMq94+GUUF273G0WvSAL91jUazcB1NOISkNlzk=' 'sha256-4OIRiOWgv2ak/dapUtCUuoqEUnVBrH8A9LJCp3dthUw=' 'sha256-ew0tynw+zAqBiv217Nj202XmktwGvkQU7jXqQMotiHg=' 'sha256-2mFyIAC6FjDBvAg15BPawsugazV1sKm4T9x09V76BK0=' 'sha256-kxoZz5p2Ko+K+FXi8lIZc2opwhJF9WD4/wy9+dLYHzY=' 'sha256-+ThII46Fk+h63393vJ+nvAEZnTSXIwpqVJDSklAo5eM=' 'sha256-hUowsewUBuLRjFz7Z3pohTKe/pX/uO7uKD1k25qHLQY=' 'sha256-pMZUEpT65ftOEzHdiYyq/2vt545RymVHJSh5H2y5BDk=' 'sha256-nGkmLI0CpGjUy6Gg2vRE6xAh+vU4jlNVmPB+55WJmn8=' 'sha256-j6LWS7Q+Wsyd91b6000yHCoIqUaJIJQq56Lw3XQPcHA=' 'sha256-XQ6pUmmjpjpunCfT67q0ACDA7NqxLJx1iJwCFhC73wo=' 'sha256-tCniuKIyeHpfi5vxJOgLkz0eRI+cerKWFRsy5hMt5V0=' 'sha256-EZaJwK6Bh4sdKWjgv6zhJUdT2ISL4NhEQSPYf++uAeU=' 'sha256-1T7dud0UtKJZdhJcgsp1gh8MZDyA3S8DIsOpB3+co4M=' 'sha256-g6A8gRllShDRUg9hmXQZ0ZvMQ35F4jsarESQIDJtpE4=' 'sha256-y6vRm9V8P08qfB27ukHo07LF4IM00RKuKNzQBfsBlgg=' 'sha256-1GbAOPSdN7GyL999DpkIzp8XYAH1OP43heqQi7uU3FQ=' 'sha256-1p8zU6DNbl/tn8sFUoVBsvAF+dwRMDHK3WXM4vqIhDc=' 'sha256-a/dU49b8+CePl3YeekAugUB79FoCfbN22DFVyavn9pM=' 'sha256-39FcaN3WyGnHnf2UX+fHrSBSJq4KI6BETrXNemtzDa8=' 'sha256-4N1dEVT13lNPCpxXX2XuIlfUBwZp3wNLb/hBbSKGESA=' 'sha256-hNSRZgUy89mPGFidDBRWC4Ed4jKTrCtZP2zeBPNbdeI=' 'sha256-CD2LEDjz/KtOaC5rzryax+qZEQVmnKcZAQsqnSqAIXw=' 'sha256-FKJXEsmjg1Bgqi33LGcZCFxDahpEPN6prnNBVDxvfhc=' 'sha256-GNXg66Qlqpdgh9Nsv/+xAVNgfxsTWLi+TUdpxamXMuU=' 'sha256-TKtnYUWk/B6gzo2immnWBOjewDye+cXQBoAlykzhX/s=' 'sha256-BMQXzfchDpNs+zYF2cO7o9iAJtoSq+2OX45TfNM/cdA=' 'sha256-IECBAorlkKUYQadvB50kjQC3oIqb9xKfOB+cVXdarE0=' 'sha256-c+xyt9U1PbPeI7Pot035l4MckCT6qHAzxiBA5t+7KPE=' 'sha256-bZ4r9bNMpnkokR0Gwp+X+Y0qYhZKQwglL8B9TAvMsrA=' 'sha256-GNsgzTmK93RFT4ppB/KnAwm9wVkth71ceJVqrzSGC6M=' 'sha256-NMtcHh/vZkcUq5lHSUz2dzv8n1jv1SFeNewgEGvik4k=' https://code.jquery.com https://pages.secureworks.com https://js-agent.newrelic.com https://bam.nr-data.net https://content.secureworks.com https://pcdnscwx001.azureedge.net https://munchkin.marketo.net https://app-ab44.marketo.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://tagmanager.google.com https://translate.google.com https://bat.bing.com https://connect.facebook.net https://ad.atdmt.com https://static.ads-twitter.com https://analytics.twitter.com https://www.linkedin.com https://px.ads.linkedin.com https://snap.licdn.com https://sjs.bizographics.com https://.vimeo.com https://.vimeocdn.com https://j.6sc.co https://b.6sc.co https://.6sc.co https://epsilon.6sense.com https://.rlcdn.com https://gateway.zscaler.net https://geolocation.onetrust.com https://optanon.blob.core.windows.net https://cdn.cookielaw.org https://trk.techtarget.com https://api.rollbar.com https://.drift.com https://.driftt.com https://.simplecast.com https://.crazyegg.com https://script.crazyegg.com https://widgets.ziftsolutions.com https://hammock.hotprofile.biz https://transfertool.hotprofile.biz/production/ https://m-store-hammock.hot-profile.com/hot-profile/ https://wa2.hot-profile.com https://.on24.com https://.ceros.com https://app-script.monsido.com https://monsido-consent.com https://tracking.monsido.com https://.redditstatic.com https://.ensighten.com https://.ml314.com https://.choozle.com https://.bluekai.com https://cdn.bizible.com https://cdn.bizibly.com https://ws-assets.zoominfo.com https://ws.zoominfo.com https://insight.adsrvr.org https://js.adsrvr.org https://.clarity.ms https://static.ads-twitter.com https://cdn.pdst.fm https://.cloudfunctions.net https://tag.demandbase.com https://.bidr.io https://.company-target.com https://www.teads.com https://p.teads.tv https://www.facebook.com connect.facebook.net; img-src 'self' https://.vimeo.com https://.vimeocdn.com content.secureworks.com .secureworks.com id.rlcdn.com .googletagmanager.com cdn.cookielaw.org .gstatic.com optanon.blob.core.windows.net web.secureworks.com bat.bing.com .google-analytics.com j.6sc.co b.6sc.co c.6sc.co epsilon.6sense.com www.google.com attr.ml-api.io s.ml-attr.com www.google.com.ua secure.adnxs.com apt.techtarget.com id.rlcdn.com px.ads.linkedin.com .adslinkedin.com p.adsymptotic.com www.linkedin.com static.ziftsolutions.com .crazyegg.com .redditstatic.com alb.reddit.com .ensighten.com ml314.com .choozle.com .bluekai.com cdn.bizible.com cdn.bizibly.com tracking.monsido.com .clarity.ms analytics.twitter.com t.co .bidr.io .company-target.com www.facebook.com t.teads.tv https://ssl.gstatic.com .secureworks.com https://www.gstatic.com blob: data:; frame-ancestors 'self' .folloze.com *.secureworks.com; worker-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

725-smc-563.mktoresp.com
cdn.cookielaw.org
click.cloudseclist.com
content.secureworks.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
munchkin.marketo.net
www.googletagmanager.com
www.secureworks.com
104.64.124.188
192.28.144.124
2600:9000:223c:6800:17:880d:1a00:93a1
2606:4700::6812:1d26
2606:4700::6812:a972
2620:1ec:bdf::45
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
2a02:26f0:780::5f65:3679
0049c42b57e92164c558905bff7c17441afe55dc569f0062162e77a532964b80
01922d641b94002b4861c92b1462f8e9008baaa53707603d64a5b97fee783b03
03e029485707421e0748d64d0e4ee7e06c9f687c5237a2a26e42095ea40e6d79
08681ba3da35c665e877f6f9a6e158ff94b4d96c363610cdb061ebb79a718c35
0b817ddec3728ea011d21f345670ed6c213d08a71a15ade591680bfaba85960e
0d68a71ebd1e7c5abd93a220c526e9560bd0ac6eb9126f3a5996386c4b55e5c9
0d6a316993e74e58abc10e08adf78c437a8a6b4681bdc08b3dde0587a0eb3176
1114132a79b42ce8e5064f57a1560a3b3f0e1659afc33e4698bab53e1301fbfd
154248124c7d6ba28a3d741311104b4d4a503dad23095470f663f2613532c733
1d545fb9867ff4a940680efaf5e6808fbd25c02830e0edbbb62e56743117e066
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22494645cd5c6508829ef760cfafdf7292ddfbb824f23a323b6d3f3bd10a2538
2873a9c4cda9c8aeb1b306eafcf4a68b5e6c378bee83a86f8ee7c80fc222765f
2aec55108d757697d2ac5b2893ec4f60377b5415cf8afe029c21d8b2c46d5b37
2fa6f3785d219b3929aaad69606e235412ac6684772688169876261b4d6a21d2
30a584b184cc0bffda4f65106a5440dd18027f5d832d74b56ee5d219b3b48cd6
318f094b79b56bc57c182543d28cffa228816b3d53a1361ad21d9830cfc4f55b
3931826d11b4250a6e4d10a8249417bbdf73eb1a03f95f124b790b5c8a576bab
3c7024701a817fee5de0e62bb8d83edb43e08a9be594dde00fd2d2fcf5a20fd0
4066ce5bd6ae7efabc8d94a17449f3d56f11392ed5190f43e93ad94850ccb312
4783c14b454a0845e7df0c96999636e8ae0cf017ce1fc389d606d95c156686b2
48877d82a8f49ff6ea6f294e93ba92548b419031b165ddf46be3e73d2fbb8986
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
580f93a53e8000358f5a3614df2673819b592823d665d492a3d8c2b8fcc0ca8b
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5dd6dad52096305273e03edc509f476f0b590b6f6df5025e4c47ffe83a2e9ba3
5f2d6e604ad2bafcb500a244f270fa557c8275586dc31c9058a1cfa4f46d125f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62e55cc7119c6aae1e7aaac1870c9796ccc25fccdd4937f126f6114e66fd3b5a
64ba221769f51fcba3ae03ff9ebccac7cc1017e5f10900475b871ecfe7bda514
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6dc1b0ab35fb9d4767cb3de9c9be1636d298bb184174d0e5f97f17e09bc9123d
781dc9c95c41aa6fd5e82cc92fd2387a7ec63fe7c87d2fff40139723a0429052
7863ca6b764cf33a59a47bd455e1ef2713b5599e78e8d5b1803c0e8844186b70
7a95bb2a4288218ec1550340deadd67b333d50b538260b6644063d88bef7e5c4
7f675f2914bdf134d49163a7f780c40d417587c1b14fa58f5071dff9b2cc0655
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
916e93ef2c52b1fd27410cd200d071c8a53d5270490214b29534c138dc88605c
98842c0f43a891b9264682dda87aab221bbe5aabfc08cb44f6785df5cf595326
9eb064a8d93265a1b1bb725f0db9c1d209a4efdae9eca7ddc67a094755c64b4f
a7f3c358625c7880dd47f9ba4cff8f733a793bc00fec26abbb2b5bf36df6ca1d
abf52b4d1e0faaa69769ba8ff940e9f8ca5a5f3ddc3ef8c4a0f219011e23725e
acab313c63272e3f0bb60aa5a6ed41833ac2b2a7eb487aa88cf492f2754ffa86
b96ae3ad93fc2ec81fe1f623ba74a9f3f607f2ea79c7b741e55b73366b41cf73
ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9
baa55d1d4627050073e047eb2f9dbe86720736f51f37a116602e5705c3966b33
baacf8d144dbd8a579bde4d8221f515052f5eeb8a3a81cb6415cea17b4e30f9f
bdc09e89328d3def776e8852321bb917ae3295695d5222f68419605aeefc9dc1
c02d3bd7cf793ce7595b249c20c7bdedd8c407a430e3ff6cc210092eb4119dbb
c14c30ca00b3badf163de6dc6d1ee20208fc164bacc5b2dd5bee60d13a80cda0
c2f15609bdc44ef0009fda7902639ed493b8a26a00a58b905e0768f67c93b2ad
c311e9a6d0771335f6418f47286cd53c621d871486b1a736e0d079712426376e
c414c4b0d50c45bc35cd0beae9dd6e255bc68bb44b7f2298f55ad4e1ba9efec0
c535c494eb4dbfb732fb09f9716097de5e1c84f1d841a5c98eb14903c1376270
c97d6fa5b4ad8db4c6110b5e4a13eb698c381f580cb44440813c04f369df0a56
ca6538789c7267c0fd372b35a2de78fe51227c09651cc785afeae0b485913548
ce2bd19d440faa31ed05d646e09bebfbbc3a9fd0f9a07ca21a909609a0f5e5ef
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d06f16436de248c88426110742cf0fa0e9fe7a2707399ecb2f27b3425a6b6162
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d774717dcbf112735e877fa11abd3b7a3e9ce75c82935d0a78724132c8ca1fe3
d7d3a7a686ef4505635cf6a680988fc8daab2b19bcf8cc70cbd985757f506c1d
d9440fd539ff86f4d5aff8ef988ff3abc88f901699b1272a964d8c5d4e77eda2
db61679243f9f3b5a03de90b1ad228130ad3e87b79b9d153ce1ca6afbdf9a2b0
de6d8a47cec4588dda5fa6c2e740964935f236bf5dd4ecd55908cf59b558d879
deda0ecf832039099d8f8128be2c332dd0a6b86699f74eefaec26df8f8572f5b
e7a55959687a0af1b5080fd3ed56094717857d6dd023dd577619c0f0879b1af2
ece8ad5ecde1ff2cf7788665539df6589c0c909fa43a5c6f31bec7f11c2fb0c7
ef2ca5ac3d9cf4d005d7294562694e44b40efd2c194722721a52743c2f43f1a6
fa85f97108080f24b26ca0450d471edf522d233337c1b73e41ab4a27d19ac94f
fbb0995554fef3d2e17767e42318987a6b0196ec4572d2c61da94534e8698848

www.secureworks.com Open in urlscan Pro 2620:1ec:bdf::45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

80 %IPv6

9 Domains

10 Subdomains

9 IPs

3 Countries

2978 kBTransfer

5096 kBSize

6 Cookies

31 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.secureworks.com Open in urlscan Pro
2620:1ec:bdf::45 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

2978 kB
Transfer

5096 kB
Size

6
Cookies

72 HTTP transactions
0 data transactions