www.sophos.com Open in urlscan Pro
104.89.117.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adv...
Submission: On March 07 via api (March 7th 2024, 6:00:45 pm UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 147 HTTP transactions. The main IP is 104.89.117.54, located in Paris, France and belongs to AKAMAI-ASN1, NL. The main domain is www.sophos.com. The Cisco Umbrella rank of the primary domain is 216929.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.

This is the only time www.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	104.89.117.54 104.89.117.54	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.46.44 18.245.46.44	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	23.43.136.53 23.43.136.53	16625 (AKAMAI-AS) (AKAMAI-AS)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.20 18.66.97.20	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:7400:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.29.202.14 192.29.202.14	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4280:8a9a:9423:ddfa:2f24	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
73	18.245.86.73 18.245.86.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.172.112.11 18.172.112.11	16509 (AMAZON-02) (AMAZON-02)
8	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::720	54113 (FASTLY) (FASTLY)
147	22

29 104.89.117.54 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-89-117-54.deploy.static.akamaitechnologies.com

www.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-44.fra56.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.136.53 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-136-53.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-20.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7400:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.202.14 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

s1777052651.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:8a9a:9423:ddfa:2f24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 18.245.86.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-73.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-11.fra60.r.cloudfront.net

bootstrap.driftapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	driftt.com js.driftt.com — Cisco Umbrella Rank: 6183	831 KB
29	sophos.com www.sophos.com — Cisco Umbrella Rank: 216929	344 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	176 KB
8	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 6826 event.api.drift.com — Cisco Umbrella Rank: 7453 targeting.api.drift.com — Cisco Umbrella Rank: 7144	2 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2716	79 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1295 api.company-target.com — Cisco Umbrella Rank: 3883	4 KB
2	driftapi.com bootstrap.driftapi.com	11 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	1 KB
2	eloqua.com s1777052651.t.eloqua.com — Cisco Umbrella Rank: 313952	859 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	196 KB
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 12073 tag-logger.demandbase.com — Cisco Umbrella Rank: 4778	22 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 16529	2 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	303 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	253 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1369	393 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 777	98 B
1	en25.com img03.en25.com — Cisco Umbrella Rank: 23606	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	925 B
147	19

	Domain	Requested by
73	js.driftt.com	www.sophos.com js.driftt.com
29	www.sophos.com	www.sophos.com
11	cdn.cookielaw.org	www.sophos.com cdn.cookielaw.org
6	dev.visualwebsiteoptimizer.com	www.sophos.com dev.visualwebsiteoptimizer.com
4	targeting.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.driftapi.com	js.driftt.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	s1777052651.t.eloqua.com	www.sophos.com img03.en25.com
2	api.company-target.com	scripts.demandbase.com js.driftt.com
2	www.googletagmanager.com	www.sophos.com www.googletagmanager.com
1	driftt.imgix.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	id.rlcdn.com	www.sophos.com
1	s.company-target.com	scripts.demandbase.com
1	img03.en25.com	www.sophos.com
1	fonts.googleapis.com	www.sophos.com
1	scripts.demandbase.com	www.sophos.com
147	23

This site contains links to these domains. Also see Links.

Domain
home.sophos.com
partners.sophos.com
docs.sophos.com
partnernews.sophos.com
support.sophos.com
community.sophos.com
twitter.com
techvids.sophos.com
centralstatus.sophos.com
event.sophos.com
news.sophos.com
ai.sophos.com
my.sophos.com
central.sophos.com
assets.sophos.com
privacyportal-de.onetrust.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.sophos.com R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.company-target.com R3	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-10`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
driftapi.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-21`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Frame ID: 6F850CA582CE2274FB4810CA7AAAFE52
Requests: 62 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 1B2296D421D540E30C163915B5EB0EF8
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Frame ID: 467F523489BEB76D4942693DF128E3B5
Requests: 41 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
Frame ID: 12925415846F0FE83578C63E42B014F0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attacker Dwell Time Increased by 36%, Sophos’ Active Adversary Playbook 2022 Reveals | SophosBack ButtonFilter Button

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

Page Statistics

147
Requests

99 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

1674 kB
Transfer

5119 kB
Size

25
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://home.sophos.com/en-us
Title: For Home

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/register.aspx?lang=en-us
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/
Title: Partner Portal Sign In

Search URL Search Domain Scan URL

URL: https://docs.sophos.com/central/partner/help/en-us/index.html
Title: Sophos Central Partner

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/english/directory
Title: Find a Partner

Search URL Search Domain Scan URL

URL: https://partnernews.sophos.com/en-us/
Title: Partner Blog

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/prm/English/c/sophos-learning-zone
Title: Partner Training

Search URL Search Domain Scan URL

URL: https://support.sophos.com/support
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://docs.sophos.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://community.sophos.com/
Title: Join the Community

Search URL Search Domain Scan URL

URL: https://twitter.com/sophossupport
Title: Twitter Support

Search URL Search Domain Scan URL

URL: https://techvids.sophos.com/
Title: Techvids

Search URL Search Domain Scan URL

URL: https://centralstatus.sophos.com/
Title: Sophos Central Status

Search URL Search Domain Scan URL

URL: https://support.sophos.com/support/s/filesubmission?language=en_US
Title: Submit a Threat

Search URL Search Domain Scan URL

URL: https://community.sophos.com/sophos-xg-firewall/
Title: Sophos Firewall

Search URL Search Domain Scan URL

URL: https://community.sophos.com/intercept-x-endpoint/
Title: Sophos Endpoint

Search URL Search Domain Scan URL

URL: https://community.sophos.com/sophos-cloud-optix/
Title: Sophos Server

Search URL Search Domain Scan URL

URL: https://community.sophos.com/sophos-central/
Title: Sophos Central

Search URL Search Domain Scan URL

URL: https://community.sophos.com/email-appliance/
Title: Sophos Email

Search URL Search Domain Scan URL

URL: https://event.sophos.com/
Title: Sophos Events

Search URL Search Domain Scan URL

URL: https://news.sophos.com/
Title: Sophos Blog

Search URL Search Domain Scan URL

URL: https://ai.sophos.com/
Title: Sophos AI

Search URL Search Domain Scan URL

URL: https://my.sophos.com/
Title: Sophos Home

Search URL Search Domain Scan URL

URL: https://central.sophos.com/
Title: Sophos Central

Search URL Search Domain Scan URL

URL: https://community.sophos.com/sophos-xg-firewall/b/blog/posts/important-sophos-firewall-licensing-portal-changes
Title: Licenses & Account

Search URL Search Domain Scan URL

URL: https://assets.sophos.com/X24WTUEQ/at/2jg4j7chtpbcp9sns3gxtc89/sophos-nist-sp800-171-compliance-card.pdf
Title: NIST SP800-171

Search URL Search Domain Scan URL

URL: https://assets.sophos.com/X24WTUEQ/at/3j7gg38r5x6ntwrvqjhhfr9q/sophos-iso-27001-compliance-card.pdf
Title: ISO/IEC 27001:2022

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/category/threat-research/
Title: Threat News

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2022/06/07/active-adversary-playbook-2022/
Title: Active Adversary Playbook 2022

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/10/04/atom-silo-ransomware-actors-use-confluence-exploit-dll-side-load-for-stealthy-attack/
Title: ransomware gangs

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/05/18/the-active-adversary-playbook-2021/
Title: up from 69% in 2020

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/02/16/what-to-expect-when-youve-been-hit-with-conti-ransomware/
Title: Conti

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/07/04/independence-day-revil-uses-supply-chain-exploit-to-attack-hundreds-of-businesses/
Title: REvil

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/05/11/a-defenders-view-inside-a-darkside-ransomware-attack/
Title: DarkSide

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/03/23/black-kingdom/
Title: Black KingDom

Search URL Search Domain Scan URL

URL: https://event.sophos.com/partner-training
Title: Partner Training

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/English/register_email.aspx
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/english/directory/
Title: Find a Reseller

Search URL Search Domain Scan URL

URL: https://privacyportal-de.onetrust.com/whistleblower/8814ea97-7d41-4933-8a06-f5b8e65f6da8/9b799aed-af57-40fc-9118-018fac323e49/landing
Title: Speak Out

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915&C=1

147 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Show response
www.sophos.com/en-us/press/press-releases/2022/06/ 100 KB
20 KB 1135ms
1048ms Document
text/html 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

16487040a0c236b6191999e04d579ac1a3008c65a385e25c39d4b5c3c04ddcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-language: en
content-length: 19147
content-type: text/html; charset=UTF-8
date: Thu, 07 Mar 2024 18:00:39 GMT
etag: "1709834438-gzip"
expires: Thu, 07 Mar 2024 18:00:39 GMT
last-modified: Thu, 07 Mar 2024 18:00:38 GMT
pragma: no-cache
vary: Accept-Encoding
x-age: 0
x-ah-environment: prod
x-akamai-transformed: 9 18940 0 pmb=mTOE,2
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 924
x-generator: Drupal 10 (https://www.drupal.org)
x-geo-country: DE
x-request-id: v-9ac47a34-dcac-11ee-90d4-cbd61cafd39f
x-sophos-o: d

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 427ms
354ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /RTAD1TAPuPWblD15GN1pg==
age: 72533
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6842
x-ms-lease-status: unlocked
last-modified: Mon, 04 Mar 2024 21:04:55 GMT
server: cloudflare
etag: 0x8DC3C8EBE4D93D8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d00ecef6-601e-004b-47aa-6ec5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c7ebb4d5c74-FRA

GET
H2 200 css_2fcRI6zeBsKv8gCBp3y_NOcmxuZAySbYCqtWM95tx8A.css
www.sophos.com/sites/default/files/css/ 12 KB
3 KB 108ms
108ms Stylesheet
text/css 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_2fcRI6zeBsKv8gCBp3y_NOcmxuZAySbYCqtWM95tx8A.css?delta=0&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

7606664c348bc26ef690146b3412136c9f4ff817918802918ad0da622676bee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 37
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 0
x-ah-environment: prod
x-sophos-o: d
content-length: 3115
x-request-id: v-9b64f2d4-dcac-11ee-974e-23435f733eab
last-modified: Mon, 04 Mar 2024 19:33:17 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=5184000
accept-ranges: bytes
expires: Mon, 06 May 2024 18:00:39 GMT

GET
H2 200 css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css
www.sophos.com/sites/default/files/css/ 247 KB
31 KB 155ms
154ms Stylesheet
text/css 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

eac97b078a50e86c937a94115f5e128d4c55b53a7a973bec7715f411e21957ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 18:00:04 GMT
x-edgeconnect-origin-mex-latency: 17
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 521347
x-ah-environment: prod
x-sophos-o: d
content-length: 31808
x-request-id: v-c034a770-d7ee-11ee-89c4-d7a77e8712d7
last-modified: Thu, 29 Feb 2024 20:13:47 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=5183965
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 59089089 Show response
www.sophos.com/akam/13/ 26 KB
9 KB 122ms
122ms Script
application/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/akam/13/59089089
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-89-117-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad81ecf5efa868a1c3a7dea3f6ae8c1fda9b523409a9c8574dee0669ce9c1aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 19:35:21 GMT
etag: "e54ccafe6415abc3b33177b9769334285f352f5619360cea5a64c9b6cc147827"
stored-attribute-sha-checksum: ad81ecf5efa868a1c3a7dea3f6ae8c1fda9b523409a9c8574dee0669ce9c1aaf
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 8755
expires: Thu, 07 Mar 2024 18:00:39 GMT

GET
H2 200 sophos-intruder-dwell-time-by-company-size-mean.png.webp
www.sophos.com/sites/default/files/styles/convert_webp/public/2022-11/ 15 KB
15 KB 183ms
182ms Image
image/png 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/sites/default/files/styles/convert_webp/public/2022-11/sophos-intruder-dwell-time-by-company-size-mean.png.webp?itok=STVUAiWu

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

82408b09fc2a73408c25ea2dadcaabc05358715daf8f898d93338472f12acabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 18:00:39 GMT
x-edgeconnect-origin-mex-latency: 93
date: Thu, 07 Mar 2024 18:00:39 GMT
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 199176
x-ah-environment: prod
x-sophos-o: d
content-length: 15258
x-request-id: v-dd19a4da-dadc-11ee-8d89-8b32da323497
last-modified: Thu, 23 Mar 2023 19:48:22 GMT
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 sophos-dashboard-anatomy-of-active-attack-in-2021.png.webp
www.sophos.com/sites/default/files/styles/convert_webp/public/2022-11/ 62 KB
62 KB 197ms
196ms Image
image/png 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/sites/default/files/styles/convert_webp/public/2022-11/sophos-dashboard-anatomy-of-active-attack-in-2021.png.webp?itok=_vtN6iqf

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce4628b459c68baf062b5580aef229882a385ad141ec94b14b968c9472acc8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 18:00:15 GMT
x-edgeconnect-origin-mex-latency: 79
date: Thu, 07 Mar 2024 18:00:39 GMT
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 199176
x-ah-environment: prod
x-sophos-o: d
content-length: 63482
x-request-id: v-dd117a62-dadc-11ee-b540-2fb87daa3373
last-modified: Thu, 23 Mar 2023 19:48:22 GMT
content-type: image/png
cache-control: max-age=5183976
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js_s-3X0Zveuj8C70vXoF7Qk5Rx2J0cpX3A0vRgWtMHMzM.js Show response
www.sophos.com/sites/default/files/js/ 156 KB
49 KB 191ms
190ms Script
text/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_s-3X0Zveuj8C70vXoF7Qk5Rx2J0cpX3A0vRgWtMHMzM.js?scope=footer&delta=0&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

f14bbab6d7dd7614dcccf6396aaa863e36c3b04a99735f48c9ee073d6b498efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 110
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 0
x-ah-environment: prod
x-sophos-o: d
content-length: 49684
x-request-id: v-9b7f0656-dcac-11ee-9bbd-471cd61193d5
last-modified: Mon, 04 Mar 2024 19:33:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=5183967
accept-ranges: bytes
expires: Mon, 06 May 2024 18:00:06 GMT

GET
H2 200 WuEFNglz.min.js Show response
scripts.demandbase.com/ 79 KB
22 KB 22ms
8ms Script
application/javascript 18.245.46.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/WuEFNglz.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-44.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c70580be1d50bfac58337dcbff66741b74ac15e8f62c095c1083c856a0868de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 7jbc5Dy3krv5QclMEVS9L9AUuPV5ydfD
content-encoding: gzip
via: 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
date: Thu, 07 Mar 2024 17:31:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
age: 1771
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 22 Feb 2024 10:58:39 GMT
server: AmazonS3
etag: W/"fc56977dafeebc78296c83824ab1cce5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: T6ZMZDsGZAmZj3rYsmub0RL4rPzKk6umptBdwG-eMPYv9SMlaxktaw==

GET
H2 200 js_FEtJ0aaoimjPuMl7oEkY0S6SqtBrmaV8Ogd0cci87gw.js Show response
www.sophos.com/sites/default/files/js/ 5 KB
2 KB 79ms
79ms Script
text/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_FEtJ0aaoimjPuMl7oEkY0S6SqtBrmaV8Ogd0cci87gw.js?scope=footer&delta=2&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

5187e85c76a8bab9c3b33b362b9097928c0b25cb88a363014b3b6aa5f8c56d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 18:00:39 GMT
x-edgeconnect-origin-mex-latency: 21
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 361161
x-ah-environment: prod
x-sophos-o: d
content-length: 1768
x-request-id: v-b69cb7e0-d963-11ee-8d81-5f1ad55036a2
last-modified: Thu, 29 Feb 2024 20:08:47 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=5184000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.sophos.com/modules/contrib/google_tag/js/ 895 B
723 B 43ms
43ms Script
application/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/modules/contrib/google_tag/js/gtm.js?s9u8ww

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 85
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 19:25:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4935141
x-age: 4877
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 443
x-request-id: v-d74768dc-da5d-11ee-a48d-57a6f864ee56
expires: Fri, 03 May 2024 20:53:00 GMT

GET
H2 200 gtag.js Show response
www.sophos.com/modules/contrib/google_tag/js/ 944 B
734 B 54ms
54ms Script
application/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/modules/contrib/google_tag/js/gtag.js?s9u8ww

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 63
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 19:25:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=4935166
x-age: 4867
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 455
x-request-id: v-dd6481be-da5d-11ee-aae1-8b78a71eafa7
expires: Fri, 03 May 2024 20:53:25 GMT

GET
H2 200 js_2uqYh58nDoD6umtTD0yHHEXO8bBOHmJNETlO-GUR3X0.js Show response
www.sophos.com/sites/default/files/js/ 31 KB
10 KB 358ms
358ms Script
text/javascript 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/sites/default/files/js/js_2uqYh58nDoD6umtTD0yHHEXO8bBOHmJNETlO-GUR3X0.js?scope=footer&delta=5&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ba6da936e385ead7529a0bac3f1fbcc0e5b888168b132bb2d49bc1c16579e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 70
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0
x-age: 0
x-ah-environment: prod
x-sophos-o: d
content-length: 9459
x-request-id: v-9bb70a74-dcac-11ee-8698-c3af7fca37ae
last-modified: Mon, 04 Mar 2024 19:32:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=5184000
accept-ranges: bytes
expires: Mon, 06 May 2024 18:00:40 GMT

GET
H2 200 2e456f46-6b86-42c8-be0a-01efd4471533.json Show response
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/ 4 KB
2 KB 354ms
42ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0477c83a81af0172d38450ec160c675e8a13c7770560edf65da49f9c1902955c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 60660
content-md5: ZOvQdrhBYZxLwuj0GsGLjA==
content-length: 1702
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 16:43:43 GMT
server: cloudflare
etag: 0x8DC0D445027A530
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0d516377-001e-0086-7a2d-3ff53a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c8348254d9d-FRA
expires: Fri, 08 Mar 2024 18:00:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
925 B 47ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata&display=swap

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 17:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Mar 2024 18:00:39 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img03.en25.com/i/ 6 KB
3 KB 115ms
39ms Script
application/x-javascript 23.43.136.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/elqCfg.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.43.136.53 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-43-136-53.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 07 Mar 2024 18:00:40 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 09 Jan 2024 21:54:29 GMT
ETag: "20f7706b4643da1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 07 Mar 2024 18:00:40 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 10 KB
4 KB 165ms
149ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&f=1&r=0.718051107788636
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 4303586b56322ad2a9be5c98acbb0ffe85b879777fe226ef424fc375a4fb305c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1709790872"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 1B22 634 B
968 B 114ms
98ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 98e1b1493289a94a660cbde0360c4cff187ab96e34252074f2cf02407b604917

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 07 Mar 2024 18:00:40 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 33ms
18ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 arrow-down--white.svg
www.sophos.com/themes/custom/sophosdotcom/images/styles/ 1 KB
838 B 35ms
34ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/styles/arrow-down--white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

a78f803fcd9df04a1aeebd902eb9eccbcd8026ead39616df2d7c0ce63112fd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 128
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3416766
x-age: 33535
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 563
x-request-id: v-fb6cb5e8-cc4b-11ee-ae8d-9793db0b2271
expires: Tue, 16 Apr 2024 07:06:45 GMT

GET
H2 200 mdr-solid-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ 1 KB
982 B 53ms
52ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/markup-block/mdr-solid-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

875c0f9098609238400da76edadee60f819db705ef0e5e51e9614e12795f9b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 109
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3416815
x-age: 33512
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 707
x-request-id: v-0902989e-cc4c-11ee-9ea1-73c0419dba85
expires: Tue, 16 Apr 2024 07:07:34 GMT

GET
H2 200 header-arrow-light-blue-right.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 739 B
708 B 54ms
53ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/header-arrow-light-blue-right.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9c326c31aab5102ccb99996cf1136389664815286a8c705ab8894b867a63384

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 135
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3416858
x-age: 33532
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 432
x-request-id: v-fe0011a6-cc4b-11ee-b68d-179e8e84f171
expires: Tue, 16 Apr 2024 07:08:17 GMT

GET
H2 200 ir-solid-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ 718 B
728 B 55ms
54ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/markup-block/ir-solid-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

41a87ac69db66501ab3ad762750632f2e29cfeb723af27c40c0ff7ae0aa4ae42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 114
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3416806
x-age: 33472
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 453
x-request-id: v-20edbed4-cc4c-11ee-9288-e3fb479d9648
expires: Tue, 16 Apr 2024 07:07:25 GMT

GET
H2 200 search-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 1 KB
963 B 54ms
53ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/search-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9367431a7434745e8a9edf47a516e74522f5a8b3043d2afb592893b2299cc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 112
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3416726
x-age: 33534
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 688
x-request-id: v-fb6d9bfc-cc4b-11ee-a24f-cfc0c6ebe010
expires: Tue, 16 Apr 2024 07:06:05 GMT

GET
H2 200 globe.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 666 B
572 B 54ms
54ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/globe.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1daac2c5f75669e908da075dde0db30f2fad3f66a28da9908fbb5e91c2d670e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 149
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3418703
x-age: 35440
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 295
x-request-id: v-f2958daa-cc4b-11ee-b717-ab525dd68d9f
expires: Tue, 16 Apr 2024 07:39:02 GMT

GET
H2 200 checkmark.svg
www.sophos.com/themes/custom/sophosdotcom/images/icons/ 988 B
837 B 55ms
55ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/icons/checkmark.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c2017bb173ff8b83a8057c428c6fdf40fc17cc19f1b8564b0709b7963d2fe74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 27
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3383645
x-age: 420
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 564
x-request-id: v-fdfefe60-cc4b-11ee-9862-4bc3805946b2
expires: Mon, 15 Apr 2024 21:54:44 GMT

GET
H2 200 arrow-white.svg
www.sophos.com/themes/custom/sophosdotcom/images/styles/ 714 B
690 B 56ms
55ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/styles/arrow-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

e976248be7b1f5a311b6b3045d1818aacc67e65be6715dcf915d1416104648ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 28
date: Thu, 07 Mar 2024 18:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3383729
x-age: 439
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 415
x-request-id: v-f29fd756-cc4b-11ee-90d6-eb435a6e637d
expires: Mon, 15 Apr 2024 21:56:08 GMT

GET
H2 200 section-wave-background.svg
www.sophos.com/themes/custom/sophosdotcom/images/background-image/ 43 KB
17 KB 90ms
89ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/background-image/section-wave-background.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

5de5166c65e9187c43645afe35988fb6086a61369ae0030f120e79f858b55115

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 17:59:59 GMT
x-edgeconnect-origin-mex-latency: 20
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
x-age: 1216439
x-ah-environment: prod
x-sophos-o: d
content-length: 17262
x-request-id: v-5d75944e-d19c-11ee-9c55-1b8e1bf31a8c
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=5183959
accept-ranges: bytes
x-cache-hits: 49

GET
H2 200 menu-arrow-white-right.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 251 B
535 B 89ms
88ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/menu-arrow-white-right.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

92cb22e62af49e5f81b39d3afb2c10f670fb64e429a0bb472d6a973c7c2eb7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 06 May 2024 17:59:49 GMT
x-edgeconnect-origin-mex-latency: 18
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
x-age: 1224855
x-ah-environment: prod
x-sophos-o: d
content-length: 209
x-request-id: v-c51d21fc-d188-11ee-8a20-1bc9ec975ff6
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=5183949
accept-ranges: bytes
x-cache-hits: 62

GET
H2 200 arrow-right-small--gray.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 1 KB
927 B 83ms
83ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/arrow-right-small--gray.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

aae75d410268a4fbdb438d924b47030fc943b5fa14afd752cf12c30e417e8c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 16
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3383668
x-age: 401
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 654
x-request-id: v-08ffcc68-cc4c-11ee-9ec1-47f33dd47635
expires: Mon, 15 Apr 2024 21:55:08 GMT

GET
H2 200 arrow-down-small--gray-light.svg
www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/ 612 B
615 B 83ms
82ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/menu-icon/arrow-down-small--gray-light.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

2ab93e92d92c91a5589f8db6322bd7e6b92de4a415af5323294d44afdc985787

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 19
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3383785
x-age: 439
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 341
x-request-id: v-f2a2e702-cc4b-11ee-8067-2734e2e89569
expires: Mon, 15 Apr 2024 21:57:05 GMT

GET
H2 200 privacyoptions.svg
www.sophos.com/themes/custom/sophosdotcom/images/ 852 B
690 B 86ms
86ms Image
image/svg+xml 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/images/privacyoptions.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5f331cdaedaf57b0008692dac083e0031311729fdf82fa799dca3c96d1c341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 24
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=3383611
x-age: 418
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 416
x-request-id: v-fef5d0be-cc4b-11ee-bebd-270cc3e6331f
expires: Mon, 15 Apr 2024 21:54:11 GMT

GET
H2 200 SophosSans-Regular.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 37 KB
37 KB 55ms
54ms Font
text/plain 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

e5c877c54dd7b212b5daf7f6f7c1e11b0c0218cb76cc4f9a7e6b675b6fdbcc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
Origin: https://www.sophos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 23
date: Thu, 07 Mar 2024 18:00:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
cache-control: max-age=3383639
x-age: 420
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 37420
x-request-id: v-fe01f0d4-cc4b-11ee-b3c9-a7b29665ae17
expires: Mon, 15 Apr 2024 21:54:39 GMT

GET
H2 200 SophosSans-Medium.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 38 KB
38 KB 63ms
63ms Font
text/plain 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

2905f68914bc7c942b6e300bc9108b348e10459398d7f166c927a5648318ba9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
Origin: https://www.sophos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 21
date: Thu, 07 Mar 2024 18:00:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
cache-control: max-age=3383767
x-age: 439
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 39004
x-request-id: v-f2a42d4c-cc4b-11ee-9c95-17eb7e85fc3d
expires: Mon, 15 Apr 2024 21:56:47 GMT

GET
H2 200 SophosSans-Semibold.woff2
www.sophos.com/themes/custom/sophosdotcom/fonts/ 37 KB
37 KB 69ms
69ms Font
text/plain 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/themes/custom/sophosdotcom/fonts/SophosSans-Semibold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ac0577dc73c92aec827d0f4854b00f46908af8fd74edcb44c6374581040c422

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sophos.com/sites/default/files/css/css_UL_QW7XAqrQkcPA6Nx0fQdan1DXC-1UtQ0m7z1aX3dI.css?delta=1&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g
Origin: https://www.sophos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 21
date: Thu, 07 Mar 2024 18:00:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 18:59:32 GMT
cache-control: max-age=3383714
x-age: 439
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 37940
x-request-id: v-f29e7596-cc4b-11ee-888d-6b95fde81236
expires: Mon, 15 Apr 2024 21:55:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 400 KB
115 KB 68ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/modules/contrib/google_tag/js/gtm.js?s9u8ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25fcfe30dce7f360e3ba5b98886c8214f56bf052bf6a875a6a42b9321e8fcfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 117847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 18:00:40 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
2 KB 75ms
55ms XHR
application/json 18.66.97.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&page_title=Attacker%20Dwell%20Time%20Increased%20by%2036%25%2C%20Sophos%E2%80%99%20Active%20Adversary%20Playbook%202022%20Reveals%20%7C%20Sophos
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 269a651ad835647b3fd504444841eef586a86b437b75be44554362d31aa8b7aa

Request headers

Referer: https://www.sophos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: eb4508ae-7f07-47fc-966d-1229fa349b5b
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sophos.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZjmcCo5UQlK1qiCMhQtjmmv_GLvjg4DBMZL5JbNMgPfMSwX2ydkImA==
expires: Wed, 06 Mar 2024 18:00:40 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
421 B 425ms
401ms XHR
text/html 2600:9000:2156:7400:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=ZjmcCo5UQlK1qiCMhQtjmmv_GLvjg4DBMZL5JbNMgPfMSwX2ydkImA==&api-version=v2
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Thu, 07 Mar 2024 04:53:34 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53272
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: -8P_Qgor0gjiWGCWFmxk5kmEdS--jIBHZqQ8GrW3DHDgvSxijx28vQ==

GET
H/1.1 200
OK svrGP
s1777052651.t.eloqua.com/visitor/v200/ 49 B
448 B 92ms
35ms Image
image/gif 192.29.202.14
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1777052651&ref2=elqNone&tzo=-60&ms=73&optin=disabled

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.29.202.14 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 07 Mar 2024 18:00:35 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1B22
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915&C=1

43 B
336 B

39ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 18:00:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYdK%2BLrby0nTIatmiknjiWectRZBa1T7hJv8PojoZwb3pIIvIrmsQyN9TwNmIdA40WudLhhjebHBu%2Bai9i4Qx1itHYElbB9eyJ3CW7y4Z9pllDjUR4r%2FHS6Wv2sFGrCdgmYCKu7CeahL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 860c7c832f642be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Mar 2024 18:00:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUIiTTLPAH9ia97TudEb%2B0bU%2FqGN0oku2v%2BiGLiyV938TqbnjKUHqDd9qDcsk6OY9yM%2BaR7VGarMdd1rKWQpzuwkmKo39gMRJ3M4UifyimLcG0hbH2m2i51bKrAxbvACJijPSOjT22ocgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1725732040&external_user_id=55d6f62a-e0f7-4aa3-b947-c51db5a87915&C=1
cache-control: no-cache
cf-ray: 860c7c82dec72be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 1B22 43 B
393 B 294ms
97ms Image
image/gif 2600:1f18:612b:4280:8a9a:9423:ddfa:2f24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=55d6f62a-e0f7-4aa3-b947-c51db5a87915
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:8a9a:9423:ddfa:2f24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 07 Mar 2024 18:00:40 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1B22 0
239 B 90ms
25ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=55d6f62a-e0f7-4aa3-b947-c51db5a87915&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW8W88B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25927b83d2cae1dfa15147f7c7f1409abbf9f00d6ba210f1789d75d05e601cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 18:00:40 GMT

GET
H3 200 va-977b83675bc8966428cba5afbcb06ba2.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 238 KB
67 KB 23ms
14ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-977b83675bc8966428cba5afbcb06ba2.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&f=1&r=0.718051107788636
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e3a549a7fb01024baabf9dfdf974aacaba0239ea4e2f4bc3d21d3edfe858abb3

Request headers

Referer: https://www.sophos.com/
Origin: https://www.sophos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 06 Mar 2024 14:08:15 GMT
server: gfra1
etag: "65e878cf-10c6f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68719

GET
H3 200 apmLib-977b83675bc8966428cba5afbcb06ba2.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 121ms
113ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apmLib-977b83675bc8966428cba5afbcb06ba2.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&f=1&r=0.718051107788636
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822

Request headers

Referer: https://www.sophos.com/
Origin: https://www.sophos.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 06 Mar 2024 14:08:01 GMT
server: gfra1
etag: "65e878c1-658"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
145 B 96ms
95ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=25349&d=sophos.com&u=D8FC8EFF5CC3AEEB17C6EAC46EDC39CDC&h=4868e35a476a83e5009db0c748f86a08&t=false

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:39 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 18 KB
7 KB 12ms
11ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=25349&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-977b83675bc8966428cba5afbcb06ba2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6231cefa59f36d7bd2422d5b4e5dec6b0725fa6978e2ef8155ac28b6bb4c9d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1709790872"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V88TEQ7EYL&gtm=45je4340v9105765022z89102479716za220&_p=1709834439984&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=828834933.1709834440&ul=en-us&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1709834440&sct=1&seg=0&dl=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&dt=Attacker%20Dwell%20Time%20Increased%20by%2036%25%2C%20Sophos%E2%80%99%20Active%20Adversary%20Playbook%202022%20Reveals%20%7C%20Sophos&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1924
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V88TEQ7EYL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 18:00:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sophos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 w7p4sauc2iyi.js Show response
js.driftt.com/include/1709834700000/ 220 KB
62 KB 349ms
302ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1709834700000/w7p4sauc2iyi.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/sites/default/files/js/js_s-3X0Zveuj8C70vXoF7Qk5Rx2J0cpX3A0vRgWtMHMzM.js?scope=footer&delta=0&language=en&theme=sophosdotcom&include=eJydU1FyAyEIvVCMR9phlRgbFIvYdnv60mQznd2002l_HPABT-AZmFhmfvONINdDWN0pV8oV_c7_wnsujXAihug_j0PnduY-Rckn9dfT9SC56R1pkONUMGbwn6a7mnfwFecTS5kSc7KyUIEWzaH7FdjHNcFTJvoJ7gyTYGHFqXHX6YzUUO7RDomfxwP3L0kNRCvKH7OG0B8zErILPKrK8r8XOpsNioARL12x-Bm6bY6g92VjF-wdEnbbqqCvVgIov-PKGlkDF5-IZyDXdTEBpC12RojGV7COLRCxQI1Xrm0x5O1F4BdrF1reXt8cR1CTzYIveVdHUTSDLDfqVTQKySctWxfS3j_CE7xty0HNBTRz3T3OOWshBzcTh8vhpl2TnbEfA7THhMoRnTNt9m5LILT-nTsNose6YqMLMsr8ABWQy2gr57fjtt-RMLqO8pKDre-7oIAmINubfWu9iUM4jqDrsqOMBnSMwm0eqlw_AL1Jl6g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

67ef71c562c9dac26243f44f029b68a3b3f4f6083db04d0e77ca14cb4b6ef945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 20qtyJY8U29vmNnLZfihA.YjkBf84.9Q
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 07 Mar 2024 18:00:40 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Tue, 05 Mar 2024 20:54:03 GMT
server: istio-envoy
etag: W/"b55ba92afc26d4e52ce94a1c62e3822d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CI2HqL6tVQAFnTTdcHZFS3DIHu1JhSpOGrcIwSQW3rHQhoScyH-51w==

GET
H/1.1 200
OK svrGP Show response
s1777052651.t.eloqua.com/visitor/v200/ 0
411 B 27ms
27ms Script
application/javascript 192.29.202.14
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1777052651&ms=73

Requested by

Host: img03.en25.com
URL: https://img03.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.29.202.14 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Thu, 07 Mar 2024 18:00:35 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 get-country Show response
www.sophos.com/ 16 B
1 KB 33ms
33ms XHR
text/html 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/get-country

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-89-117-54.deploy.static.akamaitechnologies.com

Software

Resource Hash

a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 35, 35
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-geo-country: DE
x-edgeconnect-midmile-rtt: 0, 0
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-age: 0
x-ah-environment: prod
accept-ranges: bytes
x-sophos-o: d
content-length: 36
x-request-id: v-f053ff3a-dcaa-11ee-a5b5-0b9f28ac25cd

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 125ms
61ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.sophos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 860c7c83fc9c2bf3-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/ 424 KB
102 KB 71ms
71ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wp4bduWb8cLN8oREjFODhQ==
age: 48954
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104423
x-ms-lease-status: unlocked
last-modified: Thu, 19 Oct 2023 03:29:28 GMT
server: cloudflare
etag: 0x8DBD0539A07337D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ebd2dd6e-701e-000a-56c3-139d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c8459e95c74-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/cd9cea9d-e352-4556-9cc6-40e0c53696b8/ 145 KB
33 KB 53ms
53ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/cd9cea9d-e352-4556-9cc6-40e0c53696b8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a41a17237c787bae4de52d3320c8164eaa5f52727c608982c1dadc615a420c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 51310
content-md5: MshEBF9o3Z2LMkxC/9aCVw==
content-length: 33158
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 16:43:50 GMT
server: cloudflare
etag: 0x8DC0D445441C2A7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4c887b48-401e-0097-562d-3f6f8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c854b814d9d-FRA
expires: Fri, 08 Mar 2024 18:00:40 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 467F 2 KB
1 KB 113ms
113ms Document
text/html 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1709834700000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ca8d259705c340a9ba8b34112e02d21e8d707e12d6927edd3dab7b860ce492c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 18:00:40 GMT
etag: W/"3ce4779d1994dc24713d82e14733d95d"
last-modified: Tue, 05 Mar 2024 20:53:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-id: Ut2UGR6UHLdEe1J9ebB_A4s2OpeSPztEGwzzvXLYP8271W0dDvQr1A==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: oYX5AL0QHyvAsPoE68OQchDR6mtHsw7l
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 1292 2 KB
1 KB 111ms
110ms Document
text/html 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1709834700000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ca8d259705c340a9ba8b34112e02d21e8d707e12d6927edd3dab7b860ce492c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sophos.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 18:00:40 GMT
etag: W/"3ce4779d1994dc24713d82e14733d95d"
last-modified: Tue, 05 Mar 2024 20:53:37 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-id: mgKdobOgD1CgJmVkipmbw2SHbMPiGaaYJs6VTn0gE0h3MRTbgNZKjA==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: oYX5AL0QHyvAsPoE68OQchDR6mtHsw7l
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 15

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 13 KB
3 KB 32ms
31ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ku3O1VFWoltPW4n5m1lGVQ==
age: 59640
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 19 Oct 2023 03:29:22 GMT
server: cloudflare
etag: 0x8DBD053964DC527
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 92c4db17-701e-0057-132b-3f97b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c85bc2e4d9d-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 63 KB
13 KB 41ms
41ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PPPBHX7PSqGsM/CH8gX91w==
age: 59640
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13595
x-ms-lease-status: unlocked
last-modified: Thu, 19 Oct 2023 03:29:25 GMT
server: cloudflare
etag: 0x8DBD05397CFBF81
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f75515c2-501e-007f-1a2b-3ff618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c85bc314d9d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 21 KB
4 KB 34ms
34ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 59932
x-ms-lease-status: unlocked
last-modified: Thu, 19 Oct 2023 03:29:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: eedde9b3-101e-000c-482b-3fae8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860c7c85bc334d9d-FRA

POST
H3 200 apm
dev.visualwebsiteoptimizer.com/ 0
33 B 109ms
109ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apm
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-977b83675bc8966428cba5afbcb06ba2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sophos.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 40ms
40ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 58361
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 03:36:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dd384a0a-c01e-007d-7082-6f48a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860c7c860be95c74-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 40ms
39ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 21019
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 08:59:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 37237ad2-001e-005d-7871-703307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860c7c861cc24d9d-FRA

GET
H2 200 sophos-logo-blue-rgb_(1).png
cdn.cookielaw.org/logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/ 8 KB
8 KB 37ms
37ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4def6d9ad0b93fa285d5783527cab94b9b8040b650afbc808ed69e2ace347bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: d2UywqgE8Ul52QHCEM5u5w==
age: 24816
content-length: 7963
x-ms-lease-status: unlocked
last-modified: Fri, 05 Mar 2021 15:08:15 GMT
server: cloudflare
etag: 0x8D8DFE8804B6B6D
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b49b8383-601e-0029-6b2f-0d07f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860c7c861bfc5c74-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 54ms
54ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 50945
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 03:36:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 501df97e-901e-0002-037a-6f873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860c7c861c005c74-FRA

GET
H2 200 runtime~main.e07e16f3.js Show response
js.driftt.com/core/assets/js/ Frame 1292 6 KB
3 KB 7ms
6ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9e6a781a2013dea846dd8dda8b30b4db01e3ca0fd71e33c60beaa69302d956a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: pu36qHdy4HpiOhgn19_ttNtyde47Wcxh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Tue, 05 Mar 2024 20:17:52 GMT
server: istio-envoy
etag: W/"f090136907cdfdbea306bd7125c8c198"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Yk3sCt6UtaGB_vuTErD9ex4F8N8hxuzxjVunF6vxPyPkEBiYpySupQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 35 KB
13 KB 8ms
7ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:47 GMT
x-amz-version-id: xDLMc9.vfMRinFJv17uWwlTUqFMyHh91
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238913
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Tue, 19 Dec 2023 18:34:39 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KzlJLwbgXJwPvG0ya1Mk_nfVjjLCEPGqPqddX3diyG6Q4CJ3mpGsiw==

GET
H2 200 main~493df0b3.b86e2669.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 7 KB
3 KB 9ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.b86e2669.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d1d75ae838854e845b28c3472c3d235f92a944446d79165953ec813fc6323a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 20:30:29 GMT
x-amz-version-id: sa7zLOvJBKmMwU293nV0gngc542FulJ_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 595811
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Thu, 29 Feb 2024 20:12:42 GMT
server: istio-envoy
etag: W/"cb79c6ff64f9222a7df5f053d31681c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E1gdZAMs9-NMeKSSm9e5OhmzTPf5qTGIDYCfBreoVByOZqrO1Vcoqg==

GET
H2 200 runtime~main.e07e16f3.js Show response
js.driftt.com/core/assets/js/ Frame 467F 6 KB
3 KB 7ms
7ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9e6a781a2013dea846dd8dda8b30b4db01e3ca0fd71e33c60beaa69302d956a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: pu36qHdy4HpiOhgn19_ttNtyde47Wcxh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Tue, 05 Mar 2024 20:17:52 GMT
server: istio-envoy
etag: W/"f090136907cdfdbea306bd7125c8c198"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GnwnivbJeBj5o_nX6mMIZA8ob2FNOCWsdNw5-Uxgl6M9rZgdgteFTg==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 35 KB
13 KB 8ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:47 GMT
x-amz-version-id: xDLMc9.vfMRinFJv17uWwlTUqFMyHh91
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238913
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Tue, 19 Dec 2023 18:34:39 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QkTGMu2ggLH-7c9x4zlyHGUbG--HnUiMyXKy9eQ5dwAQEwOU2O20gg==

GET
H2 200 main~493df0b3.b86e2669.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 7 KB
3 KB 9ms
9ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.b86e2669.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d1d75ae838854e845b28c3472c3d235f92a944446d79165953ec813fc6323a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 20:30:29 GMT
x-amz-version-id: sa7zLOvJBKmMwU293nV0gngc542FulJ_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 595811
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Thu, 29 Feb 2024 20:12:42 GMT
server: istio-envoy
etag: W/"cb79c6ff64f9222a7df5f053d31681c8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Nl7ap265iUNxRq-wky15YsQyfkCMyaKlxwbCZuGQAmcyZqTJz_Jggg==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 23 KB
8 KB 8ms
6ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:42:32 GMT
x-amz-version-id: jAn.UV4FUigTQ2pXuPEfcgJGaVkaFeLh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 5501888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r8an3PqmkEW6Qm94FaH5YZJlHidVkh7qCsPgIq5xooNMoKD4MOLGnw==

GET
H2 200 34.9de9c855.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 36 KB
10 KB 8ms
7ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.9de9c855.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9f954d6e1256d528c39aa0b3768fae8fffc81ecddb0cda40058dc715d1cb212f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: aVYKLubPRStYzFi8RmbQTEpTBOY7Bsrb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"4db3dc70965816e2781d03c25ca5bf2e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ix2iaLlsbXREiBuX2s5hTp-MFphXszX-Q2u7xYaDU0zWLTdlP72rFg==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 32 KB
11 KB 9ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 23:47:36 GMT
x-amz-version-id: vXzNrqspXsAXcjt5Me_czePQe44sOTaA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 2571184
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 06 Feb 2024 19:57:37 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t3vgLKwoTW0pSh7-7If28nlXET0hI5qtV3gKtML22eU1D2WkYAzeXg==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 17 KB
6 KB 10ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: TS.9ApOzy..rylGKiVPdLcCX5dJ9HsBw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5edh4DucchD3A-DP7LZRpAxcn0vvukUxts91y9v2uvdV-imwZqKxpA==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 25 KB
8 KB 11ms
9ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: E9YrwVejTprhZqeWxhn5pc.KEORxTIm1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530549
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t8oKmZaoXFpSa8iLv3VAhhF9sx6mLIoAN7IUBF5ODajRMGrFgysBPA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 74 KB
23 KB 13ms
12ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: 4VyxTF9cOmpvyHPO7jaWSto1hTdtU.sl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0y2AY-C7OEDYjvJE9uBABmEm4Q8PAsG6qjRv2m1bax5XDKfByXumLA==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 66 KB
20 KB 14ms
13ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: cqsMaYjOHahH71A7EXhyHFywLOEay3sx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Tue, 19 Dec 2023 16:15:24 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: faMoDJMLA5Hj86CSHlVARz615IAsxpLXOniFfiizz5zcHHqhtueLUw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 91 KB
28 KB 15ms
14ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: iLluOjfpMSRsML8bOSqA9V8JfTEqMP9L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z8UZkDKdqzxxvXBi6VXhsXVHku24e4zpVcFvUG2oFByIxhCr8y5hkQ==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 23 KB
7 KB 16ms
15ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530550
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 11 Jan 2024 23:20:32 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -_ERebga4rwU8ECS-0UiP0Upv1kyW0O-Hb5bEpoqfwbOSwxEWcfiFQ==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 62 KB
20 KB 18ms
16ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: q8W9FNPLIM8OX5drRDX0sp4TnKuKPMbY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SHZCml-PKzVpz7zdcoS2bgTPlRrDdZnG4TgI-RmfdrkSLMVdqY4CVA==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 105 KB
34 KB 19ms
18ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: sZGsqYJSO5RNt4iGri.m215HFs7tyyoY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Tue, 19 Dec 2023 16:15:24 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EqYDRe3Z43MoPMDCxzKpVHIPk-3S2OBXJvmF0VOWY8RfX-1VXS5pXQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 12 KB
4 KB 20ms
19ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:25:55 GMT
x-amz-version-id: d4Mpj6_OHbbARq4FSdDizJv80LDhJS9j
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7914885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Wed, 06 Dec 2023 19:18:01 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lXKBXYmfJr5NltPm-btVzHgqqCuT4I3FLp07XOiGwJ1vK5e2w3ZH7Q==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 13 KB
6 KB 20ms
20ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: pQnA6v43oECrxe8G1Al4Smp1uPVlKNM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W8AIeTQ8CYPQos38GqWdrNy5OKTbNF0JoMo93GukqOhyc_vV8CWCog==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 17 KB
7 KB 21ms
21ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530550
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fDH_SlCI-yI5HVZzuDZQnCoYPQRvl-th-1cs1pGmu3tfLRm9m7P_2g==

GET
H2 200 8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 31 KB
4 KB 22ms
21ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id: Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 3529344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 26 Jan 2024 18:11:46 GMT
server: istio-envoy
etag: W/"1e97f00f07b87f701d0bf06259f954e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b9_oOUyg00LCQUSoV8vUd4JM8UKRdRrMuGz1NPS652y7Oo41GsPyEA==

GET
H2 200 8.ce202881.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 82 KB
26 KB 24ms
23ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.ce202881.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3337f36bd89c27dbe1dca4b71fb177d826b736950f2150aff6acce0180a86fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:20:36 GMT
x-amz-version-id: mQIEwfFQyClv1G1Ejf6MWBI5BBswFf_l
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 3188404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 93
last-modified: Tue, 30 Jan 2024 16:30:58 GMT
server: istio-envoy
etag: W/"182944c0e758d6ff6a202ce976d91cc6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TPc5Cp8F77S_c38mdzawcjK28XFQmAtVcfPP5K7B38lXEouRiVLbbw==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 24 B
697 B 23ms
22ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 10:04:47 GMT
x-amz-version-id: oL98YdzlpaGyxUOIAT2tnEGpxnQwpHij
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 6249353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Tue, 19 Dec 2023 18:34:35 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i6fIjQbVkgLi08vNK3hbaLBxQf67PuoLpsh7jkOT1BEA_94UbXNKWA==

GET
H2 200 16.ce5b49fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 93 KB
24 KB 32ms
32ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.ce5b49fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6b141e7fce6d9ec4c281ca4bcf494f31fc7a24c7aa1fdda838dd5e7ceff2a3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: dOxjx378gZY_AVke4cRWFBVQ4oz9fy0X
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"2004af3a9dab938169f2ea62c789c850"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: anFG5pw3vFD_CxRMr_wHbGndDhr_kpS6bbNVMlH9JutwbbNVxGfnHg==

GET
H2 200 24.f156ac0b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 51 KB
14 KB 50ms
50ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.f156ac0b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0a5cea44ef10b590cbdd293e5356beec37b4515a45af600cb6bd839d774bfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: 912IrOxTzK0d0pxydhEmBJnYzrZScyQp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Tue, 05 Mar 2024 20:17:50 GMT
server: istio-envoy
etag: W/"84a1a3421b124fe0033da2dc1eb60e5f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xZaCXuWVAEJWaz04CVOg51pGteOc2pqA97uVobaV3P8kw4SIMzQVBw==

GET
H2 200 17.e4fe4aa9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 40 KB
13 KB 51ms
51ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.e4fe4aa9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7fe4dab17faeca12818ad0f933516d03f51fe7454e1bbfd983c221cab8358db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: Du7VQSLBFHCC32UNB4Y0p04GHRSsvnKr
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 05 Mar 2024 20:17:50 GMT
server: istio-envoy
etag: W/"3852ed7187bdfa5db5fddd577cd30fcf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HANBnu0QEOvdTxozrC26Cpeh9LVlhXP97cq8mOXY9dWbEyrIJCnuSw==

POST
H2 200 pixel_59089089 Show response
www.sophos.com/akam/13/ 0
625 B 39ms
39ms XHR
text/html 104.89.117.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/akam/13/pixel_59089089
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/akam/13/59089089
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.117.54 Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-89-117-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

expires: Thu, 07 Mar 2024 18:00:40 GMT
pragma: no-cache
date: Thu, 07 Mar 2024 18:00:40 GMT
cache-control: max-age=0, no-cache
content-length: 0
content-type: text/html

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 23 KB
8 KB 47ms
38ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:42:32 GMT
x-amz-version-id: jAn.UV4FUigTQ2pXuPEfcgJGaVkaFeLh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 5501888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3v9zjlLgejdanUC72IBhWBy30aA6vFLw94iAswqC-BpFC-vL92Yodg==

GET
H2 200 34.9de9c855.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 36 KB
10 KB 48ms
39ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.9de9c855.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9f954d6e1256d528c39aa0b3768fae8fffc81ecddb0cda40058dc715d1cb212f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: aVYKLubPRStYzFi8RmbQTEpTBOY7Bsrb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"4db3dc70965816e2781d03c25ca5bf2e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OddPDqpfqbfdclme0kCLpDov8CHthzPaOA8MrBkLNsZQJeIRGDiB8w==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 32 KB
11 KB 49ms
40ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 23:47:36 GMT
x-amz-version-id: vXzNrqspXsAXcjt5Me_czePQe44sOTaA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 2571184
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 06 Feb 2024 19:57:37 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VkFlC0_Vuar8H_M3pLiFt3Pk4tEizf-pQl0ssSdd-3YPihxKHFSnzg==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 17 KB
6 KB 49ms
41ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: TS.9ApOzy..rylGKiVPdLcCX5dJ9HsBw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3c_aem4KxIrZKffirtSNi-qxifkyM0V0lPYNj1I67HhhKrmYFloniw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 25 KB
8 KB 50ms
42ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: E9YrwVejTprhZqeWxhn5pc.KEORxTIm1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530549
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OUJ2HfvLq0Dj6c2COTIpbP5Zso6-K5EhjaoMlnjYjf69ri7DMsegTg==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 74 KB
23 KB 53ms
44ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: 4VyxTF9cOmpvyHPO7jaWSto1hTdtU.sl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tD0Q5Tt0Cb1Ps17PIor_DVC06yhCgRoydoDSK_bA7rfshflZQqlb7w==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 66 KB
20 KB 54ms
45ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: cqsMaYjOHahH71A7EXhyHFywLOEay3sx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Tue, 19 Dec 2023 16:15:24 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -b9NHqopQPEPf2RT-zwOvBz-uZQUiX_ZaWbY8yteJnkQvsr9Mlf5ZA==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 91 KB
28 KB 55ms
47ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: iLluOjfpMSRsML8bOSqA9V8JfTEqMP9L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pqBbsR4L8HmXoPVwGKVHcwEcV0H2HKSQ7m_5LSZ41ZqB86bKNRPP-w==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 23 KB
7 KB 56ms
48ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530550
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 11 Jan 2024 23:20:32 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UU4ULc6u59tlN7tWdMVHcegbAsxaw7xttaVYouU9J6zUdvYojoSG4g==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 62 KB
20 KB 57ms
49ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: q8W9FNPLIM8OX5drRDX0sp4TnKuKPMbY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 19 Dec 2023 18:34:37 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qqMaKr0iETPiVzXAmTJZeD5_l3EnQxI40HpvD9DxZZCvWEBzfK_Pdg==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 105 KB
34 KB 58ms
50ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id: sZGsqYJSO5RNt4iGri.m215HFs7tyyoY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Tue, 19 Dec 2023 16:15:24 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0p5FoN2jOD7T8UCuWXiDFeUagVBjHDZmkcluI9ZXxUUr67KJW8czVQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 12 KB
4 KB 59ms
51ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:25:55 GMT
x-amz-version-id: d4Mpj6_OHbbARq4FSdDizJv80LDhJS9j
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 7914885
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Wed, 06 Dec 2023 19:18:01 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _HQuRqjXS0AuYomkybBGpDF8bmvhfSuRrf9DIm3cwZ6VsikySZnSpQ==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 13 KB
6 KB 60ms
52ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: pQnA6v43oECrxe8G1Al4Smp1uPVlKNM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hKtXagpObM3IhwHJi1QR2OzvCxgQ1OVF3QUTJ4mLLKRYnkZL6RrxlQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 17 KB
7 KB 60ms
53ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id: mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530550
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Thu, 11 Jan 2024 23:20:33 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qRivmsopinLEZ2GgR85ItEHrExnQ2pmQCv6KDxYKPezY_0wr3Ps41w==

GET
H2 200 8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame 467F 31 KB
4 KB 41ms
33ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id: Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 3529344
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 26 Jan 2024 18:11:46 GMT
server: istio-envoy
etag: W/"1e97f00f07b87f701d0bf06259f954e4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XmjLO_yp51Z83MkXAsKlXpPUZOmtfDU2y5RqlPCEOA0SjtQiqdxHJA==

GET
H2 200 8.ce202881.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 82 KB
26 KB 61ms
53ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.ce202881.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3337f36bd89c27dbe1dca4b71fb177d826b736950f2150aff6acce0180a86fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:20:36 GMT
x-amz-version-id: mQIEwfFQyClv1G1Ejf6MWBI5BBswFf_l
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 3188404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 93
last-modified: Tue, 30 Jan 2024 16:30:58 GMT
server: istio-envoy
etag: W/"182944c0e758d6ff6a202ce976d91cc6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q3EZt3eAbF5plwXjwCuc3K8LgTfZOlZNqE9A1HufVXVjQ1-aTMsjNQ==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 467F 24 B
696 B 42ms
34ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 10:04:47 GMT
x-amz-version-id: oL98YdzlpaGyxUOIAT2tnEGpxnQwpHij
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 6249353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Tue, 19 Dec 2023 18:34:35 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jKbJm9_H2idCnfQeJhTdUTd0iDF-UPoo5qF3RfokFesW92t_BJFyFA==

GET
H2 200 16.ce5b49fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 93 KB
24 KB 62ms
54ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.ce5b49fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6b141e7fce6d9ec4c281ca4bcf494f31fc7a24c7aa1fdda838dd5e7ceff2a3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: dOxjx378gZY_AVke4cRWFBVQ4oz9fy0X
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"2004af3a9dab938169f2ea62c789c850"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VjOfK-WR2rcWQUfkMVHB98ptsZqvPIYOo8U7re0cUIxjjXLHaPsmzQ==

GET
H2 200 24.f156ac0b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 51 KB
14 KB 63ms
56ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.f156ac0b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0a5cea44ef10b590cbdd293e5356beec37b4515a45af600cb6bd839d774bfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: 912IrOxTzK0d0pxydhEmBJnYzrZScyQp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
last-modified: Tue, 05 Mar 2024 20:17:50 GMT
server: istio-envoy
etag: W/"84a1a3421b124fe0033da2dc1eb60e5f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IkRGnwb1xa1JvHwHicutujV1FFxloWLDzoM1EIL3mynuQtBarD9M6g==

GET
H2 200 17.e4fe4aa9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 40 KB
13 KB 64ms
57ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.e4fe4aa9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7fe4dab17faeca12818ad0f933516d03f51fe7454e1bbfd983c221cab8358db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: Du7VQSLBFHCC32UNB4Y0p04GHRSsvnKr
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 05 Mar 2024 20:17:50 GMT
server: istio-envoy
etag: W/"3852ed7187bdfa5db5fddd577cd30fcf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uG3w7sBb6_e5_Ji-K5DEYtR9hUfxxw9mBUjxcTmEdws-Kvq48c1slQ==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 3 KB
1 KB 8ms
7ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:32 GMT
x-amz-version-id: sRdyAX.mmmfnHJ1amTnG0RmacaiJNP23
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 11 Jan 2024 23:20:31 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kk8S-BPBp9isgQESbrVxNqBe1h3t59WrwqjdsPLT48usyalJNbA_0A==

GET
H2 200 37.df6fa602.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 3 KB
2 KB 8ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.df6fa602.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dc0198ce23a18c5daa358086995f168e1abf8d134aaec738e13229ae782b46bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: ZSwKVXfrtfDbDq_39MHGaQa8J99HBue_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"5094cc61d789f2d038934fbfcc74d115"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U5aFt3XoG34u_ofLRSeOqgff_5JX3TaXJZTTwEdjt3vY5bARHZTpFw==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 9 KB
3 KB 30ms
15ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:50 GMT
x-amz-version-id: wIYiMMOv59k7p4Fbql5xBCm9H7moGtf2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 19 Dec 2023 18:34:36 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: opY5AYdNoVjOShnMzPdqZlFJ781RhwjB6TNeMVKptvJC7wteowVH3g==

GET
H2 200 30.c2cfa051.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 27 KB
9 KB 31ms
16ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.c2cfa051.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2c3fa8534f4d4c1cb14f56e8da5245bd5ce330ee5b5471800cad7efff6de6d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: WRs_97QbIyhXtqFAWyOeQDG0ect7XzUO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"7b578d5ff5946531a07be989a9a973ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b_18AUqqEg00V1WCJRx48PjEKXPaLMCRM2B0oQQ8heEx_bErGP6DfQ==

GET
H2 200 27.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 467F 8 KB
2 KB 23ms
8ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: zyzXY0HiUV0Kx0xDA0irOuT14sRG0uSI
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 28 Feb 2024 20:09:21 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DsXRaFWcf7Grw50saX7lqD_G48NSGYRJ0NvoKRH1Q_v67HFpvHXklQ==

GET
H2 200 27.b57db11e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 15 KB
6 KB 32ms
17ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.b57db11e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b39e7d22263c6683b1970ca8a143c4809b7467a019c0b37170633a9aed6c9e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: DDyhxCIla0VHIBRUayAFADfdjSTthw24
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"7c8b67017ca47bece2215effbb5ae466"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y6ml6Ji3TE_93MW6qgRG0yGbiaFQOtr9-kBPHMu3KUNN9pccHaELIA==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 467F 365 B
1 KB 25ms
10ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:03:54 GMT
x-amz-version-id: 0H7FjD7Jl9xIJbAVeMxI..hCPUWnSz0t
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 8747806
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 365
last-modified: Tue, 21 Nov 2023 16:21:39 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tN3BPC9cnXjmN-zS7be02Z4keXZ51w8wTgvRXAX9xoh_wCt5_7guiA==

GET
H2 200 25.336e154d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 92 KB
25 KB 32ms
18ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.336e154d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ab785c5c76d12e6b62f6339857d15907af1796ace2907bf2d8c5a1e4fc264994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: rwxXP_skNyNEbbAgaJLzImoj5vuEcmrP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Wed, 28 Feb 2024 20:09:23 GMT
server: istio-envoy
etag: W/"e5142d5070c3e7f472bcddfd3ba4632a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Oc-qMU7yBzWk5k3bTJtqpVsrAz4CxrMdK4FtoHmuyrSyEXLMTM-WKQ==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 9 KB
3 KB 32ms
19ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:50 GMT
x-amz-version-id: wIYiMMOv59k7p4Fbql5xBCm9H7moGtf2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 19 Dec 2023 18:34:36 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HXBCuQYQMNliwfGvRjFvShV0DTjvVpLPpgdF8AGDOtm1SuTC9IyfSw==

GET
H2 200 4.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 7 KB
2 KB 24ms
11ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/4.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: ry9PkdfdyYVnhUh9E7iQvpl0pSpoeWa0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 28 Feb 2024 20:09:21 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DMLWOJp5Ww8xmq3e7XyfUUIvBwyc5xqUPxbBKjiyRU4pQGJClv_N7A==

GET
H2 200 4.6c355058.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 46 KB
14 KB 33ms
20ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.6c355058.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

51b29d6573d9fcb3e20b9021407d58c7dca539b0eb9d0e582106bf4908feac4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:41 GMT
x-amz-version-id: Yizk8zcIxT.4bvwDYk4c2JLxgCo1ajM3
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"f0317fb42e8df2093f44b37751ca8955"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8wLiqDK-QYPNYnBcPoqwmuBAtF7eBzIf-vStFWjiMYfU3hdZsej74g==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 44 KB
7 KB 25ms
12ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:58:51 GMT
x-amz-version-id: 1xzUgPbFb7aaeyDZtp6vQOQncX9.jojY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 6238909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Tue, 19 Dec 2023 16:15:21 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BItK_sgwM-Up0vAIDlsZFbKxmJYEFmUAv1exEBtrMhQFGtyDKK4iYQ==

GET
H2 200 1.28254d76.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 53 KB
17 KB 34ms
21ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.28254d76.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

914b72c7fe9e9c8ae81a269d5a05df6f5de5116ae133857b2c12b6cec48ea3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:53:37 GMT
x-amz-version-id: rb5Y98etdZtbdGGkTTiEe5JqELdwB5.d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 162423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Tue, 05 Mar 2024 20:17:49 GMT
server: istio-envoy
etag: W/"97797a3b2d2d449f982ea4367e2264c1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MDgT3hKbRXD2xuAThN1WvacWVYSAx2nchXLdZbyhjcORbl4_14oGEw==

GET
H2 200 3.81a9e32c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 23 KB
10 KB 35ms
22ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.81a9e32c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

39a22185ae99fc24a9c6cf7262ab2529721985716bfaffe811919def004f0464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: y2eYXYLwY_FqC8Vl0nwIFAm2SkwtvjSP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"3faec1260a49f199270c53a69c0e3f81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kGyu22xXsFSSrotkc9WkTDabYNFn1UzX1mcN2SSGuM--9ODTa_7kPw==

GET
H2 200 33.5fdd3e3b.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 16 KB
3 KB 26ms
13ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.5fdd3e3b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: gplqofziMMUDcPiaSPVLPX_48i_BuPIZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 28 Feb 2024 20:09:21 GMT
server: istio-envoy
etag: W/"6f779260053e30787f84dfa7ba6743e5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fVV4imAhSMpahR_TBm238uKTTwRW0IcNFlxlgNiVjCuhF3A_7iS6jw==

GET
H2 200 33.63312c59.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 13 KB
5 KB 36ms
23ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.63312c59.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

048daa568f2e310b154fc6f410f2655422f8ed3a9317901250a865de6e7d6a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id: e5kgAJogxluL_JnZgo_rGp_byJM0j5wG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 682020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Wed, 28 Feb 2024 20:09:24 GMT
server: istio-envoy
etag: W/"f34d0d25c32e8ca882961d24594f2d92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EgTHpvzkaMCMtulotUWux8cIlrW6w1olzGLG2p_ZBmhmG5YyB1lkhw==

POST
H2 200 v2 Show response
bootstrap.driftapi.com/widget_bootstrap/ping/ Frame 467F 254 B
896 B 129ms
108ms XHR
application/json 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.driftapi.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-11.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5b95f54f1c1e5f13c76b0b3ec95790923161556c3d649c79b03a466863a4a1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Mar 2024 18:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
requestid: d2209b6c51c1510d
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 8
content-length: 254
server: istio-envoy
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id: zydzzhvHSNqOOnrogBEcKDW6U3nAR19rPQqUOz4qUaHKzHwhZ5eO1A==

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
2 KB 63ms
48ms Fetch
application/json 18.66.97.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=demandbase_g3YsYq6YO5VYWlJ2QbIfR7fRy8VpLAhmh6OGGuDF&page=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&page_title=Attacker%20Dwell%20Time%20Increased%20by%2036%25%2C%20Sophos%E2%80%99%20Active%20Adversary%20Playbook%202022%20Reveals%20%7C%20Sophos&referrer=
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/include/1709834700000/w7p4sauc2iyi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-20.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e2f43045e6cf244416db32573b024817a53c4a9ca3bc9084bc4af9cd3fe7a3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:41 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 8f4b5978-67a1-4149-af03-d2e3641041b4
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sophos.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IQGJeRoQ4twrGccDY6JjYvDxP9RGcZm6jW2G34r-M5saas8HBtFBRA==
expires: Wed, 06 Mar 2024 18:00:41 GMT

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 467F 25 B
466 B 664ms
109ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Mar 2024 18:00:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: fd1d5e8c88648a2e
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.driftapi.com/ Frame 467F 28 KB
10 KB 407ms
407ms XHR
application/json 18.172.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.driftapi.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.112.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-112-11.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bf99ec8174376d5b465da458057a94fbc9f820a43aad8e95bd976d5ebe85d3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Mar 2024 18:00:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
requestid: 5e0c52a6cd91ce14
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 299
server: istio-envoy
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id: S1gYrRMQw7li9Mk2SUER0vBTPn2VpYzQrPD4EG3tQ4ZlBWjIwaXn0w==

POST
H2 200 track Show response
event.api.drift.com/ Frame 467F 745 B
807 B 97ms
97ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

512c80a35c4cbe7eee798e7db51a5667c20c98365812dad46f310f8149acbb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTIzNTgyMDI2MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwMzc2ODYiLCJleHAiOjE3NDEzNzA0NDEsImlhdCI6MTcwOTgzNDQ0MX0.Eo5KaqWZASDa9OWRo4Kr_zlOcq_AaV4VrNNBpcEjVmbep_mMd_6q5o7BSvvXWRiTwSVRFKpM3KrRCdUoXiPjDQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Mar 2024 18:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: a5d1e5955977dc0e
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 745

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 97ms
96ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 07 Mar 2024 18:00:42 GMT
requestid: drift8758eeb420bbe6d44fa0e7961e6
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 467F 2 KB
578 B 99ms
98ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

5b4091fdabcd7bd1cda29b078050d02d4856cf17fe36bda04310c0936c6f1df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTIzNTgyMDI2MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwMzc2ODYiLCJleHAiOjE3NDEzNzA0NDEsImlhdCI6MTcwOTgzNDQ0MX0.Eo5KaqWZASDa9OWRo4Kr_zlOcq_AaV4VrNNBpcEjVmbep_mMd_6q5o7BSvvXWRiTwSVRFKpM3KrRCdUoXiPjDQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Mar 2024 18:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: e32f44f36cce0934
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 510

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 97ms
96ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 07 Mar 2024 18:00:42 GMT
requestid: drift32064e84f7c8c9df2b19cf7ccb3
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 467F 19 KB
7 KB 6ms
6ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=w7p4sauc2iyi&eId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=552a43b4-7741-4262-b77a-7b4f8ef8b87a&sessionStarted=1709834440.575&campaignRefreshToken=fae59706-d4c0-4224-b8d6-5d595ecaf6e5&hideController=false&pageLoadStartTime=1709834439400&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:34 GMT
x-amz-version-id: Zqc8tAJgSsjNOAXYaxQdNZubY1vGBLp.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 11 Jan 2024 23:20:34 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Pl3O7D7qpounPp4Qw4Do3rXj4JZi9-sm5LK-4oqQHNZpEOP-Ffho0w==

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 96ms
96ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Thu, 07 Mar 2024 18:00:42 GMT
requestid: drift85483f04d9e9a68eb84f390663f
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 467F 0
38 B 107ms
106ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTIzNTgyMDI2MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwMzc2ODYiLCJleHAiOjE3NDEzNzA0NDEsImlhdCI6MTcwOTgzNDQ0MX0.Eo5KaqWZASDa9OWRo4Kr_zlOcq_AaV4VrNNBpcEjVmbep_mMd_6q5o7BSvvXWRiTwSVRFKpM3KrRCdUoXiPjDQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Mar 2024 18:00:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 4497b33b1e7be4d0
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F1177677%252Fed77c00dde2007a6e3ac8f2458aa49ca4v53k432bruv%3Ffit%3Dmax%26fm%3Dpng%26h...
driftt.imgix.net/ Frame 467F 2 KB
2 KB 24ms
9ms Image
image/png 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F1177677%252Fed77c00dde2007a6e3ac8f2458aa49ca4v53k432bruv%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D7dba60322751ea3e4cbef086a13b2e98?fit=max&fm=png&h=200&w=200&s=d81fddeba68fd74eee03a53f3f7602f7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

f0095302db30d9f788de4cd71473ef72cbd3b3ab19f0d14b0e976279e00db17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:00:42 GMT
x-content-type-options: nosniff
age: 3123103
x-cache: HIT, HIT
x-imgix-id: 5b41d62e7226fdfd5a7bd69a320fbe9e715f50b4
cross-origin-resource-policy: cross-origin
content-length: 1632
x-served-by: cache-sjc10081-SJC, cache-fra-eddf8230040-FRA
x-imgix-render-farm: 01.132136
last-modified: Wed, 31 Jan 2024 14:28:58 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 19 KB
7 KB 6ms
6ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:31:34 GMT
x-amz-version-id: Zqc8tAJgSsjNOAXYaxQdNZubY1vGBLp.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4530548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 11 Jan 2024 23:20:34 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8NSMfhiBEyKzt5gQA-jracE5wiF4w1etFXOY3J9nRZ9MnjI25DrsDg==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 467F 14 KB
14 KB 7ms
7ms Font
font/woff2 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4911928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
content-length: 13976
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "e7e52c955aa33e618baf437a16539524"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rh6OFBHAAZ6jcJzOeqR77kvypJ4W5FUJSvSagV3GNDmegC_BwOvzKg==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 467F 14 KB
14 KB 8ms
7ms Font
font/woff2 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 5390444
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 48
content-length: 14148
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ncfxm0jSHgO0aTiong7-m1SLWhss6HZxNSiBuT276lhjsgo27omB6g==

GET
H2 200 43.e483d03f.chunk.css
js.driftt.com/core/assets/css/ Frame 1292 900 B
2 KB 7ms
7ms Stylesheet
text/css 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/43.e483d03f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 09:31:37 GMT
x-amz-version-id: iaU4t4dQtR8q8Vd3tnlVhAyLib1mn9xk
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 4523345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
content-length: 900
last-modified: Thu, 11 Jan 2024 23:20:31 GMT
server: istio-envoy
etag: "0bd11a8facc0a9d41713c64ed1ba1289"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FtLyP1Abzqzy9fxK_9FZVnruv3OkTRrLyM6lsx9KumhfRAuN8bSWDQ==

GET
H2 200 43.bd189648.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 1292 303 B
996 B 8ms
8ms Script
application/javascript 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bd189648.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.e07e16f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e6fe88a41144fac0a75be6c94627d7ddbe2d58e0ccea7d714ea7108e1be694de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1709834439400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:25:32 GMT
x-amz-version-id: cn7ocPIKN0DjotXh08asFhym9VIiC5aK
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P6
age: 5157310
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
content-length: 303
last-modified: Wed, 03 Jan 2024 21:36:01 GMT
server: istio-envoy
etag: "64c5c459373f38cfa09d006a64744acb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zkPmgMFgLfd-4cR9LMJZt-FDvJECMJpc94OMA05QJ7_Vglzvd1WoVg==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 1292 14 KB
14 KB 9ms
9ms Font
font/woff2 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:35:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4911928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
content-length: 13976
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "e7e52c955aa33e618baf437a16539524"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rkwXAQsDcBaYaRlJWSBUWeInJ4NQMaUZYTSjHYZxpSK24IcT_ozLig==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 1292 14 KB
14 KB 11ms
10ms Font
font/woff2 18.245.86.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-73.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 5390444
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 48
content-length: 14148
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4dkeFM0YWy-Klcj4W1fWhBSJL4mxK1eCZ86g5bI-zDhyl1IlvjF9ig==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 467F 25 B
112 B 115ms
115ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Mar 2024 18:00:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 3a2c082b02667d9d
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sophos.com/	1969-12-31 23:59:59	Name: akacd_pr01 Value: 3887287237~rv=33~id=d19a3178774f449609745e3ac69bfcbc
.company-target.com/	1970-01-21 04:33:14	Name: tuuid Value: 55d6f62a-e0f7-4aa3-b947-c51db5a87915
.company-target.com/	1970-01-21 04:33:14	Name: tuuid_lu Value: 1709834440\|ix:0\|mctv:0\|rp:0
.sophos.com/	1970-01-21 03:44:16	Name: _vwo_uuid_v2 Value: D8FC8EFF5CC3AEEB17C6EAC46EDC39CDC\|4868e35a476a83e5009db0c748f86a08
.sophos.com/	1970-01-20 21:21:14	Name: _vis_opt_s Value: 1%7C
.sophos.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.casalemedia.com/	1970-01-21 03:42:50	Name: CMID Value: ZeoAyLmqPbQAAE5LAF8j9QAA
.casalemedia.com/	1970-01-20 21:06:50	Name: CMPS Value: 3279
.casalemedia.com/	1970-01-20 21:06:50	Name: CMPRO Value: 3279
.sophos.com/	1970-01-20 23:20:02	Name: _ga_V88TEQ7EYL Value: GS1.1.1709834440.1.0.1709834440.0.0.0
.sophos.com/	1970-01-20 23:20:02	Name: _ga Value: GA1.1.828834933.1709834440
.sophos.com/	1970-01-20 23:19:19	Name: _sphs_uuid Value: c2a09bba-2d87-4404-9a5e-e5d47aa7cc98
.sophos.com/	1970-01-20 19:07:19	Name: CampaignID Value: 0
www.sophos.com/	1970-01-20 19:40:26	Name: websiteaklang Value: en-us
.sophos.com/	1970-01-21 04:33:14	Name: _vwo_uuid Value: D8FC8EFF5CC3AEEB17C6EAC46EDC39CDC
.sophos.com/	1970-01-20 21:06:50	Name: _vwo_ds Value: 3%241709834439%3A4.7962389%3A%3A
.sophos.com/	1970-01-20 18:57:16	Name: _vwo_sn Value: 0%3A1
.sophos.com/	1970-01-20 18:57:21	Name: bm_sv Value: 0A4D46B7674508B59D93C8ECA629ABEF~YAAQtj4iF/+8O/GNAQAAJw4TGhfBvSkoDVFvZBXhXTeSpxXMdlFkanAb2XQ3F/VM63g4V/LYTV/RzXkGW45EgljGmigY+U3w5WF7+1H34a7uf955YYn82k+T9QFHRaJpsA1ymbDOBfvLOjRF+DGVWNW0ZSUOw6kib/QPQYGuwUypZKA2uTv+YU+XKPXBGQwwf6LyG6fVR4migf4Vksdw/8LHavVaUlxpC3lhtC7G8mOE2QS+gPIX/PStlauuROQ1~1
.tremorhub.com/	1970-01-21 03:43:11	Name: tvid Value: c75d636f6b194748b0f0042cb04120d9
.tremorhub.com/	1970-01-21 04:33:14	Name: tv_UIDM Value: 55d6f62a-e0f7-4aa3-b947-c51db5a87915
www.sophos.com/	1970-01-20 18:57:16	Name: drift_campaign_refresh Value: fae59706-d4c0-4224-b8d6-5d595ecaf6e5
.sophos.com/	1970-01-21 03:42:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Mar+07+2024+19%3A00%3A40+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6be2d80a-9b28-4508-9cb9-74634dfe7800&interactionCount=0&landingPath=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress%2Fpress-releases%2F2022%2F06%2Fattacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.sophos.com/	1970-01-20 18:57:21	Name: ak_bmsc Value: 69C24A06EFB3FC3E2CC96D78F3EE22C3~000000000000000000000000000000~YAAQtj4iFxS9O/GNAQAAIhATGhcT+ecP1wMcvelAB9GncNFKgIXK1qWY72BQv+lT59QzN0y7L5SbdmIhBOSGArME9GZOXxbEJvjWZaJ5KbHKFQxWVUokD25Zjj9kMvTSSVIeLuOQ7BJQtDJkS/XYLy0sNoAA6ftZd+CUVxaBa3uFxQuvaABzzkeLEJXtmVz3tQNJlnHViXYiPGyN8XZ0/uAonusuh6CJF58dBdMdH2BRkig4xkZqrooxz9cH7IO7V8fkwQFRm90CWt73qDvF+el1EomMALzTijrISmvZ+SkPJr3I7lqTF+vIGHhm/vMgHRbrVm2aQfEXdFHXzfXDwji6OLwlqQine8micfsIaJnYEdWsudh+3ngNHL4PEDXUypfBgjP79aWggrPjLfbQbjLpqwAsOWMyOL/yooO3AX79ZHahMUOG3swYhU3q6cbS/osy4ekHFRt/k0i1hg==
www.sophos.com/	1970-01-21 04:33:14	Name: drift_aid Value: dfef1d0a-7134-4b58-baf9-b81900c10682
www.sophos.com/	1970-01-21 04:33:14	Name: driftt_aid Value: dfef1d0a-7134-4b58-baf9-b81900c10682

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.sophos.com/en-us/press/press-releases/2022/06/attacker-dwell-time-increased-by-36-percent-sophos-active-adversary-playbook-2022-reveals Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1709834700000/w7p4sauc2iyi.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
bootstrap.driftapi.com
cdn.cookielaw.org
dev.visualwebsiteoptimizer.com
driftt.imgix.net
dsum-sec.casalemedia.com
event.api.drift.com
fonts.googleapis.com
geolocation.onetrust.com
id.rlcdn.com
img03.en25.com
js.driftt.com
metrics.api.drift.com
partners.tremorhub.com
pixel.rubiconproject.com
region1.google-analytics.com
s.company-target.com
s1777052651.t.eloqua.com
scripts.demandbase.com
tag-logger.demandbase.com
targeting.api.drift.com
www.googletagmanager.com
www.sophos.com
104.18.36.155
104.89.117.54
18.172.112.11
18.245.46.44
18.245.86.73
18.66.97.20
192.29.202.14
2001:4860:4802:34::36
23.43.136.53
2600:1f18:612b:4280:8a9a:9423:ddfa:2f24
2600:9000:2156:7400:1d:8d6d:3b40:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
2a04:4e42:600::720
3.94.218.138
34.96.102.137
34.96.71.22
35.244.174.68
69.173.144.165
0477c83a81af0172d38450ec160c675e8a13c7770560edf65da49f9c1902955c
048daa568f2e310b154fc6f410f2655422f8ed3a9317901250a865de6e7d6a8f
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
12ffe3ad71f763d9057baf43e0f1c1482bb9a0372602020554c4d52f52b37981
16487040a0c236b6191999e04d579ac1a3008c65a385e25c39d4b5c3c04ddcd0
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
25927b83d2cae1dfa15147f7c7f1409abbf9f00d6ba210f1789d75d05e601cbd
25fcfe30dce7f360e3ba5b98886c8214f56bf052bf6a875a6a42b9321e8fcfb4
269a651ad835647b3fd504444841eef586a86b437b75be44554362d31aa8b7aa
2905f68914bc7c942b6e300bc9108b348e10459398d7f166c927a5648318ba9e
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2ab93e92d92c91a5589f8db6322bd7e6b92de4a415af5323294d44afdc985787
2c3fa8534f4d4c1cb14f56e8da5245bd5ce330ee5b5471800cad7efff6de6d32
315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed
3337f36bd89c27dbe1dca4b71fb177d826b736950f2150aff6acce0180a86fc5
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
39a22185ae99fc24a9c6cf7262ab2529721985716bfaffe811919def004f0464
41a87ac69db66501ab3ad762750632f2e29cfeb723af27c40c0ff7ae0aa4ae42
4303586b56322ad2a9be5c98acbb0ffe85b879777fe226ef424fc375a4fb305c
4def6d9ad0b93fa285d5783527cab94b9b8040b650afbc808ed69e2ace347bb4
512c80a35c4cbe7eee798e7db51a5667c20c98365812dad46f310f8149acbb44
5187e85c76a8bab9c3b33b362b9097928c0b25cb88a363014b3b6aa5f8c56d8c
51b29d6573d9fcb3e20b9021407d58c7dca539b0eb9d0e582106bf4908feac4b
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5b4091fdabcd7bd1cda29b078050d02d4856cf17fe36bda04310c0936c6f1df4
5b95f54f1c1e5f13c76b0b3ec95790923161556c3d649c79b03a466863a4a1c4
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5de5166c65e9187c43645afe35988fb6086a61369ae0030f120e79f858b55115
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fc7ab8eca4149765c42bf4d24e3d0bcd4bf564ebe0c47c73a7957ad1ff31737
6231cefa59f36d7bd2422d5b4e5dec6b0725fa6978e2ef8155ac28b6bb4c9d0c
67ef71c562c9dac26243f44f029b68a3b3f4f6083db04d0e77ca14cb4b6ef945
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b141e7fce6d9ec4c281ca4bcf494f31fc7a24c7aa1fdda838dd5e7ceff2a3b2
6c2017bb173ff8b83a8057c428c6fdf40fc17cc19f1b8564b0709b7963d2fe74
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
7606664c348bc26ef690146b3412136c9f4ff817918802918ad0da622676bee2
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82408b09fc2a73408c25ea2dadcaabc05358715daf8f898d93338472f12acabe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
875c0f9098609238400da76edadee60f819db705ef0e5e51e9614e12795f9b7b
8ba6da936e385ead7529a0bac3f1fbcc0e5b888168b132bb2d49bc1c16579e29
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
914b72c7fe9e9c8ae81a269d5a05df6f5de5116ae133857b2c12b6cec48ea3ee
92cb22e62af49e5f81b39d3afb2c10f670fb64e429a0bb472d6a973c7c2eb7f0
98e1b1493289a94a660cbde0360c4cff187ab96e34252074f2cf02407b604917
9ac0577dc73c92aec827d0f4854b00f46908af8fd74edcb44c6374581040c422
9e6a781a2013dea846dd8dda8b30b4db01e3ca0fd71e33c60beaa69302d956a3
9f954d6e1256d528c39aa0b3768fae8fffc81ecddb0cda40058dc715d1cb212f
a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1daac2c5f75669e908da075dde0db30f2fad3f66a28da9908fbb5e91c2d670e
a41a17237c787bae4de52d3320c8164eaa5f52727c608982c1dadc615a420c2e
a78f803fcd9df04a1aeebd902eb9eccbcd8026ead39616df2d7c0ce63112fd8b
a86f72c1cff933d18b8b5f4c0af9a25e630ed17db548ee89c67601fd4c33f1dc
a9367431a7434745e8a9edf47a516e74522f5a8b3043d2afb592893b2299cc78
aae75d410268a4fbdb438d924b47030fc943b5fa14afd752cf12c30e417e8c8b
ab785c5c76d12e6b62f6339857d15907af1796ace2907bf2d8c5a1e4fc264994
ad81ecf5efa868a1c3a7dea3f6ae8c1fda9b523409a9c8574dee0669ce9c1aaf
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39e7d22263c6683b1970ca8a143c4809b7467a019c0b37170633a9aed6c9e16
b5f331cdaedaf57b0008692dac083e0031311729fdf82fa799dca3c96d1c341f
b7fe4dab17faeca12818ad0f933516d03f51fe7454e1bbfd983c221cab8358db
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bf99ec8174376d5b465da458057a94fbc9f820a43aad8e95bd976d5ebe85d3f6
c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c70580be1d50bfac58337dcbff66741b74ac15e8f62c095c1083c856a0868de5
ca8d259705c340a9ba8b34112e02d21e8d707e12d6927edd3dab7b860ce492c2
ce4628b459c68baf062b5580aef229882a385ad141ec94b14b968c9472acc8f5
d1d75ae838854e845b28c3472c3d235f92a944446d79165953ec813fc6323a70
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
dc0198ce23a18c5daa358086995f168e1abf8d134aaec738e13229ae782b46bc
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e0a5cea44ef10b590cbdd293e5356beec37b4515a45af600cb6bd839d774bfb0
e2f43045e6cf244416db32573b024817a53c4a9ca3bc9084bc4af9cd3fe7a3e5
e3a549a7fb01024baabf9dfdf974aacaba0239ea4e2f4bc3d21d3edfe858abb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e5c877c54dd7b212b5daf7f6f7c1e11b0c0218cb76cc4f9a7e6b675b6fdbcc43
e6fe88a41144fac0a75be6c94627d7ddbe2d58e0ccea7d714ea7108e1be694de
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
e976248be7b1f5a311b6b3045d1818aacc67e65be6715dcf915d1416104648ec
e9c326c31aab5102ccb99996cf1136389664815286a8c705ab8894b867a63384
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eac97b078a50e86c937a94115f5e128d4c55b53a7a973bec7715f411e21957ef
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
f0095302db30d9f788de4cd71473ef72cbd3b3ab19f0d14b0e976279e00db17a
f14bbab6d7dd7614dcccf6396aaa863e36c3b04a99735f48c9ee073d6b498efe
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04

www.sophos.com Open in urlscan Pro 104.89.117.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

99 %HTTPS

38 %IPv6

19 Domains

23 Subdomains

22 IPs

5 Countries

1674 kBTransfer

5119 kBSize

25 Cookies

40 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sophos.com Open in urlscan Pro
104.89.117.54 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

99 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

1674 kB
Transfer

5119 kB
Size

25
Cookies

147 HTTP transactions
2 data transactions