urlscan.io logo urlscan.io
SecurityTrails logo

redcanary.com Open in urlscan Pro
104.198.136.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjKuMzdg8-EAxWVWkcBHb6iALwYABABGgJxdQ&ae=2&gclid=CjwKCAiA0PuuBhBsEiwAS...
Effective URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%...
Submission: On February 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 5 countries across 34 domains to perform 131 HTTP transactions. The main IP is 104.198.136.223, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is redcanary.com. The Cisco Umbrella rank of the primary domain is 566366.
TLS certificate: Issued by R3 on February 13th 2024. Valid for: 3 months.
This is the only time redcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.185.130 15169 (GOOGLE)
15 104.198.136.223 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 104.17.71.206 13335 (CLOUDFLAR...)
5 152.195.15.58 15133 (EDGECAST)
8 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a04:4e42::644 54113 (FASTLY)
1 52.92.213.96 16509 (AMAZON-02)
2 2.23.65.88 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2.19.198.240 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 199.232.188.157 54113 (FASTLY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a04:4e42:600... 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 3 185.89.211.12 29990 (ASN-APPNEX)
1 2600:9000:20c... 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 2a04:4e42:400... 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.28.147.68 15224 (OMNITURE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.248.142.121 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
1 18.173.154.4 16509 (AMAZON-02)
1 44.205.50.190 14618 (AMAZON-AES)
1 18.239.94.93 16509 (AMAZON-02)
1 18.239.18.97 16509 (AMAZON-02)
1 52.48.86.55 16509 (AMAZON-02)
1 35.186.247.156 15169 (GOOGLE)
2 52.217.73.112 16509 (AMAZON-02)
131 48
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
15    104.198.136.223 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.136.198.104.bc.googleusercontent.com
redcanary.com
1    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
resource.redcanary.com
5    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
8    2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)
js.qualified.com
assets.qualified.com
10    2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    52.92.213.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
2    2.23.65.88 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-65-88.deploy.static.akamaitechnologies.com
munchkin.marketo.net
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2.19.198.240 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-240.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    68.67.153.60 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net
s.ml-attr.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2600:9000:20c3:b600:12:3734:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
attr.ml-api.io
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    192.28.147.68 (United States)

ASN15224 (OMNITURE, US)
003-yru-314.mktoresp.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2600:9000:20c3:e400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-ssl.wistia.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:26f0:7100::210:180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com
epsilon.6sense.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:211a:8000:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pipedream.wistia.com
1    18.173.154.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-4.muc50.r.cloudfront.net
distillery.wistia.com
1    44.205.50.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-50-190.compute-1.amazonaws.com
app.qualified.com
1    18.239.94.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-93.ams1.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.239.18.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-97.ams58.r.cloudfront.net
assets-tracking.crazyegg.com
1    52.48.86.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-86-55.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
2    52.217.73.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
qualified-production.s3.us-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
22 redcanary.com
redcanary.com — Cisco Umbrella Rank: 566366
resource.redcanary.com
633 KB
14 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4406
embed-ssl.wistia.com — Cisco Umbrella Rank: 8941
pipedream.wistia.com — Cisco Umbrella Rank: 7023
distillery.wistia.com — Cisco Umbrella Rank: 7119
426 KB
11 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5326
c.6sc.co — Cisco Umbrella Rank: 8195
ipv6.6sc.co — Cisco Umbrella Rank: 5498
b.6sc.co — Cisco Umbrella Rank: 3594
26 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2343
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5331
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5301
tracking.crazyegg.com — Cisco Umbrella Rank: 4117
75 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 99
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2663
37 KB
9 qualified.com
js.qualified.com — Cisco Umbrella Rank: 19082
app.qualified.com — Cisco Umbrella Rank: 20335
assets.qualified.com — Cisco Umbrella Rank: 21624
952 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
451 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 350
www.linkedin.com — Cisco Umbrella Rank: 615
px4.ads.linkedin.com — Cisco Umbrella Rank: 6418
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
4 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 6579
26 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6553
625 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 502
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 368
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
282 KB
3 amazonaws.com
s3-us-west-2.amazonaws.com
qualified-production.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 28157
67 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 9224
716 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
69 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1234
10 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 805
17 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3542
7 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 362
fonts.googleapis.com — Cisco Umbrella Rank: 32
32 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 164
324 B
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 12009
204 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 mktoresp.com
003-yru-314.mktoresp.com
318 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1399
637 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 802
394 B
1 t.co
t.co — Cisco Umbrella Rank: 660
376 B
1 ml-api.io
attr.ml-api.io — Cisco Umbrella Rank: 18960
235 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 15341
278 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 783
15 KB
1 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 330
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 136
890 B
131 34
Domain Requested by
15 redcanary.com redcanary.com
cdn.bizible.com
10 fast.wistia.com redcanary.com
fast.wistia.com
cdn.bizible.com
7 assets.qualified.com app.qualified.com
7 b.6sc.co redcanary.com
7 www.google.com www.googletagmanager.com
resource.redcanary.com
redcanary.com
www.gstatic.com
www.google.com
7 resource.redcanary.com redcanary.com
resource.redcanary.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 www.google-analytics.com www.googletagmanager.com
cdn.bizible.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 px.ads.linkedin.com 3 redirects cdn.bizible.com
4 cdn.bizible.com redcanary.com
cdn.bizible.com
3 www.google.de redcanary.com
3 secure.adnxs.com 2 redirects j.6sc.co
3 bat.bing.com www.googletagmanager.com
bat.bing.com
redcanary.com
3 www.googletagmanager.com redcanary.com
www.googletagmanager.com
2 qualified-production.s3.us-east-1.amazonaws.com
2 pipedream.wistia.com fast.wistia.com
2 epsilon.6sense.com cdn.bizible.com
2 fonts.gstatic.com www.google.com
2 stats.g.doubleclick.net www.googletagmanager.com
cdn.bizible.com
2 connect.facebook.net redcanary.com
connect.facebook.net
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 j.6sc.co www.googletagmanager.com
j.6sc.co
2 munchkin.marketo.net redcanary.com
munchkin.marketo.net
1 sentry.io assets.qualified.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 app.qualified.com js.qualified.com
1 distillery.wistia.com fast.wistia.com
1 cdn.bizibly.com redcanary.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 www.facebook.com redcanary.com
1 embed-ssl.wistia.com redcanary.com
1 px4.ads.linkedin.com redcanary.com
1 www.linkedin.com 1 redirects
1 003-yru-314.mktoresp.com munchkin.marketo.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 alb.reddit.com redcanary.com
1 analytics.twitter.com redcanary.com
1 t.co redcanary.com
1 attr.ml-api.io redcanary.com
1 s.ml-attr.com 1 redirects
1 static.ads-twitter.com www.googletagmanager.com
1 adservice.google.com www.googletagmanager.com
1 fonts.googleapis.com redcanary.com
1 s3-us-west-2.amazonaws.com redcanary.com
1 js.qualified.com redcanary.com
1 ajax.googleapis.com redcanary.com
1 cdn.cookielaw.org redcanary.com
1 www.googleadservices.com 1 redirects
131 54
Subject Issuer Validity Valid
redcanary.com
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
resource.redcanary.com
Cloudflare Inc ECC CA-3		 2023-04-02 -
2024-04-01		 a year crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-01 -
2024-07-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-01-23 -
2024-12-31		 a year crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
6sc.co
R3		 2024-01-29 -
2024-04-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-08 -
2024-03-07		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-07 -
2024-10-07		 a year crt.sh
*.wistia.com
Amazon RSA 2048 M02		 2024-01-01 -
2025-01-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.6sense.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
app.qualified.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-11		 a year crt.sh

This page contains 5 frames:

Primary Page: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Frame ID: 790466525B608ECDC3F873D09182FBDB
Requests: 106 HTTP requests in this frame

Frame: https://resource.redcanary.com/index.php/form/XDFrame
Frame ID: 4449AB30967DAB79A63FAA0F2AC595BD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Frame ID: 17D92D347F1050AF4F67F8E6FDE9FCD2
Requests: 8 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0096/9416/site/redcanary.com.json?t=1
Frame ID: 6463B344923E4528FC1BD0966B0EC5EA
Requests: 5 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Frame ID: 068BDF74DD0A44FDA7A178A85C9787D2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Incident Response and Readiness Guide - Red Canary

Page URL History Show full URLs

  1. https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjKuMzdg8-EAxWVWkcBHb6iALwYABABGgJxdQ&ae=2&gclid=C... HTTP 302
    https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

131
Requests

96 %
HTTPS

55 %
IPv6

34
Domains

54
Subdomains

48
IPs

5
Countries

3169 kB
Transfer

14381 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjKuMzdg8-EAxWVWkcBHb6iALwYABABGgJxdQ&ae=2&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&ohost=www.google.com&cid=CAESVeD2xB0YGIE8dIZlwkj3mmMlgYcW5cL4fjS8Sg2scEmEeqCyX636zGhUd8LeVohhTEr2zBhorKV5wHtpSfB7dM937ddlVRZvkEDsV65TFjMPvsYGaZ8&sig=AOD64_1qPMl4GZKD8eFRMYOvYtSAdZoZwQ&q&adurl&ved=2ahUKEwjM5sTdg8-EAxU8g4kEHTWxDH84FBDRDHoECAAQAQ&nis=8&dct=1 HTTP 302
    https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=redcanary.com&pId=3465692068725799493
Request Chain 50
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1540753%26time%3D1709157519582%26li_adsId%3Dae831d1e-189e-42df-b1f3-19c2af8d5c79%26url%3Dhttps%253A%252F%252Fredcanary.com%252Fresources%252Fguides%252Fincident-response-preparedness-guide%252F%253F_bt%253D561227456370%2526_bk%253Dincident%252520response%252520playbook%2526_bm%253De%2526_bn%253Dg%2526_bg%253D132693180434%2526gad_source%253D1%2526gclid%253DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&cookiesTest=true&liSync=true&e_ipv6=AQKzzDZ8s8YXLAAAAY3xuhJ-D1-B6oK4OAjVqoX_O5URdnvrFLk7lvLI8VPx4rPxpWp3NSkVZT7pfJ3vJUkjK94ZzPlPgw

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
redcanary.com/resources/guides/incident-response-preparedness-guide/
Redirect Chain
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjKuMzdg8-EAxWVWkcBHb6iALwYABABGgJxdQ&ae=2&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_B...
  • https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwA...
394 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
4397d54da90919f1a74f5bb52e982b707c611277760c89e1dc5802d09149f631
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 21:58:38 GMT
link
<https://redcanary.com/?p=35427>; rel=shortlink
server
nginx
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-pass-why
custom-args
x-powered-by
WP Engine

Redirect headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 21:58:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
adclick_server
x-content-type-options
nosniff
x-xss-protection
0
otSDKStub.js
cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/otSDKStub.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 11:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 11:15:00 GMT
forms2.min.js
resource.redcanary.com/js/forms2/js/ 		199 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/js/forms2/js/forms2.min.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Jan 2024 00:21:30 GMT
server
cloudflare
etag
"298036a-31ad2-60e27d4627680"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
85cbee1e08f99205-FRA
expires
Thu, 29 Feb 2024 01:58:39 GMT
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
f4ab0a26662426d1b923b7a4efde23bd97b936efd67c3bcd569c2176358b327d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
last-modified
Thu, 22 Feb 2024 17:56:31 GMT
server
ECS (frb/67D4)
age
2786
etag
"6c3d6e77b865da1:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25393
qualified.js
js.qualified.com/ 		642 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2012d2fcc529e9ae674cd343fbe0ada1e49241cdb8f0704c48d8deb808ea8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
via
1.1 spaces-router (devel)
strict-transport-security
max-age=63072000; includeSubDomains
cf-cache-status
MISS
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
19edf41f-c3bb-ce1c-d30d-4053c3666262
pragma
no-cache
x-runtime
0.028842
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fd2012d2fcc529e9ae674cd343fbe0ad"
x-download-options
noopen
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
85cbee1b7cf2bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:38 GMT
rr1at5cjty.jsonp
fast.wistia.com/embed/medias/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/rr1at5cjty.jsonp
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
143207e9ed01f1aef93482c33d284331d1b8d329f2a109e91911c34c6bfec8a5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 9c90b41a9e5ac2856624d29ed4da4234.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
98496
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
91
content-length
2591
x-request-id
8794f056-909e-47c6-ae3a-ca6398669287
x-served-by
cache-iad-kiad7000070-IAD, cache-fra-etou8220087-FRA
x-runtime
0.089603
x-browser-version
122
server
envoy
x-timer
S1709157519.290665,VS0,VE1
etag
W/"143207e9ed01f1aef93482c33d284331"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Af-9XziEZGyiHUyXJ4lw2ThOYrkt4UP34XiUTiMusHYPeybuqY3Ssg==
x-cache-hits
15, 1
E-v1.js
fast.wistia.com/assets/external/ 		778 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d949be13d7a08a499647507fa0974b6daf96348852e5cbeab6fb24924658b99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1605
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
134046
x-served-by
cache-iad-kiad7000088-IAD, cache-fra-etou8220087-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157519.290918,VS0,VE0
etag
"ce29cae65c45df12286dbccab71243a3"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32, 5
teknkl-formsplus-1.0.5.js
s3-us-west-2.amazonaws.com/s.cdpn.io/250687/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/s.cdpn.io/250687/teknkl-formsplus-1.0.5.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.213.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
OjXdZ5iYdmgpgEuq0ftytCBc_PO35ThO
Last-Modified
Thu, 26 Apr 2018 08:20:46 GMT
Server
AmazonS3
x-amz-request-id
6156Z5DGWJMV3DP7
ETag
"bab0c2b3523f8244564b675fe34db610"
Content-Type
application/x-js
Cache-Control
public
Accept-Ranges
bytes
Content-Length
41617
x-amz-id-2
Z3dWNQ2dKNWYwT34BU1N/HhXFZEhL4qjTo8vv0ztKI/nCYblnp5GBvtJliZBDvXoTC/9H5k4Upk=
autoptimize_7656531523331c3a1a75c80a2079530c.js
redcanary.com/wp-content/cache/autoptimize/js/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_7656531523331c3a1a75c80a2079530c.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b15af634d5bab399198b33d3fc2655e06bb8b3128b5e47749f7cd7937341b34a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 26 Feb 2024 22:01:36 GMT
server
nginx
etag
W/"65dd0a40-49897"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
munchkin.js
munchkin.marketo.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.65.88 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-65-88.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
gtm.js
www.googletagmanager.com/ 		323 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21790acaf504d9bf6b60f236fa7daeedf075c3e7d81be6e787fcebc0c73f27b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107493
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 21:58:39 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2400a36b6ad539bf01612df2f0ae253d0928fcdd2e966b299af7e84111216651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 21:43:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 21:58:39 GMT
autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
redcanary.com/wp-content/cache/autoptimize/css/ 		5 MB
252 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
41bbf4fe3bfcec4b5bc46c6c4b72b280ee14540b38841cc4457e0865dc0d87b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 22 Feb 2024 17:13:26 GMT
server
nginx
etag
W/"65d780b6-53df26"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
getForm
resource.redcanary.com/index.php/form/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/index.php/form/getForm?munchkinId=003-YRU-314&form=1027&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F&callback=jQuery37107928365747012944_1709157519243&_=1709157519244
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b92c630352643239991ce64d7ad336648e321cfacd87c3bda7c48c0e42cc15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
server
cloudflare
cf-ray
85cbee1f799f9205-FRA
cached
true
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
bullet-square.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 		443 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/bullet-square.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6217f642930c0d2411329fb00cf9a7e2e138a98f56eece6e82b3a7359f20cb11
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 23 Aug 2021 16:46:07 GMT
server
nginx
etag
W/"6123d0cf-1bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
button-right-arrow-white.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 		350 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/button-right-arrow-white.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 27 Feb 2019 15:51:05 GMT
server
nginx
etag
W/"5c76b1e9-15e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
source-sans-pro-v21-latin-regular.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/source-sans-pro-v21-latin-regular.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 02 Jun 2022 17:26:25 GMT
server
nginx
etag
"6298f2c1-32ec"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13036
source-sans-pro-v21-latin-700.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/source-sans-pro-v21-latin-700.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 02 Jun 2022 17:26:24 GMT
server
nginx
etag
"6298f2c0-327c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12924
source-sans-pro-v21-latin-300.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/source-sans-pro-v21-latin-300.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 02 Jun 2022 17:26:22 GMT
server
nginx
etag
"6298f2be-329c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12956
source-sans-pro-v21-latin-600.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/source-sans-pro-v21-latin-600.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 02 Jun 2022 17:26:23 GMT
server
nginx
etag
"6298f2bf-32fc"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13052
forms2.css
resource.redcanary.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/js/forms2/css/forms2.css
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Jan 2024 00:21:30 GMT
server
cloudflare
etag
"298036d-3437-60e27d4627680"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85cbee1ff9d89205-FRA
content-length
2623
expires
Thu, 29 Feb 2024 01:58:39 GMT
forms2-theme-inset.css
resource.redcanary.com/js/forms2/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/js/forms2/css/forms2-theme-inset.css
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 00:21:30 GMT
server
cloudflare
etag
"2980372-d86-60e27d4627680"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85cbee1ff9d99205-FRA
content-length
953
expires
Thu, 29 Feb 2024 01:58:39 GMT
js
www.googletagmanager.com/gtag/ 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
949ec61d445d0655eda20af716412ac3c00809c78f9ab3490f0ac57c44a26d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101785
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 21:58:39 GMT
f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
j.6sc.co/j/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
805ce4322a9be88ec58266cf40c95f62920aadea2a0d00f6ddeda8f82df66b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
ZP_GnDytUL9NRU7xM5CP6PgfirMXR58J
date
Wed, 28 Feb 2024 21:58:39 GMT
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
4827
pragma
no-cache
last-modified
Thu, 15 Feb 2024 19:15:51 GMT
server
AmazonS3
etag
"e32c5c81f0cda4121d7ac50a6fa46548"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
mbI3uLEgCykJTWOl1qVlKIWRNUh8jbbAjpEWGxAC-lGKrFzhFCt__A==
expires
Wed, 28 Feb 2024 21:58:39 GMT
regclk
adservice.google.com/pagead/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/pagead/regclk?auid=776120400.1709157519&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F&tft=1709157519370&tfd=2892&frm=0&gad_source=1&gtm=45He42q1v813277038za220&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&npa=0&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&gclsrc=aw
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
landing
www.google.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/landing?gcd=13l3l3l3l1&dma_cps=sypham&dma=1&npa=0&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&gtm=45He42q1n81PXWC8JWv813277038za220&auid=776120400.1709157519
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-muc13966-MUC
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c12d636cb5268c2f7f86c34ec5b1af2826a685eae5e503aece3c477fdd97a971
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Feb 2024 20:48:24 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=82201
accept-ranges
bytes
content-length
647
pixel.js
www.redditstatic.com/ads/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Feb 2024 20:38:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8702
destination
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-759876114&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cde9aab12a0d94792f287e698e87ba0e8411f515917e78bc65eaf12a93ec6e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79086
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 21:58:39 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 28 Feb 2024 21:58:39 GMT
last-modified
Thu, 22 Feb 2024 21:00:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2C2037112764C24B6F15C8CC14DACE9 Ref B: FRA31EDGE0822 Ref C: 2024-02-28T21:58:39Z
etag
"0adee36d265da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13197
9416.js
script.crazyegg.com/pages/scripts/0096/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0096/9416.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c47a113a12a32777ab6660be987cf72ff758c6a90b1f8d802282d6ab1bfbeb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 21:58:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
ce-version
11.5.193
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee205b789016-FRA
content-length
2223
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Feb 2024 21:58:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
MSj6KrlEvqIjdJs63qNuFRRjDbHavmaoCU8ABrOTz1DWZmlvK72HtpJ4dkSZPn7BySc6jRRs+x4TpiYLlM3I9A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=redcanary.com&pId=3465692068725799493
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attr.ml-api.io/?domain=redcanary.com&pId=3465692068725799493
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Server
2600:9000:20c3:b600:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
via
1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
content-type
application/json
x-amz-cf-id
fWoeBmLyK7_HvY4yP08LQmkYLbsLCvWYPqUsWM7vIUmQG-WVzWoNaQ==
content-length
0
apigw-requestid
T3fmjh8OoAMEalA=

Redirect headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
an-x-request-uuid
46da2bea-8109-4f26-8d27-76e85d7d3c70
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://attr.ml-api.io/?domain=redcanary.com&pId=3465692068725799493
x-proxy-origin
138.199.38.134; 138.199.38.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.65.88 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-65-88.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Fri, 07 Jun 2024 21:58:39 GMT
captions.js
fast.wistia.com/assets/external/ 		171 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/captions.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bd5183bca8c02f0ef97780c3accbea06d638c45225b525d2882273fc22ac2df
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1604
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
35947
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-etou8220087-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157519.490278,VS0,VE0
etag
"005bd8c3dfc915a0a7ee494e2b41bb26"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35, 17
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dec888202913f9630b63196880ea2e96210c59df2905e55154fe88432c1b0e3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Feb 2024 18:22:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=56225
accept-ranges
bytes
content-length
16524
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=6ad43218-5709-45ec-a23c-a74137c61597&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07ebb62e-464b-41db-b203-1ac573ab3ac8&tw_document_href=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.29
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time
192
date
Wed, 28 Feb 2024 21:58:38 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
ad51dd8e022b991e
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
72166ca20f97ec5213638da1c94c213a7d1cd781c4f6a419c2d5885a4ebeccc8
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6ad43218-5709-45ec-a23c-a74137c61597&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07ebb62e-464b-41db-b203-1ac573ab3ac8&tw_document_href=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.29
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time
171
date
Wed, 28 Feb 2024 21:58:39 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
af89ca7e56b4aa59
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
25d714916c2d1c0b617f495271c1435af51190cb0fc0126076171290720db833
content-length
43
t2_5kac730w_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_5kac730w_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1709157519489&id=t2_5kac730w&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4f99245a-6071-4c7b-bf41-6772e49c3494&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
collect
region1.analytics.google.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je42q1v874113835z8813277038za220&_p=1709157519257&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=112330320.1709157520&ul=en-us&sr=1600x1200&lps=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1709157519&sct=1&seg=0&dl=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&dt=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3047
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T3K4MTNQJN&cid=112330320.1709157520&gtm=45je42q1v874113835z8813277038za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T3K4MTNQJN&cid=112330320.1709157520&gtm=45je42q1v874113835z8813277038za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=550068397
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1042590016249604
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1042590016249604?v=2.9.147&r=stable&domain=redcanary.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbf03a9183ab1001c94256a9115a9e20630755677eb6fa41071c6143b77dba6d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Feb 2024 21:58:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
MUjVMS0eIZxP80pXkt4uJS0/JXsibekU+2WGWVLrSSpl+ihCsj0SVrRvK0Qo6S5JhOBOgvA1Kev3F9b7bPkTPA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/759876114/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/759876114/?random=1709157519544&cv=11&fst=1709157519544&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9103488584z8813277038za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&hn=www.googleadservices.com&frm=0&tiba=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&npa=0&pscdl=noapi&auid=776120400.1709157519&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-759876114&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fc2e70057283f86c437bfc940579c5ae6d0ed34c4022cee1f5ee82d09451887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1479
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56383426.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56383426.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 28 Feb 2024 21:58:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 84B507151A2A4335BB7F390C8503049C Ref B: FRA31EDGE0822 Ref C: 2024-02-28T21:58:39Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56383426&tm=gtm002&Ver=2&mid=5212cf4f-8713-4888-bd66-2f03ce8ed65d&sid=87b115e0d68411ee83f83f46f231af34&vid=87b130a0d68411eeb342973ad5f2b7e3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&p=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&r=&evt=pageLoad&sv=1&rn=382845
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Feb 2024 21:58:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 211889AB10934D63BAE74DAEB029B4EF Ref B: FRA31EDGE0822 Ref C: 2024-02-28T21:58:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
003-yru-314.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://003-yru-314.mktoresp.com/webevents/visitWebPage?_mchNc=1709157519564&_mchCn=&_mchId=003-YRU-314&_mchTk=_mch-redcanary.com-1709157519564-63994&_mchHo=redcanary.com&_mchPo=&_mchRu=%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=_bt%3D561227456370__-___bk%3Dincident%20response%20playbook__-___bm%3De__-___bn%3Dg__-___bg%3D132693180434__-__gad_source%3D1__-__gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:40 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
aecdfd08-1e93-4423-bce9-b4dd3c309727
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1540753%26time%3D1709157519582%26li_adsId%3Dae831d1e-189e-42df-b1f3-19c2af8d5c79%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&cookiesTest=true&liSync=true&e_ipv6=AQKzzDZ8s8YXLAAAAY3xuhJ-D1-B6oK4OAjVqoX_O5URdnvrFLk7lvLI8VPx4rPxpWp3NSkVZT7pfJ3vJUkjK94ZzPlPgw
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D71A4B415CEA46E6B9B4ABA12C77B2B8 Ref B: FRAEDGE1811 Ref C: 2024-02-28T21:58:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYSeD7aK+XUuaFJp55HWA==

Redirect headers

date
Wed, 28 Feb 2024 21:58:39 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A40073506E4642A5BA22921C92A1ED56 Ref B: FRAEDGE1109 Ref C: 2024-02-28T21:58:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1709157519582&li_adsId=ae831d1e-189e-42df-b1f3-19c2af8d5c79&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&cookiesTest=true&liSync=true&e_ipv6=AQKzzDZ8s8YXLAAAAY3xuhJ-D1-B6oK4OAjVqoX_O5URdnvrFLk7lvLI8VPx4rPxpWp3NSkVZT7pfJ3vJUkjK94ZzPlPgw
x-li-proto
http/2
content-length
0
x-li-uuid
AAYSeD7YISajqx3s2AiBnQ==
rr1at5cjty.json
fast.wistia.com/embed/captions/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/captions/rr1at5cjty.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
6413c98b6ecb3cce99a4c0a2dafab35722f03d66ed533355886e8da5e09f7bd9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 c974a69619205281e0e6b8e73f95e4b4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
2198
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
161
content-length
1435
x-request-id
2c363a4d-304f-4a3d-8292-dfb507ee312e
x-served-by
cache-iad-kiad7000104-IAD, cache-fra-etou8220073-FRA
x-runtime
0.159561
x-browser-version
122
server
envoy
x-timer
S1709157520.602596,VS0,VE92
etag
W/"6413c98b6ecb3cce99a4c0a2dafab357"
vary
Accept-Encoding,X-Forwarded-Proto
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AN0wtYbqmMtSSB7co0I4vBuhLpNigLvgAJo-jM4COWGdJglZ6l49mg==
x-cache-hits
59, 0
interFontFace.js
fast.wistia.com/assets/external/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/interFontFace.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c0cc58f170530f1abed279be1d4e4c79f817fae7d45a2d8faf1c0cbe768bb7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1606
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18353
x-served-by
cache-iad-kcgs7200038-IAD, cache-fra-etou8220073-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157520.602689,VS0,VE0
etag
"016e5456d3ad608e42cc5ba5f2f1a3d7"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19, 17
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
62a3229ad463417eec26e6d0aa542bb6.webp
embed-ssl.wistia.com/deliveries/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/62a3229ad463417eec26e6d0aa542bb6.webp?image_crop_resized=1920x1080
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:e400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
5060a8fb5383d234ddd10970c42c72999671daa926942dd54e267462a9345e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 09:53:13 GMT
access-control-request-method
*
via
1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
MUC50-C1
age
216326
edge-cache-tag
62a3229ad463417eec26e6d0aa542bb6
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
442
content-disposition
inline
surrogate-key
62a3229ad463417eec26e6d0aa542bb6 thumbnail-delivery
last-modified
Wed, 23 Aug 2023 20:54:10 UTC
server
envoy
etag
CjSJudQkhzUIENSkOjX-pRgv65Y=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
GykFxm-BFLMgGUEeBCWj69yrkvZBXtC21RnjSHPLkPnaAMiI5j8l9Q==
arrow-down-bk.png
resource.redcanary.com/js/forms2/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource.redcanary.com/js/forms2/images/arrow-down-bk.png
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/css/forms2-theme-inset.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resource.redcanary.com/js/forms2/css/forms2-theme-inset.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 05 Jan 2024 00:21:30 GMT
server
cloudflare
etag
"2d403c4-415-60e27d4627680"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
85cbee21bac69205-FRA
content-length
1045
expires
Wed, 28 Feb 2024 21:59:39 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaCallback
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5733c246d251b044d216980576d4c99de7eea567a21bab19e9fd2ec4d180f5d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Feb 2024 21:58:39 GMT
XDFrame
resource.redcanary.com/index.php/form/ Frame 4449 		2 KB
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/index.php/form/XDFrame
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b12ee272c79786bc266207f27c98ed219d2090d0d605e9c7a9e71f2add176fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
85cbee21eaea9205-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Feb 2024 21:58:39 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
/
www.google.com/pagead/1p-user-list/759876114/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/759876114/?random=1709157519544&cv=11&fst=1709154000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9103488584z8813277038za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&frm=0&tiba=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq2OP85gjpCru3B5iomX2PMii5uKK0jQ&random=212801023&rmt_tld=0&ipr=y
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/759876114/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/759876114/?random=1709157519544&cv=11&fst=1709154000000&bg=ffffff&guid=ON&async=1&gtm=45be42q1v9103488584z8813277038za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&frm=0&tiba=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq2OP85gjpCru3B5iomX2PMii5uKK0jQ&random=212801023&rmt_tld=1&ipr=y
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1042590016249604&ev=PageView&dl=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&rl=&if=false&ts=1709157519676&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1709157519676.772665882&ler=empty&cdl=API_unavailable&it=1709157519535&coo=false&exp=e1&rqm=GET
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Feb 2024 21:58:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 17:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201116
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 17:43:47 GMT
anchor
www.google.com/recaptcha/api2/ Frame 17D9 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d432e9986df3d31b5999c0bfee25a91efca37ce0a2c0e9c6f2d1e6b5056f03da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SkxpKMEFLBPwLpv5g7o2rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SkxpKMEFLBPwLpv5g7o2rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Feb 2024 21:58:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6si.min.js
j.6sc.co/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Feb 2024 19:00:41 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65d799d9-101dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
17693
expires
Wed, 28 Feb 2024 21:58:39 GMT
getuidj
secure.adnxs.com/ 		29 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
66a68f0cb1b6b5d0ad8828ebe4963dc3336e919d62f8d6ae2d89f6905c2f8c38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
an-x-request-uuid
d112ab3f-7040-4e4e-af84-ca1eb95a37c2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://redcanary.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.134; 138.199.38.134; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		7 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://redcanary.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fbfa7b37a6578651ae15fb27f6c965536f500f76fa089c0d2bda5a5f2933df90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://redcanary.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a02:6ea0:c71b:0:1011:409c:ecee:4ba8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1709157519818_34603388_223717559_20_783_5_12_219";dur=1
content-length
36
expires
Wed, 28 Feb 2024 21:58:39 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 17D9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 16:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 16:29:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 17D9 		494 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 17:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201116
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Feb 2025 17:43:47 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22565ffb1efc5e75f417d1fe1c2134f835%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22e8bebcdaa132f727ae8d16d9967447769318945e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22f3744a5e-342b-429c-9d2c-2c1b7b45310a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=ipv6&q=%7B%22address%22%3A%222a02%3A6ea0%3Ac71b%3A0%3A1011%3A409c%3Aecee%3A4ba8%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
forms2.min.js
resource.redcanary.com/js/forms2/js/ Frame 4449 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resource.redcanary.com/js/forms2/js/forms2.min.js
Requested by
Host: resource.redcanary.com
URL: https://resource.redcanary.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://resource.redcanary.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2024 00:21:30 GMT
server
cloudflare
age
0
etag
"298036a-31ad2-60e27d4627680"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
85cbee231b5f9205-FRA
expires
Thu, 29 Feb 2024 01:58:39 GMT
ipv
cdn.bizible.com/ 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e03f5217e22244409d67e43f2b42b066&_biz_l=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&_biz_t=1709157519271&_biz_i=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&_biz_n=0&a=redcanary.com&rnd=309988&cdn_o=a&_biz_z=1709157519871
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Tue, 27 Feb 2024 17:44:12 GMT
server
ECS (frb/67BA)
age
101667
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=e03f5217e22244409d67e43f2b42b066&_biz_l=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&_biz_t=1709157519873&_biz_i=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&a=redcanary.com&rnd=506294&cdn_o=a&_biz_z=1709157519873
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Tue, 27 Feb 2024 17:44:11 GMT
server
ECS (frb/6752)
age
101668
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
redcanary.com.json
script.crazyegg.com/pages/data-scripts/0096/9416/site/ Frame 6463 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0096/9416/site/redcanary.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048e35e70f8e887bfd67ce4151ae4a3e11e686ec59ca0930cb00a16eb3ec24b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 21:58:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.193
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee236d553619-FRA
content-length
1932
sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js
www.google.com/js/bg/ Frame 17D9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/sLPIoIr_9R2H1vFE63bCW9_RmUPMbLk-XyKwDAco0G4.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
132692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6937
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 09:07:07 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 17D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:55:59 GMT
x-content-type-options
nosniff
age
133360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Mar 2024 08:55:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 17D9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:03:23 GMT
x-content-type-options
nosniff
age
132916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:03:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 17D9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 11:07:48 GMT
x-content-type-options
nosniff
age
471051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Feb 2025 11:07:48 GMT
xdc.js
cdn.bizible.com/ 		116 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=e03f5217e22244409d67e43f2b42b066&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.02.22&a=redcanary.com
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
80b0b5743a9610a13169cc4cd0e2d6eece386456e75dfae2fb9bb1451a5e75e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
server
ECS (frb/6711)
etag
6E3C44B1
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
219
Forrester-Wave-Featured-Nav2_203x203-1.jpg
redcanary.com/wp-content/uploads/2023/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/uploads/2023/08/Forrester-Wave-Featured-Nav2_203x203-1.jpg
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a7e4301988674bdfde552e51053fba690337f07233420265674976ee40dabe5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Sat, 12 Aug 2023 21:30:51 GMT
server
nginx
etag
"64d7fa0b-3273"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
12915
cta-background.jpg
redcanary.com/wp-content/uploads/2018/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/uploads/2018/12/cta-background.jpg
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ecf6782eee74878f85da64d073a0707c4965f712d7eec6926ea4c9151228e100
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 09 Nov 2020 21:51:33 GMT
server
nginx
etag
"5fa9b9e5-1a18"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6680
975x975_IRR.jpg
redcanary.com/wp-content/uploads/2023/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/uploads/2023/08/975x975_IRR.jpg
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a30ba449c691a185ab26fe20a27e7c61e5c84d9e1a5c25507ae160382150605
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 24 Aug 2023 16:57:28 GMT
server
nginx
etag
"64e78bf8-3f80"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16256
webworker.js
www.google.com/recaptcha/api2/ Frame 17D9 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LesOP4kAAAAAGB_Ycm39aTFwKlN-Qh9HW67GcaB&co=aHR0cHM6Ly9yZWRjYW5hcnkuY29tOjQ0Mw..&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=89ii9agaj5k0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Feb 2024 21:58:39 GMT
admin-ajax.php
redcanary.com/wp-admin/ 		0
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redcanary.com/wp-admin/admin-ajax.php
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 21:58:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff, nosniff
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
content-encoding
br
x-permitted-cross-domain-policies
master-only
x-powered-by
WP Engine
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN, deny
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
feature-policy
microphone 'none'; geolocation 'none'
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
details
epsilon.6sense.com/v3/company/ 		745 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4160094e8e7a55a3dd60c62de930a81375ddce09c11dc6d7b28332da6dbbdf14

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
Authorization
Token e8bebcdaa132f727ae8d16d9967447769318945e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-6s-CustomID
WebTag f3744a5e-342b-429c-9d2c-2c1b7b45310a

Response headers

x-trace-id
6262261022861672420
date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://redcanary.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
399
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://redcanary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://redcanary.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Wed, 28 Feb 2024 21:58:39 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
8719264796092324902
u
cdn.bizible.com/ 		43 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A003-YRU-314%26token%3A_mch-redcanary.com-1709157519564-63994&_biz_u=e03f5217e22244409d67e43f2b42b066&_biz_l=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&_biz_t=1709157519874&_biz_i=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&_biz_n=1&a=redcanary.com&rnd=716541&cdn_o=a&_biz_z=1709157519982
Requested by
Host: redcanary.com
URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Tue, 27 Feb 2024 17:44:11 GMT
server
ECS (frb/6752)
age
101668
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Feb 2024 21:32:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1597
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Feb 2024 23:32:03 GMT
84a07e3a698688683d493761c9786bde.js
script.crazyegg.com/pages/versioned/common-scripts/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:49:29 GMT
server
cloudflare
age
20034
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee248dac9016-FRA
content-length
31373
select-arrow-white.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 		333 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/select-arrow-white.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
942ec7f4988f0e4bc309a929ae28df5b2f9345c5feb5eebb91757440d9200c19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 27 Feb 2019 15:51:12 GMT
server
nginx
etag
W/"5c76b1f0-14d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
search-btn.svg
redcanary.com/wp-content/themes/redcanary/assets/img/ 		161 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/search-btn.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f57969cdf0d61b86fc25ded8a8c5058a5edd346d1845b232610a54f08d0fcb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_10b9e3005f87930cec9d69cde5fe01b6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 08 Sep 2021 23:08:04 GMT
server
nginx
etag
W/"61394254-a1"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
/
px.ads.linkedin.com/wa/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8DD8F71354DC478EAA269B309335935F Ref B: FRAEDGE1109 Ref C: 2024-02-28T21:58:40Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://redcanary.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYSeD7dZiAVncwR/2qytA==
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1196065335&t=event&ni=1&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&ul=en-us&de=UTF-8&dt=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YADAAEABAAAAgCAAI~&jid=1635353165&gjid=1617198476&cid=112330320.1709157520&tid=UA-52702906-1&_gid=18660841.1709157520&_r=1&_slc=1&gtm=45He42q1n81PXWC8JWv813277038za220&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=58181693
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dcd62c349a25006a7c9d65b6bdbe4310db017cc0d7f43f3ce77ce195e33a7e5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1605
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21224
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220073-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157520.338398,VS0,VE0
etag
"180eef04604b7bf1d55e043ea13cd6e1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
25, 45
hls_video.js
fast.wistia.com/assets/external/engines/ 		474 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31452b617c689684ff66cf08e31b65073e29dff337f3af56af3f78e61a787b02
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1606
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
118200
x-served-by
cache-iad-kiad7000150-IAD, cache-fra-etou8220073-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157520.339672,VS0,VE0
etag
"21f4d919620b4c1676a6276f54724ade"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33, 25
mput
pipedream.wistia.com/ 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:8000:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
via
1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
DCg-pmpcuBnxXartE-XiEQPext2mw42dG1-5OnxJVDOJm1crX8vrBQ==
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-4.muc50.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
via
1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
x-amz-cf-id
3D9ONuT5zDTB49YRiwCRru-I-ny4iZO7QziM780J2OuaSnJf-pQD8A==
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52702906-1&cid=112330320.1709157520&jid=1635353165&gjid=1617198476&_gid=18660841.1709157520&_u=YADAAEAAAAAAgCAAI~&z=1851764446
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
redcanary.com.json
script.crazyegg.com/pages/data-scripts/0096/9416/sampling/ Frame 6463 		160 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0096/9416/sampling/redcanary.com.json?t=474765
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9620245b6e4e5269f16f32f4d110ea5be4e76cbb184bf3f244064f36095aaafa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 21:58:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.193
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee263f6e3619-FRA
content-length
147
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1196065335&t=pageview&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&ul=en-us&de=UTF-8&dt=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAgCAAI~&jid=&gjid=&cid=112330320.1709157520&tid=UA-52702906-1&_gid=18660841.1709157520&gtm=45He42q1n81PXWC8JWv813277038za220&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd6=Germany&cd7=Hesse&cd8=Frankfurt%20am%20Main&cd9=&cd12=&cd13=&cd14=&cd18=null&z=1049766087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 18:53:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11096
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52702906-1&cid=112330320.1709157520&jid=1635353165&_u=YADAAEAAAAAAgCAAI~&z=2081172451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52702906-1&cid=112330320.1709157520&jid=1635353165&_u=YADAAEAAAAAAgCAAI~&z=2081172451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1196065335&t=adtiming&_s=2&dl=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&ul=en-us&de=UTF-8&dt=Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3860&pdt=141&dns=0&rrt=53&srt=1674&tcp=285&dit=2871&clt=3392&_gst=3595&_gbt=3828&_u=aADAAEABAAAAgCAAI~&jid=&gjid=&cid=112330320.1709157520&tid=UA-52702906-1&_gid=18660841.1709157520&gtm=45He42q1n81PXWC8JWv813277038za220&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd6=Germany&cd7=Hesse&cd8=Frankfurt%20am%20Main&cd9=&cd12=&cd13=&cd14=&cd18=null&z=714514086
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 18:53:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11096
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
blank.gif
fast.wistia.com/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
302
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220073-FRA
x-browser-version
122
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1709157520.402760,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19, 4
rr1at5cjty.m3u8
fast.wistia.com/embed/medias/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/rr1at5cjty.m3u8
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d4276ce96a338227e3d626ec7a13a565d63376d9d950862704224b4ab2be03b0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
via
1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD79-C1
age
0
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
44
content-length
1353
x-request-id
b85fa0ef-2968-40c5-8af5-adb63ad4fa4d
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-etou8220073-FRA
x-runtime
0.042203
x-browser-version
122
server
envoy
x-timer
S1709157520.408294,VS0,VE95
etag
W/"d4276ce96a338227e3d626ec7a13a565"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8nG8h2JT7qB976_L357P2KbBVA6K_RVNthqZ82ruU-aLRmI8HnP9Pw==
x-cache-hits
8, 1
messenger
app.qualified.com/w/1/bAEbi2aHVysBKzuy/ Frame 068B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Requested by
Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.205.50.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-50-190.compute-1.amazonaws.com
Software
/
Resource Hash
92b7a8b9379e08afaccbf9e772cf56e170d26d35c1013cca7fa3ae32a0223022
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
1828
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Feb 2024 21:58:40 GMT
Etag
W/"92b7a8b9379e08afaccbf9e772cf56e1"
Link
<https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (devel)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
6e03e575-279e-7cd9-d690-6519411d1496
X-Runtime
0.024978
X-Xss-Protection
1; mode=block
healthcheck
pagestates-tracking.crazyegg.com/ Frame 6463 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-93.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 20 May 2023 01:15:34 GMT
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
24612187
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
ZwM1j7YPDoqTbUJ1FbgHqhuL3zmH5bWJyjM86DqSCx1E5LDEMERGuQ==
healthcheck
assets-tracking.crazyegg.com/ Frame 6463 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-97.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 04:00:49 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
16739872
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
rpXUzv6XWmTmKzA2URqJgCeVw1LZN1lINzZhJt3KFw3782A4O68yow==
43443caa-c99c-47f1-82fe-43dbb5bf11ea
https://redcanary.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://redcanary.com/43443caa-c99c-47f1-82fe-43dbb5bf11ea
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ Frame 6463 		40 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1709157520564&tk=40ea43635c9a9388c5f9f97df894a565&s=360154&p=%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F&u=969416&v=8db9ab0d081931c7e0472f5138dc9c47e97bf515&f=redcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide&ul=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.86.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-86-55.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
0b1a2b50c4ea90adeae0ef5b8fdddbfdf0cc6296b5ab057d40318da3a5611cd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Feb 2024 21:58:40 GMT
cache-control
no-store
server
awselb/2.0
content-length
40
content-type
text/plain
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:49:38 GMT
server
cloudflare
age
20033
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee287fe99016-FRA
content-length
8025
5962be65-98cc-49e7-9a49-eb62e7cbb270
https://redcanary.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://redcanary.com/5962be65-98cc-49e7-9a49-eb62e7cbb270
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
cd03386b0fde68cad33bac3d9c045084.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/cd03386b0fde68cad33bac3d9c045084.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2024 16:49:35 GMT
server
cloudflare
age
20032
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85cbee289ff29016-FRA
content-length
30708
messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 068B 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
XvZWQCYWoLS9Gr0QamUrxZt4M_6itGwe
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
BJPE4TJYBEG03KD9
age
428
x-amz-server-side-encryption
AES256
x-amz-id-2
hZNfEqGMuWLAA7kYQ9yPiE15IDlor1YO1fowgVi54YyhfQc+lRn8qbb+FPXur2dgMYMWDE6eSsc=
last-modified
Wed, 29 Nov 2023 02:17:16 GMT
server
cloudflare
etag
W/"a788ecf510f83ee517cbaf79306145dd"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
85cbee28fc83bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:40 GMT
messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame 068B 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
d3ADcJYvub11sj.28U2sMgtF7tsK4Gse
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EEMZ6J2FJAZNY1P7
age
1487
x-amz-server-side-encryption
AES256
x-amz-id-2
YG8Lyiy+KWn2IVZYvXVh+WPVki4cRH+P6sMaHHnmTRaKaEkhVJieYtXpdYlOqPLg9iuaqDGglOw=
last-modified
Sat, 17 Feb 2024 00:59:18 GMT
server
cloudflare
etag
W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
85cbee28fc82bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:40 GMT
messenger~runtime-ff7ff7f5670ac9dd2121.js
assets.qualified.com/packs/js/widget/sandboxed/ Frame 068B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-ff7ff7f5670ac9dd2121.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f1d68628b88bb3d7283fc9761f9b031af8d4cfa61987bbe1d38c54a3141ac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
kWbRN7PsapKU3ve.MHRC.RtKULmAOqlE
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9E2A6NCF1A9BM6SP
age
5230
x-amz-server-side-encryption
AES256
x-amz-id-2
v3BVuL0cBRhQPm82sBDpX2LkstLHUv+eGQJ3KeLw8eXeFzlryOi/TfrxsA2W7Ql1WOHvNXXB8ig=
last-modified
Wed, 28 Feb 2024 18:28:38 GMT
server
cloudflare
etag
W/"24f49b37861f5307b15e74b32706120c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
85cbee28fc85bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:40 GMT
messenger-78c97c34a7c2aa38f3b3.chunk.js
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 068B 		1 MB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-78c97c34a7c2aa38f3b3.chunk.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9270d9bb6558beb515885fea3e68018050ca5212847d6186f5c57e37045c74c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
XgiVRWybdoj.I4tVX4L7xVJywyI1Renj
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9E282QXM3311YAQG
age
5230
x-amz-server-side-encryption
AES256
x-amz-id-2
+LPywiu6vLcUPi9kFxLsIIhe691xZD3cV/yyc1xMF4YDdXxr7cVC/W3dGqXTkQyp4qVQfMubivo=
last-modified
Wed, 28 Feb 2024 18:28:38 GMT
server
cloudflare
etag
W/"95107cbef17dd8199675371c7c4528b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
85cbee28fc84bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:40 GMT
messenger-df7ea5557b7ce6abd424.chunk.js
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 068B 		935 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-df7ea5557b7ce6abd424.chunk.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13467a5b5a339f4a1dfc20ed0bd3b32b92b17747787937f450657d5690d8b748

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
oRVDrtHR1Faecjz0e7i9GQ6hFXL1P8S2
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9E2AC4X15T40XH7Q
age
5230
x-amz-server-side-encryption
AES256
x-amz-id-2
SUg/fJ3WFp6yXP3wCPPCEAW77SGZO9HAK3wb10hbmvgctZ3QXRTK5yCOusvEOeL4loNpxIIqbVk=
last-modified
Wed, 28 Feb 2024 18:28:38 GMT
server
cloudflare
etag
W/"b6ab1e34ad86d0116be3087da058e414"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
85cbee291c99bb4f-FRA
expires
Thu, 29 Feb 2024 01:58:40 GMT
Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 068B 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://app.qualified.com/
Origin
https://app.qualified.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
XjoMYqkEK1EplqIDAPLihzvluXM877Lz
cf-cache-status
HIT
x-amz-request-id
NESEB2QDRRMY126Z
age
7848417
x-amz-server-side-encryption
AES256
content-length
98868
x-amz-id-2
cFGtBNJw2RmWji44Ht3zQd63gejXPssWIj5DhDmt+tzxhoE6yArHJyticYfsh09whrhVUnsQ5G3lxx6r+Hj5Qg==
last-modified
Wed, 29 Nov 2023 02:17:21 GMT
server
cloudflare
etag
"dc131113894217b5031000575d9de002"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
85cbee290ab92c71-FRA
expires
Fri, 28 Feb 2025 03:58:40 GMT
Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 068B 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=089b8e94-4833-44dd-922a-90de61160846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://app.qualified.com/
Origin
https://app.qualified.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-amz-version-id
azxyuTuYExeVR_mk6PawtlKnm9NEyZCd
cf-cache-status
HIT
x-amz-request-id
3VJM25EJNXCR9CWT
age
8021710
x-amz-server-side-encryption
AES256
content-length
105804
x-amz-id-2
JL/Df5tL52JNlAcbc6/anPwSPtt+76LMplaWquvkYQO144pAvkWam9aLG0wrhC+EAtX7t3VRz9s=
last-modified
Thu, 23 Nov 2023 00:09:26 GMT
server
cloudflare
etag
"007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
85cbee291aba2c71-FRA
expires
Fri, 28 Feb 2025 03:58:40 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A39%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
sentry.io/api/1332833/envelope/ Frame 068B 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
Requested by
Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-78c97c34a7c2aa38f3b3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qualified.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Feb 2024 21:58:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
mput
pipedream.wistia.com/ 		2 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:8000:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Feb 2024 21:58:41 GMT
via
1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
IVAZob4mR8025R2dZOm6v_GMc97l7PIRuSYHf_Y2wTEDwf3IGCwCZA==
allIntegrations.js
fast.wistia.com/assets/external/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c68a5d648f9477063bb0b5398b88916d6906c139625b87093e806f171d0fc950
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:41 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1607
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5772
x-served-by
cache-iad-kcgs7200050-IAD, cache-fra-etou8220073-FRA
x-browser-version
122
last-modified
Wed, 28 Feb 2024 20:30:45 GMT
server
AmazonS3
x-timer
S1709157521.339865,VS0,VE0
etag
"8204bdccbf6ed846139d3b90d3b00ebf"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0a44e45c43c97b08da5f741fb0b138c8e81330c6
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16, 21
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A40%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:41 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
d23c0c4e194430380ef64982f7fd6ecf318cd5881017bc61dec0ef8955cc0079.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame 068B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qualified-production.s3.us-east-1.amazonaws.com/uploads/d23c0c4e194430380ef64982f7fd6ecf318cd5881017bc61dec0ef8955cc0079.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.73.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9a586f0b3e8add35ad17a2eec2cee97cbe175f48d7c47e34492dd973aa0f8381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:43 GMT
Last-Modified
Thu, 20 Oct 2022 23:47:27 GMT
Server
AmazonS3
x-amz-request-id
51603RB88S3K9C38
ETag
"fd481ec600c1b3fad6f9e29aa732a946"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
Cache-Control: public, max-age=31536000
Accept-Ranges
bytes
Content-Length
12932
x-amz-id-2
L6cD2CadTXftu27pAVv+tgakWtNZUdwxiid1zZ2x6bh76u/ytHqHjiDXuNYCRHpCneC5JlF91Ck=
b34302d7d25df402909dab75f43c994eaa9697d42e982abeee77e1d6cb8e2697.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame 068B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qualified-production.s3.us-east-1.amazonaws.com/uploads/b34302d7d25df402909dab75f43c994eaa9697d42e982abeee77e1d6cb8e2697.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.73.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
00bbc66153e493c73e6ee4448a25fac555d74e1fd957f6f804754ff27bb9884f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 21:58:43 GMT
Last-Modified
Thu, 20 Oct 2022 23:48:08 GMT
Server
AmazonS3
x-amz-request-id
516C3SFV1CSCXZB5
ETag
"7797b96a7f999ac42de528bede3329af"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
Cache-Control: public, max-age=31536000
Accept-Ranges
bytes
Content-Length
13099
x-amz-id-2
yJvaI95LZBXs7XEmvwDXTQkDLYQvcjilhJogUXj2HVuggIGV4vmQoGJeFq8xdFgjfM6iC5Ecdlk=
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A41%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:42 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.198.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-198-240.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 21:58:43 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=de296816-f19a-44d2-8ecf-be1289b20e6a&session=547e1893-407c-4c9a-8ba5-573a35239dc3&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2028%20Feb%202024%2021%3A58%3A43%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22This%20cyber%20incident%20response%20guide%20arms%20security%20teams%20with%20the%20blueprint%20for%20a%20modern%20and%20effective%20incident%20response%20and%20readiness%20plan.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Incident%20Response%20and%20Readiness%20Guide%20-%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fresources%2Fguides%2Fincident-response-preparedness-guide%2F%3F_bt%3D561227456370%26_bk%3Dincident%2520response%2520playbook%26_bm%3De%26_bn%3Dg%26_bg%3D132693180434%26gad_source%3D1%26gclid%3DCjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE&pageViewId=a5ef71b1-5ae4-4c43-8154-b81b6feff1ab&an_uid=3465692068725799493&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.15

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| OptanonWrapper function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| ccpa_data object| MktoForms2 object| dataLayer string| QualifiedObject function| qualified object| Bizible object| BizTrackingA object| BizA object| theme_ajax_object object| lazyLoadOptions boolean| _q_widgetInitialized object| FormsPlus undefined| Cookies undefined| URI object| wistiajsonp-/embed/medias/rr1at5cjty.jsonp object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| twq string| _linkedin_data_partner_id function| rdt function| fbq function| _fbq function| getParam function| getExpiryRecord function| addGclid object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| regeneratorRuntime object| twttr object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_7e656b4232 object| uetq object| MunchkinTracker function| lintrk boolean| _already_called_lintrk function| addCaptchaScript number| formId function| captchaCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_137815 object| _6si object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| webpackChunknylon function| LazyLoad object| _vis_opt_queue object| LC_API object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| _q_lastClientActivityAt boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed boolean| _storagePopulated string| GoogleAnalyticsObject function| ga string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| ORIBILI object| gaplugins object| gaData object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API

50 Cookies

Domain/Path Name / Value
redcanary.com/resources/guides/incident-response-preparedness-guide Name: gclid
Value: CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
www.googleadservices.com/pagead/conversion/759876114/ Name: Conversion
Value: EgwIABUAAAAAHQAAAAAYASCL9P7_qOik7OcBSAFqW0Nqd0tDQWlBMFB1dUJoQnNFaXdBUzdmc05aa19QcGlIZ0M4RVdXRHg2VW40b1phQ0Z5enQzeHFBY2FjaFZteFVtdFVPRHdPU0k0cEs0Qm9DNEc0UUF2RF9Cd0Vwlt245YPPhAOQAY6rx5LcDpgBAA
.redcanary.com/ Name: gclid
Value: CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
.resource.redcanary.com/ Name: __cf_bm
Value: 4LSOhVZB5WZfNvGKIKW4ddf8joyGNLCptxD.iX_nVIc-1709157519-1.0-Ae6THIlCFV3Aq5fwVMkVdGiYSCLAFH8F47vtQpNbINFj9bbwyL7Gb+RKcmmpqLukdohYriGOaza52EeA1WlioP0=
.redcanary.com/ Name: _biz_uid
Value: e03f5217e22244409d67e43f2b42b066
.redcanary.com/ Name: _gcl_aw
Value: GCL.1709157519.CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
.redcanary.com/ Name: _gcl_au
Value: 1.1.776120400.1709157519
.redcanary.com/ Name: _rdt_uuid
Value: 1709157519489.4f99245a-6071-4c7b-bf41-6772e49c3494
.redcanary.com/ Name: _uetsid
Value: 87b115e0d68411ee83f83f46f231af34
.redcanary.com/ Name: _uetvid
Value: 87b130a0d68411eeb342973ad5f2b7e3
.redcanary.com/ Name: _mkto_trk
Value: id:003-YRU-314&token:_mch-redcanary.com-1709157519564-63994
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 23C7238E1C446FEB2CB237BD1DE86E25
.redcanary.com/ Name: _fbp
Value: fb.1.1709157519676.772665882
.twitter.com/ Name: personalization_id
Value: "v1_u9hJRj1SOwy66lFMaC31JA=="
.t.co/ Name: muc_ads
Value: 4b630189-8391-4e75-b7b3-aa539b87299b
.linkedin.com/ Name: li_sugr
Value: 5d3074da-5dbb-4958-802f-9a90dc98a644
.linkedin.com/ Name: bcookie
Value: "v=2&1607db58-06a5-4b96-8211-9320dd2a41a4"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2827:u=1:x=1:i=1709157519:t=1709243919:v=2:sig=AQGhs-hAWK_f-5L8IlPILUs_2TaC84o-"
.adnxs.com/ Name: XANDR_PANID
Value: O0KnN6WSRZKFUIUEhyDpFaxXCdqm6QcFlHZxulKYNjyA9WaTcbrwS8yqrQ3AOTnM8UV-l5Art8LvtxLiNETY7jJSJ3eNdgSqUwR-5nPKy7A.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3465692068725799493
redcanary.com/ Name: _an_uid
Value: 3465692068725799493
redcanary.com/ Name: _gd_visitor
Value: de296816-f19a-44d2-8ecf-be1289b20e6a
redcanary.com/ Name: _gd_session
Value: 547e1893-407c-4c9a-8ba5-573a35239dc3
.linkedin.com/ Name: UserMatchHistory
Value: AQLAlzrGR6iWdQAAAY3xuhGdF4BQtA1sUAheNbvnqRQzz6scZjzjutsbkp-Qr_LB6qWhVh4isf8fGA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLhWas7P0j--wAAAY3xuhGdG7LvdMd1ygV3Ht93pBQddi6wT0tJP-mHvMz13XUnWOmFWVjUY3Qe8hpg3WgSdg
resource.redcanary.com/ Name: BIGipServersj28web-nginx-app_https
Value: !kjU+ciR/j4mo3+lzLZqvSn7MxZbkrVPZ9sCggwCMRbiQOi44mzKhyx4ptgoa+ZnRiAmV1tv7eRZnrw==
.redcanary.com/ Name: _biz_nA
Value: 2
.bizible.com/ Name: _BUID
Value: e03f5217e22244409d67e43f2b42b066
.bizibly.com/ Name: _BUID
Value: 38c7651e073821a020d354f9a3dd06ac
redcanary.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
redcanary.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240228215839d4b38535-f3aa-45f6-8827-18b4156bed64AQFO-LyxK9Gg5FwU10E8g3Wfcn53fSKI"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDkxNTc1MTk7MjswMjEwJl0FniUmrl7Tw5PJRU0FcD1zDiTe7PeeEZLSWA5S1A==
.redcanary.com/ Name: _biz_pendingA
Value: %5B%5D
.6sc.co/ Name: 6suuid
Value: ecc61302d957010090acdf651c00000032d61700
.redcanary.com/ Name: _ga_T3K4MTNQJN
Value: GS1.1.1709157519.1.0.1709157520.59.0.0
.redcanary.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.redcanary.com/ Name: _ga
Value: GA1.2.112330320.1709157520
.redcanary.com/ Name: _gid
Value: GA1.2.18660841.1709157520
.redcanary.com/ Name: _gac_UA-52702906-1
Value: 1.1709157520.CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
.redcanary.com/ Name: _gat_UA-52702906-1
Value: 1
.redcanary.com/ Name: _ce.irv
Value: new
.redcanary.com/ Name: cebs
Value: 1
.redcanary.com/ Name: _ce.clock_event
Value: 1
.redcanary.com/ Name: _ce.clock_data
Value: 42%2C138.199.38.134%2C1%2Cd23861f90f98ef1cbb909ba4da09afb4
.redcanary.com/ Name: cebsp_
Value: 1
.redcanary.com/ Name: _ce.s
Value: v~8db9ab0d081931c7e0472f5138dc9c47e97bf515~lcw~1709157520719~lva~1709157520498~vpv~0~v11.fhb~1709157520717~v11.lhb~1709157520718~v11.cs~360154~v11.s~88619df0-d684-11ee-95ba-839d14b04fc6~lcw~1709157520719
.redcanary.com/ Name: __q_state_bAEbi2aHVysBKzuy
Value: eyJ1dWlkIjoiMDg5YjhlOTQtNDgzMy00NGRkLTkyMmEtOTBkZTYxMTYwODQ2IiwiY29va2llRG9tYWluIjoicmVkY2FuYXJ5LmNvbSIsIm1lc3NlbmdlckV4cGFuZGVkIjpmYWxzZSwicHJvbXB0RGlzbWlzc2VkIjpmYWxzZSwiY29udmVyc2F0aW9uSWQiOiIxMzQyNjE1NzM0MDI0MjQ5NTk3In0=

65 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/otSDKStub.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1042590016249604?v=2.9.147&r=stable&domain=redcanary.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript verbose URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-78c97c34a7c2aa38f3b3.chunk.js(Line 1)
Message:
Rendering was performed in a subtree hidden by content-visibility.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://redcanary.com/resources/guides/incident-response-preparedness-guide/?_bt=561227456370&_bk=incident%20response%20playbook&_bm=e&_bn=g&_bg=132693180434&gad_source=1&gclid=CjwKCAiA0PuuBhBsEiwAS7fsNZk_PpiHgC8EWWDx6Un4oZaCFyzt3xqAcachVmxUmtUODwOSI4pK4BoC4G4QAvD_BwE
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

003-yru-314.mktoresp.com
adservice.google.com
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
app.qualified.com
assets-tracking.crazyegg.com
assets.qualified.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
distillery.wistia.com
embed-ssl.wistia.com
epsilon.6sense.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.qualified.com
munchkin.marketo.net
pagestates-tracking.crazyegg.com
pipedream.wistia.com
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
redcanary.com
region1.analytics.google.com
resource.redcanary.com
s.ml-attr.com
s3-us-west-2.amazonaws.com
script.crazyegg.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
b.6sc.co
104.17.71.206
104.198.136.223
104.244.42.3
104.244.42.5
13.107.42.14
13.248.142.121
142.250.185.130
152.195.15.58
18.173.154.4
18.239.18.97
18.239.94.93
185.89.211.12
192.28.147.68
199.232.188.157
2.19.198.240
2.23.65.88
2001:4860:4802:34::36
2600:9000:20c3:b600:12:3734:2a40:93a1
2600:9000:20c3:e400:1e:c86:4140:93a1
2600:9000:211a:8000:3:471f:5240:93a1
2606:4700::6812:1105
2606:4700::6812:82ec
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7ec6
2a02:26f0:7100::210:180
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42:600::396
2a04:4e42::644
35.186.247.156
44.205.50.190
52.217.73.112
52.48.86.55
52.92.213.96
68.67.153.60
00bbc66153e493c73e6ee4448a25fac555d74e1fd957f6f804754ff27bb9884f
048e35e70f8e887bfd67ce4151ae4a3e11e686ec59ca0930cb00a16eb3ec24b1
0b1a2b50c4ea90adeae0ef5b8fdddbfdf0cc6296b5ab057d40318da3a5611cd2
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f57969cdf0d61b86fc25ded8a8c5058a5edd346d1845b232610a54f08d0fcb8
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
13467a5b5a339f4a1dfc20ed0bd3b32b92b17747787937f450657d5690d8b748
143207e9ed01f1aef93482c33d284331d1b8d329f2a109e91911c34c6bfec8a5
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
1b12ee272c79786bc266207f27c98ed219d2090d0d605e9c7a9e71f2add176fa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0cc58f170530f1abed279be1d4e4c79f817fae7d45a2d8faf1c0cbe768bb7e
21790acaf504d9bf6b60f236fa7daeedf075c3e7d81be6e787fcebc0c73f27b3
2400a36b6ad539bf01612df2f0ae253d0928fcdd2e966b299af7e84111216651
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2d949be13d7a08a499647507fa0974b6daf96348852e5cbeab6fb24924658b99
31452b617c689684ff66cf08e31b65073e29dff337f3af56af3f78e61a787b02
3c47a113a12a32777ab6660be987cf72ff758c6a90b1f8d802282d6ab1bfbeb2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4160094e8e7a55a3dd60c62de930a81375ddce09c11dc6d7b28332da6dbbdf14
41bbf4fe3bfcec4b5bc46c6c4b72b280ee14540b38841cc4457e0865dc0d87b2
4397d54da90919f1a74f5bb52e982b707c611277760c89e1dc5802d09149f631
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
4dcd62c349a25006a7c9d65b6bdbe4310db017cc0d7f43f3ce77ce195e33a7e5
4fc2e70057283f86c437bfc940579c5ae6d0ed34c4022cee1f5ee82d09451887
5060a8fb5383d234ddd10970c42c72999671daa926942dd54e267462a9345e87
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
5733c246d251b044d216980576d4c99de7eea567a21bab19e9fd2ec4d180f5d8
5a7e4301988674bdfde552e51053fba690337f07233420265674976ee40dabe5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bd5183bca8c02f0ef97780c3accbea06d638c45225b525d2882273fc22ac2df
5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8
6217f642930c0d2411329fb00cf9a7e2e138a98f56eece6e82b3a7359f20cb11
6413c98b6ecb3cce99a4c0a2dafab35722f03d66ed533355886e8da5e09f7bd9
66a68f0cb1b6b5d0ad8828ebe4963dc3336e919d62f8d6ae2d89f6905c2f8c38
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
805ce4322a9be88ec58266cf40c95f62920aadea2a0d00f6ddeda8f82df66b09
80b0b5743a9610a13169cc4cd0e2d6eece386456e75dfae2fb9bb1451a5e75e5
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85
9270d9bb6558beb515885fea3e68018050ca5212847d6186f5c57e37045c74c1
92b7a8b9379e08afaccbf9e772cf56e170d26d35c1013cca7fa3ae32a0223022
942ec7f4988f0e4bc309a929ae28df5b2f9345c5feb5eebb91757440d9200c19
949ec61d445d0655eda20af716412ac3c00809c78f9ab3490f0ac57c44a26d05
9620245b6e4e5269f16f32f4d110ea5be4e76cbb184bf3f244064f36095aaafa
9a30ba449c691a185ab26fe20a27e7c61e5c84d9e1a5c25507ae160382150605
9a586f0b3e8add35ad17a2eec2cee97cbe175f48d7c47e34492dd973aa0f8381
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5b92c630352643239991ce64d7ad336648e321cfacd87c3bda7c48c0e42cc15
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0b3c8a08afff51d87d6f144eb76c25bdfd19943cc6cb93e5f22b00c0728d06e
b15af634d5bab399198b33d3fc2655e06bb8b3128b5e47749f7cd7937341b34a
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b
b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c12d636cb5268c2f7f86c34ec5b1af2826a685eae5e503aece3c477fdd97a971
c68a5d648f9477063bb0b5398b88916d6906c139625b87093e806f171d0fc950
cbf03a9183ab1001c94256a9115a9e20630755677eb6fa41071c6143b77dba6d
cde9aab12a0d94792f287e698e87ba0e8411f515917e78bc65eaf12a93ec6e1f
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4276ce96a338227e3d626ec7a13a565d63376d9d950862704224b4ab2be03b0
d432e9986df3d31b5999c0bfee25a91efca37ce0a2c0e9c6f2d1e6b5056f03da
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec888202913f9630b63196880ea2e96210c59df2905e55154fe88432c1b0e3d
e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1d68628b88bb3d7283fc9761f9b031af8d4cfa61987bbe1d38c54a3141ac4
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ecf6782eee74878f85da64d073a0707c4965f712d7eec6926ea4c9151228e100
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ab0a26662426d1b923b7a4efde23bd97b936efd67c3bcd569c2176358b327d
fbfa7b37a6578651ae15fb27f6c965536f500f76fa089c0d2bda5a5f2933df90
fd2012d2fcc529e9ae674cd343fbe0ada1e49241cdb8f0704c48d8deb808ea8b
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a