www.beyondtrust.com Open in urlscan Pro
45.60.63.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.now.beyondtrust.info/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe724ac84eafb84b4aa9da5...
Effective URL:
https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source...
Submission: On April 03 via api (April 3rd 2023, 4:00:53 pm UTC) from US — Scanned from CA

Summary HTTP 128 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 28 domains to perform 128 HTTP transactions. The main IP is 45.60.63.64, located in United States and belongs to INCAPSULA, US. The main domain is www.beyondtrust.com. The Cisco Umbrella rank of the primary domain is 265453.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 19th 2022. Valid for: a year.

This is the only time www.beyondtrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.0.173.37 142.0.173.37	7160 (NETDYNAMICS) (NETDYNAMICS)
1 3	142.0.173.26 142.0.173.26	7160 (NETDYNAMICS) (NETDYNAMICS)
20	45.60.63.64 45.60.63.64	19551 (INCAPSULA) (INCAPSULA)
25	2600:9000:220... 2600:9000:2203:4600:12:deb6:3a40:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:8279	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.73.231.40 23.73.231.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:250... 2600:9000:2509:5c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 8	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	23.61.11.188 23.61.11.188	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.87.116.233 52.87.116.233	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	52.5.98.218 52.5.98.218	14618 (AMAZON-AES) (AMAZON-AES)
2 3	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
1	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:1400:d::... 2600:1400:d::1721:ee69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.223.48 13.225.223.48	16509 (AMAZON-02) (AMAZON-02)
1	52.84.21.129 52.84.21.129	16509 (AMAZON-02) (AMAZON-02)
1 8	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a01:111:f100... 2a01:111:f100:a004::bfeb:8c20	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	2600:9000:202... 2600:9000:2026:5800:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.84.18.103 52.84.18.103	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	18.214.55.47 18.214.55.47	14618 (AMAZON-AES) (AMAZON-AES)
128	33

1 142.0.173.37 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

app.now.beyondtrust.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.173.26 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

s1017.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 45.60.63.64 (United States)

ASN19551 (INCAPSULA, US)

www.beyondtrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:2203:4600:12:deb6:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.beyondtrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:822::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:8279 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.231.40 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-231-40.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2509:5c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.234.236 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.61.11.188 (Sterling, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-11-188.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.87.116.233 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-116-233.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.98.218 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-98-218.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.197.192.192 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.87 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d::1721:ee69 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.230 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12057285.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-48.jfk51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.21.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-21-129.ord53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::2004 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:816::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:111:f100:a004::bfeb:8c20 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

monitor.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2026:5800:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.18.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-18-103.ord53.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.55.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-55-47.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	beyondtrust.com www.beyondtrust.com — Cisco Umbrella Rank: 265453 assets.beyondtrust.com — Cisco Umbrella Rank: 371457	343 KB
13	doubleclick.net 3 redirects ad.doubleclick.net — Cisco Umbrella Rank: 172 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 12057285.fls.doubleclick.net	12 KB
11	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 314	2 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 7318 c.6sc.co — Cisco Umbrella Rank: 10831 ipv6.6sc.co — Cisco Umbrella Rank: 7836 b.6sc.co — Cisco Umbrella Rank: 5453	15 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	549 KB
8	google.ca www.google.ca — Cisco Umbrella Rank: 8209	1 KB
8	ml314.com 3 redirects ml314.com — Cisco Umbrella Rank: 1845	12 KB
6	gstatic.com fonts.gstatic.com	115 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 400 www.linkedin.com — Cisco Umbrella Rank: 579 px4.ads.linkedin.com — Cisco Umbrella Rank: 6196	4 KB
3	clickcease.com 1 redirects monitor.clickcease.com — Cisco Umbrella Rank: 17581 www.clickcease.com — Cisco Umbrella Rank: 10837	54 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1128	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 368 js.adsrvr.org — Cisco Umbrella Rank: 1592	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	13 KB
3	eloqua.com 1 redirects s1017.t.eloqua.com — Cisco Umbrella Rank: 581756	2 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1182 heapanalytics.com — Cisco Umbrella Rank: 1079	36 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 805	861 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 403	834 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1590	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1446	8 KB
1	driftt.com js.driftt.com — Cisco Umbrella Rank: 6010	63 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 429	823 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000	376 B
1	en25.com img.en25.com — Cisco Umbrella Rank: 6625	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 853	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	beyondtrust.info 1 redirects app.now.beyondtrust.info	505 B
128	28

	Domain	Requested by
25	assets.beyondtrust.com	www.beyondtrust.com assets.beyondtrust.com
20	www.beyondtrust.com	www.beyondtrust.com assets.beyondtrust.com
10	www.googletagmanager.com	www.beyondtrust.com www.googletagmanager.com assets.beyondtrust.com
8	www.google.ca	www.beyondtrust.com
8	www.google.com	1 redirects www.beyondtrust.com
8	b.6sc.co	www.beyondtrust.com
8	ml314.com	3 redirects www.beyondtrust.com ml314.com
7	googleads.g.doubleclick.net	www.beyondtrust.com www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com
3	ps.eyeota.net	2 redirects www.beyondtrust.com
3	bat.bing.com	www.beyondtrust.com bat.bing.com
3	px.ads.linkedin.com	3 redirects
3	s1017.t.eloqua.com	1 redirects img.en25.com www.beyondtrust.com
2	12057285.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	monitor.clickcease.com	1 redirects www.beyondtrust.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	www.beyondtrust.com 12057285.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.beyondtrust.com
1	heapanalytics.com	www.beyondtrust.com
1	alb.reddit.com	www.beyondtrust.com
1	cdn.heapanalytics.com	www.beyondtrust.com
1	www.clickcease.com	www.beyondtrust.com
1	www.redditstatic.com	www.beyondtrust.com
1	analytics.google.com	www.googletagmanager.com
1	js.adsrvr.org	assets.beyondtrust.com
1	js.driftt.com	assets.beyondtrust.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	www.beyondtrust.com
1	px4.ads.linkedin.com	www.beyondtrust.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	img.en25.com	assets.beyondtrust.com
1	snap.licdn.com	www.beyondtrust.com
1	fonts.googleapis.com	assets.beyondtrust.com
1	app.now.beyondtrust.info	1 redirects
128	42

This site contains links to these domains. Also see Links.

Domain
www.clickcease.com
beyondtrustcorp.service-now.com
support.beyondtrust.com
www.linkedin.com
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
www.beyondtrust.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-19` - `2023-05-20`	a year	crt.sh
beyondtrust.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-30`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
ml314.com GTS CA 1D4	`2023-02-09` - `2023-05-10`	3 months	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Frame ID: AFE6AA3DB761B8C6FD601F9F97E89C32
Requests: 128 HTTP requests in this frame

Frame: https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA
Frame ID: 90EAC62B26089BD7059C93585C157ECF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

On-Demand | Crouching Admin, Hidden Hacker: Privileged… | BeyondTrustBeyondTrust

Page URL History Show full URLs

http://app.now.beyondtrust.info/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe7... HTTP 302
https://s1017.t.eloqua.com/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe7... HTTP 302
https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-maste... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

128
Requests

93 %
HTTPS

49 %
IPv6

28
Domains

42
Subdomains

33
IPs

3
Countries

1257 kB
Transfer

3598 kB
Size

54
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.clickcease.com/

Search URL Search Domain Scan URL

URL: https://beyondtrustcorp.service-now.com/csm
Title: Support Portal Explore additional support resources

Search URL Search Domain Scan URL

URL: https://support.beyondtrust.com/
Title: Chat with Support Start a live chat with a team member

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/beyondtrust
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/beyondtrust
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BeyondTrust
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/beyondtrust/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.now.beyondtrust.info/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe724ac84eafb84b4aa9da5ed954&elqaid=8649&elqat=1 HTTP 302
https://s1017.t.eloqua.com/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe724ac84eafb84b4aa9da5ed954&elqaid=8649&elqat=1 HTTP 302
https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D885586%26time%3D1680537645980%26url%3Dhttps%253A%252F%252Fwww.beyondtrust.com%252Fwebinars%252Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%253Futm_source%253DEloqua%2526utm_medium%253Demail%2526utm_campaign%253DBridging%252520a%252520Dangerous%252520Gap%252520Between%252520Incidents%252520and%252520Cyber%252520Crises%2526campid%253D7017V000001gqyjQAA%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&cookiesTest=true&liSync=true&e_ipv6=AQIQOskbf5qxNQAAAYdH2XTbPNohD2Nx7AI_bGJKpdVpnSRkdIgfDdtFzZfKauIjyBVDcaibFA

Request Chain 69

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3634715729837686807&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3634715729837686807&redir=

Request Chain 70

https://idsync.rlcdn.com/395886.gif?partner_uid=3634715729837686807 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNDcxNTcyOTgzNzY4NjgwNxAAGg0IrvCroQYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=b8041ba6271da6089312804caab8cf187260c41833d6ae440de1bb4e85a29710f4cb09cee1a4f8eb&person_id=3634715729837686807&eid=50082

Request Chain 71

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&gdpr=0&gdpr_consent= HTTP 302
https://ml314.com/csync.ashx?fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&person_id=3634715729837686807&eid=53819

Request Chain 72

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3634715729837686807 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3634715729837686807 HTTP 302
https://ml314.com/csync.ashx?fp=d2fdcca9e45900e47e21452914a1917&eid=50146&person_id=3634715729837686807

Request Chain 73

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Fd2noWryF6TYHxZfY_SIITjrCQ_UbKraY-xTiL3VB1g&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2Fd2noWryF6TYHxZfY_SIITjrCQ_UbKraY-xTiL3VB1g&person_id=3634715729837686807&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 81

https://ad.doubleclick.net/ddm/activity/src=12057285;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 88

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&gtm=45be33t0&auid=1740310144.1680537647 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&gtm=45be33t0&auid=1740310144.1680537647

Request Chain 99

https://monitor.clickcease.com/stats/stats.aspx HTTP 301
https://monitor.clickcease.com/stats/stats

Request Chain 103

https://12057285.fls.doubleclick.net/activityi;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA HTTP 302
https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA

128 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2 Show response
www.beyondtrust.com/webinars/
Redirect Chain

http://app.now.beyondtrust.info/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe724ac84eafb84b4aa9da5ed954&elqaid=8649&elqat=1
https://s1017.t.eloqua.com/e/er?s=1017&lid=8264&elqTrackId=8f50ee8f4b4e4ec59e5973994aa019a0&elq=39a6fe724ac84eafb84b4aa9da5ed954&elqaid=8649&elqat=1
https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Be...

275 KB
42 KB

98ms
42ms

Document
text/html

45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

39ccbe3e2477d42cacd6ca8db7446c6adffbfad5ba12d441222555bf02e06f64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 264516
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 14:32:09 GMT
expect-ct: max-age=86400
referrer-policy: strict-origin-when-cross-origin
server
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amz-cf-id: B8wsiCLBgPQho4gx3_sf6fN-n97_cx9Vwl2Ma5J0PX0VbjX9-kFZWQ==
x-amz-cf-pop: EWR50-C1
x-cache: Hit from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: sameorigin
x-iinfo: 9-2661988-2661993 NNNN CT(2 3 0) RT(1680537644990 25) q(0 0 0 1) r(0 0) U24
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store
Content-Length: 408
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Apr 2023 16:00:44 GMT
Expires: -1
Location: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging a Dangerous Gap Between Incidents and Cyber Crises&campid=7017V000001gqyjQAA
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 styles.add608357032fd87ac89.css
assets.beyondtrust.com/assets/css/ 128 KB
22 KB 131ms
34ms Stylesheet
text/css 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/css/styles.add608357032fd87ac89.css

Requested by

Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

25c86c24d166ef3dc2d9ce257d0b69f355158fd2c242304a0b8d10dd22be2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:43 GMT
x-amz-version-id: vY7ysDtYEc1PhUfelL9ZPXbOB.Hgx5wE
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"86d4fb21fac183d8e3bfeb4a3859273d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: YYMz4_u58tt7u5EklsOuSYzzCZj37l4y57mXhaCC6mCkEqYB_Ghx3A==

GET
H2 200 tailwind.454d4c2cdd5c6f8bc045.css
assets.beyondtrust.com/assets/css/ 116 KB
14 KB 152ms
56ms Stylesheet
text/css 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/css/tailwind.454d4c2cdd5c6f8bc045.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

35399d7dc44d0eace8f2a90f79cb1a365ad1e8180be614c833865a0d5050f6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:43 GMT
x-amz-version-id: 42ngU9EXchSiBA1f4xN05CJ8Giat1GzH
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"b267b92bf7a18a3127b22d4b69156910"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: qjs5jcx6bLC3K2I2aQa1IoOPaxfDJYB80WLvIvC5U823OYBM0Ut2xw==

GET
H2 200 ie-warning.5b486de7f11396218111.js Show response
assets.beyondtrust.com/assets/js/ 2 KB
1 KB 186ms
90ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/ie-warning.5b486de7f11396218111.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b54b59c79969e6ec215b4e940c7cef1b9b558cdab046416c514b0dd3639555a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: cJXX_JGgl.RntomWa2sTRmpRIbxRJfRF
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"1a9e17376f8e716230616daa90f50fdc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 9HCXEmFvLGAiXsokcJnFS45bTJtQLWetA79gaMvZcIZxV_8UzKmvTQ==

GET
H2 200 head.7d443e9c115b69f0735a.js Show response
assets.beyondtrust.com/assets/js/ 4 KB
2 KB 131ms
40ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/head.7d443e9c115b69f0735a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75c1c529a87250eb3e528edb7b9890f1fa2172f6511ec51b4b303a3bf75335f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:43 GMT
x-amz-version-id: IEycKRBrll379hvj6uRt3JO99va4SIkm
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"c48bb56fe473db7a384573e31ee9e2de"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: ZyjVgdVWWI4weVEvJdYze96V8XBK9yMo6YzhBp_vmLSJTaUqO_VuSQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
45 KB 143ms
61ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1434058-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc6ea7a708a8d214559439fc08e5a46f29ec977d9829ac0480e0930eafabf398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 podcasting.3d5770e83b297a83f0a4.js Show response
assets.beyondtrust.com/assets/js/ 5 KB
3 KB 181ms
113ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/podcasting.3d5770e83b297a83f0a4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b857f33b5c10a95542ce26ef7bd7e2f78747d300fdaf19e4a2790e0148bcb93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: 7HolHgMZTbvNPWE1XuEwBcXkty2unJoG
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"5f8be84ce6efdbd5a6774d1f551f4b06"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 25EXuzBt9NJzi8qj8idPblWKnyqSlHDDnsgvvELJHWhifliK3cpkGA==

GET
H2 200 sentry.5f2c188d34f443de692c.js Show response
assets.beyondtrust.com/assets/js/ 3 KB
2 KB 179ms
110ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/sentry.5f2c188d34f443de692c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f723425a1e64939e86dbd859763d7ed685e9057290c70a0dd901032fbab110e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: t4wbSIeC0tyE_5gjhebzn6tuD._zcPk6
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"7c26bf894ed0f1971ef570e7dc9073be"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: -WookkHUcKmw5htiI4-Iu_sET1ycp9GGWDoXqtA9ZYH1zb4Glypk8A==

GET
H2 200 intlTelInput.31bce6ff0ed1e09ca26b.css
assets.beyondtrust.com/assets/css/ 19 KB
3 KB 183ms
115ms Stylesheet
text/css 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/css/intlTelInput.31bce6ff0ed1e09ca26b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd977c96be116cbdde6f34baf1a42cf6ccdf160c9533d43f38b9e2a3984549e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: 9Azv61HQr_snAoulYGkIZ2WRv_IcEdNH
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"24e20ff449a3d22566e4a88f6c172577"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: sHL74dqJ63L_GInmqLxHcgMTTNgNSH7gQ6ATvR1zvS8DbKe4M6m3cA==

GET
H2 200 formFields.46d0c1b18df404af6327.js Show response
assets.beyondtrust.com/assets/js/ 38 KB
13 KB 129ms
116ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/formFields.46d0c1b18df404af6327.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0bedd9f519248abb9ab9124d2ee0685f553f71471412c1b46dac5eef1e88ab23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: 209s.gA_60PJhFUlzTj_6D3ozj2XY96L
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"1a1354b68d4fdd63cd713564bac45dc8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: KTrPdMedXj360-Xrs18l9T3P4wJpJHET_XgsUOUNyCbPTT4J3w80Ww==

GET
H2 200 main.78ac3085c458fd772d3d.js Show response
assets.beyondtrust.com/assets/js/ 5 KB
3 KB 125ms
117ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/main.78ac3085c458fd772d3d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c04eb1874ec264b731a8ce32d9b4465e9e66297e555f4dd4e3aa4787ab66dd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: CYZ29sffTJ7PsmIvRWhkqDSYz7nHiX1g
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"d17ef48f4729512ef551ae7e13fdd4c1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: rVgvxHuaD8OXD03QJk8imuPvzZS9rCeiD3eTqhAESW8KDZVL29YcOQ==

GET
H2 200 formSubmit.46f845b2ece1aa59848a.js Show response
assets.beyondtrust.com/assets/js/ 5 KB
2 KB 62ms
54ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/formSubmit.46f845b2ece1aa59848a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e04236577a4bca796b03b3a71046fceca89440804b5cae3951c8d292b82e5609

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: Ebe3rqeb_vkldPOvPo3Sb4Dmys4i_NXv
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"8cae243eb7ed17dea8f8e1ded035b81e"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: k6YbUsb2xICncqDLYEmd_HQdSeocbBWhPycyaObbwmMvX5Hyp4Ap5A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
66 KB 90ms
24ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-685788122

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c991550132e14b16608d02b973c7d28dc2ae7b72a0e8b37424dea6dec726331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67533
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 wistia.1a329a289380045cda37.js Show response
assets.beyondtrust.com/assets/js/ 1 KB
1 KB 107ms
99ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/wistia.1a329a289380045cda37.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a811becf08b6dcf4401f4dcc269b180200b86cabdb71632856eb1af4d6d2447a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: yUiP6bcJ__XtwUcyGfMERDcAuUYve4d4
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"aa8c239459268623af68e92ff7cbedca"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: eU5hSU-bpQ2YNq9pjVBSkk_WEmHqfR3bxI0J_QrGGN4xKlZGE9305g==

GET
H2 200 traffic.2d01cfd39d22985ce6e4.js Show response
assets.beyondtrust.com/assets/js/ 5 KB
2 KB 95ms
88ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/traffic.2d01cfd39d22985ce6e4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d1d95bd2de714fedb36ce54257758cc49123ecba2e97b7ec819173c98e4dbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: i_yM_c.kY8wuH38nrwC_DBPb5LeCXrtr
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"4aaaacfd802b36f62cb8b6dd31de0b2d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: OwEK_K975zz4PQveFDSFeOmG11yq5UpzXP3lmqXd-OgGnjZhRN3tdA==

GET
H2 200 search360-async.8aeee04b26d90c76a183.js Show response
assets.beyondtrust.com/assets/js/ 3 KB
2 KB 116ms
110ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/search360-async.8aeee04b26d90c76a183.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b27c51bf4b530bbc4b854e9a90b7fd73b517af6c8af16f2628531c94864ebae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: xpDXCLeJd2l3.gruN0L1exdgI.N5y3kr
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"e6872d8853e1e7efb39b41e53ef95008"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: WU7GAWJqdGbSZ-DtDxjSMH2w3EAO9o5wxeJq5wkyP29G07wlH8n3bw==

GET
H2 200 alpine.5d5fba535f9ae03ceb4a.js Show response
assets.beyondtrust.com/assets/js/ 54 KB
18 KB 118ms
112ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/alpine.5d5fba535f9ae03ceb4a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c98f5685650e50e91f6fd0e5d1ae975a759cef78793b43da65047bb7e016ea44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: e1uX3PB.JzdgumxyiqqLj_2ts5gxEB_0
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"e0b8b788f963125fc0e61a6093a15b66"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: k2TQHNk7afBsaDzSPFV56xxnOEx459sbrTD3djuFLPuju17n_r1N8A==

GET
H2 200 htmx.7c4ae74461d7cc2e8b08.js Show response
assets.beyondtrust.com/assets/js/ 45 KB
14 KB 65ms
59ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

845a9869061e91edc65ef698680ef959bad4f9774bf6265b261f88b7dbf996fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: CLwTFaK5iIS6t3Ko8omghL2rd0Zr9zDQ
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b39356bbaf20efd87827902daa849bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"4d440b80da8f1d8516db17ebaa8bb87f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 6VmtKGXX7TjesVFK-u3ylx0iffOdm1TzrlSm42r2xCO14h9NIB3YeQ==

GET
H2 200 eloqua.ede7d69528e8ca6d396c.js Show response
assets.beyondtrust.com/assets/js/ 838 B
1 KB 118ms
113ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/eloqua.ede7d69528e8ca6d396c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d54d93f1bd7dadbc91ccd5d47a5ad95817764fc9c3f149da19227e93055a55e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: WinwSwQeNJE4IEPTR2sUSsVZIzIL1cQT
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 838
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: "3f5c9b39c1e12a46dcb8e769251bfc3a"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Ip1n8pIf9ZHMoSPYmf-k74PAFb3MSKOkgvLeU91AUOp4dmSnGP2aXQ==

GET
H2 200 drift.67abbd0860f2493efd42.js Show response
assets.beyondtrust.com/assets/js/ 7 KB
3 KB 126ms
121ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/drift.67abbd0860f2493efd42.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8f3d67be6a6264e7db384007357aeba7952f437fc1fef7fd06d969a08d518d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: eE6iBi2Ck_UC_EdmAsxBEtJn6aS506Ue
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"c7245349e5a258012556a4f7fe42f591"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: kLjyNXDleTE5E5N_PORNljNQpCFTBlRHu3_NdsTdSuBGXoTMxl3I8g==

GET
H2 200 _Incapsula_Resource Show response
www.beyondtrust.com/ 136 KB
19 KB 32ms
27ms Script
application/javascript 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1643211014

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

358cfe8de81746de4546bac3f6090f6bcf7eaff532b587293dd79d200e0b3e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19609
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 90ms
36ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/css/styles.add608357032fd87ac89.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5fceb594dba409b0c44898f100669ad9e6662d00c180c82b5e62feed004a85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://assets.beyondtrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:55:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 159ms
21ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:19 GMT
x-content-type-options: nosniff
age: 538166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:19 GMT

GET
H2 200 icons.data.svg.cdbc59ea5f28a7b9fc4d.css
assets.beyondtrust.com/assets/css/ 58 KB
11 KB 97ms
95ms Stylesheet
text/css 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/css/icons.data.svg.cdbc59ea5f28a7b9fc4d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5d93b7025e3bf1bd06f27ecbb099b30187ff1c8de9e7b413427b37fd7ac5c287

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: k_P7k31RidGwZWL7b6CH21lWEK2rSdmM
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"4f07af17a0d4c2c97ad5949763b5c42c"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: tRZhVA4I5f3nEOTJCz_5OVF2A6WEgoS1X4xHE7aI3mfIXPN84C7vsA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
78 KB 118ms
80ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-88RX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a30c7f4bba128d555dc62e5625456efc0a2a5d9377d47a2d13eb7ec9fc5c433b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79685
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 146ms
20ms Script
application/x-javascript 2600:141b:13::17d7:8279
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:8279 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32910
accept-ranges: bytes
content-length: 4777

GET
H2 200 webcast-entry.png
assets.beyondtrust.com/assets/images/ 5 KB
6 KB 46ms
44ms Image
image/avif 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.beyondtrust.com/assets/images/webcast-entry.png?auto=format&q=80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

e389fa156db9d398b53689c2778bb947f0db23d5a0a712396236420ad1481ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:42 GMT
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 1064765
x-cache: Hit from cloudfront
x-imgix-id: 1319eac07b167e0d507996d080e635e6351cf077
cross-origin-resource-policy: cross-origin
content-length: 5389
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10050-SJC, cache-cmh1290068-CMH
x-imgix-render-farm: 01.9264
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Mar 2023 08:14:40 GMT
server: imgix
vary: Accept,User-Agent, Origin
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OOcBJo5R3jc5i8zBxPnyGoVjB3Iyj5A8-2qts32ZqYm3qbygNN4rZg==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 178ms
60ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:45:44 GMT
x-content-type-options: nosniff
age: 537301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:45:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 153ms
34ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 538180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 172ms
54ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:13 GMT
x-content-type-options: nosniff
age: 538172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:13 GMT

GET
H2 200 Paula_Januszkiewicz_headshot.JPG
assets.beyondtrust.com/assets/images/user-photos/_people/ 3 KB
4 KB 210ms
120ms Image
image/jpeg 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.beyondtrust.com/assets/images/user-photos/_people/Paula_Januszkiewicz_headshot.JPG?auto=format&q=80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e502786c44a9d52c3b2dbd87c66a770f8e905befbf57222c9ea06623d7c65c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: MJE6cJkqXh67LiAskVbkVlpF8X1CynxR
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3337
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 05 Jan 2023 17:03:25 GMT
server: AmazonS3
etag: "18071fd95ea1902a81732c6a7ccffed2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: lSWqQqXNZB12kyjq2G2xPjBPJ4yyCBCPXMimUKh2jU5OtUs6v_ST_w==

GET
H2 200 _Incapsula_Resource
www.beyondtrust.com/ 1 B
36 B 45ms
17ms Image
text/plain 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.beyondtrust.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8903062265461488

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 bootstrap Show response
www.beyondtrust.com/api/ 109 B
842 B 671ms
662ms Fetch
application/json 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/api/bootstrap?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/formFields.46d0c1b18df404af6327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ee6809cb9c07ee6ecdf07f155ccdd4f635d5627dd1edf90a074d72ba1f924239

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2661993 PNNN RT(1680537644990 473) q(0 0 0 -1) r(7 7) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json
x-amz-cf-id: qV2GqcdW1yBMjz15nEttN5PEnZCfi-ZyXpVFvQxiCRnIQnGAD-vNKg==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 603 B
537 B 677ms
676ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=92d96d0b1e93ed517e774d3786f8e964a12ae5f26aafb01fac05635adeb88e0f_partials%2Fjavascript%2Fanalytics%2Fclickcease&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9649c5937bc3bcd7483d12b323cc4759d94b6085dc06d513733baa073ed832c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-njfstt
HX-Request: true
HX-Target: component-njfstt
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662078 NNNN CT(4 5 0) RT(1680537644990 597) q(0 0 0 -1) r(1 7) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: 4fe_I2ojgkfTEKxZ0cBbt7rOKyiidEHKBwhs7DngKA8ipWbQnyvf2A==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 694 B
694 B 684ms
679ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=6c373cba139f2529b40ad35110c7227c5a0c04dd92fd7e4e933f918b2fdc8057_partials%2Fjavascript%2Fanalytics%2Fheap&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2901b8da86426bc606cbb9ab77e9b9f9d8950eb9b82611b3d0fb5329ec2a4901

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-jlwehk
HX-Request: true
HX-Target: component-jlwehk
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662080 NNNN CT(1 4 0) RT(1680537644990 601) q(0 0 0 -1) r(1 7) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: RvE9_x39RSuRAUpifMyqHXni-tw7oCy6-F7vK4kmHSZbNUDJyH7a6w==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 684 B
895 B 574ms
568ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=c05f673aff1d83fa0426460b2aa3ef51307315f9e3c5a3432e6c852f8c2bfb2d_partials%2Fjavascript%2Fanalytics%2Freddit&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

694f48f2b14bc9d7f00b6b2eff81ef24d105458ee4afba8d560083dfcc8cb94e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-izrdmh
HX-Request: true
HX-Target: component-izrdmh
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662082 NNNN CT(1 4 0) RT(1680537644990 604) q(0 0 1 -1) r(1 6) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: ysr1Ms2Gch0c0DwTR_V4LyFb3TzSg9wSB2Bmw3OwRZE8I7xrRZE4ng==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 2 KB
1 KB 514ms
508ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=a3d3f8d5d55b6a9aa22319320f5d105f09bd5f741f528a2ab2a9168f6893f005_partials%2Fjavascript%2Fanalytics%2Froidna-tradedesk&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d25eb8b1b68196309abc3539aa4e363df9100a7a56fbf7e9657918436ea04aae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-tuqqlh
HX-Request: true
HX-Target: component-tuqqlh
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662084 NNNN CT(6 6 0) RT(1680537644990 614) q(0 0 0 -1) r(0 4) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: VEhzTa07i_xLzzm0in7nX5cKnTuh7r6cEyNqfu_eyN3v6sIXGmoloQ==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 6 KB
2 KB 674ms
669ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?EmailAddress=&Demo%20Type=&MiddleName=&FavoriteColor=&elqFormName=RecordedDemo&LeadSource=Recorded%20Demo&LeadSourceDetails=Demo%20Request%20Main%20Nav&Product=&FormVariation=EOtss&Language=English&LandingPageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&RedirectURL=&SFCampaignID=&elqCustomerGUID=&integrity=0542455f68314da364597767de1e027a7dcb4166b8b7ddb0423962d69c07351c&sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=8691911eda8c1814736f93c6be061bda469f6270ec7628209fff0041b8563b12_partials%2Fforms%2Fnavigation--demo-request&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldLanguage%5D=c76014d74443249aecdccc82a404bfa0411eb6b114f28bba76054fdeedd82b5cEnglish&sprig%3Avariables%5BfieldLandingPageURL%5D=c5ee9c351eab4ffe3399d43f3116ae21c37931bb90f3fc913855213435e8fd8bhttps%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&sprig%3Avariables%5BfullPath%5D=2eac3ebe1f38b5ce5d9833381bba94f31d132fa96cd1ad899e48d6b5cc846b0dwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&sprig%3Avariables%5BfieldSFCampaignID%5D=eaeef433fea73cf4091c0d31d7ef49285ce710a228b8dd4a17c30aa221a428ec7017V000001gqyjQAA&sprig%3Avariables%5BfieldRedirectURL%5D=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldDropdown%5D=736c7554796c626431e3f890742eb052a07e02b28afe88308633c6e8c3565323%5B%7B%22optionLabel%22%3A%22Password%20Safe%22%2C%22optionValue%22%3A%22Password%20Safe%22%2C%22optionRedirectUrl%22%3A%22https%3A%2F%2Fwww.beyondtrust.com%2Fdemo-ps%22%7D%2C%7B%22optionLabel%22%3A%22Privilege%20Management%22%2C%22optionValue%22%3A%22Privilege%20Management%22%2C%22optionRedirectUrl%22%3A%22https%3A%2F%2Fwww.beyondtrust.com%2Fdemo-epm%22%7D%2C%7B%22optionLabel%22%3A%22Privileged%20Remote%20Access%22%2C%22optionValue%22%3A%22Privileged%20Remote%20Access%22%2C%22optionRedirectUrl%22%3A%22https%3A%2F%2Fwww.beyondtrust.com%2Fdemo-pra%22%7D%2C%7B%22optionLabel%22%3A%22Remote%20Support%22%2C%22optionValue%22%3A%22Remote%20Support%22%2C%22optionRedirectUrl%22%3A%22https%3A%2F%2Fwww.beyondtrust.com%2Fdemo-rs%22%7D%5D

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

950872a3a86054c893334fa5dbfcf4dbdcad8fa996e6c16819e663aa11a13f81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-yaqanw
HX-Request: true
HX-Target: component-yaqanw
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662086 NNNN CT(3 4 0) RT(1680537644990 618) q(0 0 0 -1) r(0 6) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: i9SU2CQiYRmtW8oI1YKwKxysp07uUaklbZJwDCe4QcFWfsJiUDL3zQ==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 5 KB
2 KB 1013ms
1008ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?EmailAddress=&product=&elqFormName=SRAEvalEmailStart&Product=&LeadSource=Full%20Cloud%20Eval&Language=English&LandingPageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&LeadSourceDetails=&elqCustomerGUID=&SFCampaignID=&RedirectURL=https%3A%2F%2Fwww.beyondtrust.com%2Fforms%2Ftrial%2Fvalidate&MiddleName=&FavoriteColor=&sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=6e07a835041e05edf5802b78701387e397a491b48ba5c5d2567b671f27f041c2_partials%2Fforms%2Fnavigation--sra-trial&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldLanguage%5D=c76014d74443249aecdccc82a404bfa0411eb6b114f28bba76054fdeedd82b5cEnglish&sprig%3Avariables%5BfieldLandingPageURL%5D=c5ee9c351eab4ffe3399d43f3116ae21c37931bb90f3fc913855213435e8fd8bhttps%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&sprig%3Avariables%5BfullPath%5D=2eac3ebe1f38b5ce5d9833381bba94f31d132fa96cd1ad899e48d6b5cc846b0dwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&sprig%3Avariables%5BfieldSFCampaignID%5D=eaeef433fea73cf4091c0d31d7ef49285ce710a228b8dd4a17c30aa221a428ec7017V000001gqyjQAA&sprig%3Avariables%5BfieldRedirectURL%5D=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldDropdown%5D=35d658f4e912a312a0b696d436da339b51e50582b906994a1ade7b5c591fbc92%5B%7B%22optionLabel%22%3A%22Privileged%20Remote%20Access%22%2C%22optionValue%22%3A%22pra%22%2C%22optionRedirectUrl%22%3Anull%7D%2C%7B%22optionLabel%22%3A%22Remote%20Support%22%2C%22optionValue%22%3A%22rs%22%2C%22optionRedirectUrl%22%3Anull%7D%5D

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cf89588851dbcfd07db0fbb163b810e5800544ab2fa39b45b5e6ca1e4ee2bb83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-pxzikc
HX-Request: true
HX-Target: component-pxzikc
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662084 PNNN RT(1680537644990 624) q(0 4 4 -1) r(9 9) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: UVvftjpQsxcv_4ihAtkyGLJpnBaDCNxKLyvmnjWKmpkKUGS10smgAA==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 4 KB
2 KB 1039ms
1036ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?EmailAddress=&MiddleName=&FavoriteColor=&elqFormName=ContactSalesForm&LeadSource=Online%20Contact%20Form&Product=All%20Products&FormVariation=EOtss&Language=English&LandingPageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&LeadSourceDetails=Online%20Contact%20Form&RedirectURL=https%3A%2F%2Fwww.beyondtrust.com%2Fcontact-sales&SFCampaignID=701f40000010kCtAAI&elqCustomerGUID=&integrity=af0a78729eec4aa1e317a40e27b0d263a21d3cc4fa1ff20d1803022048e1f087&sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=737cb7872d7519a8eb80fc2d1762c3e6e6c300a6d7dce925864018110213d309_partials%2Fforms%2Fnavigation--contact&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldLanguage%5D=c76014d74443249aecdccc82a404bfa0411eb6b114f28bba76054fdeedd82b5cEnglish&sprig%3Avariables%5BfieldLandingPageURL%5D=c5ee9c351eab4ffe3399d43f3116ae21c37931bb90f3fc913855213435e8fd8bhttps%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&sprig%3Avariables%5BfullPath%5D=2eac3ebe1f38b5ce5d9833381bba94f31d132fa96cd1ad899e48d6b5cc846b0dwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&sprig%3Avariables%5BfieldSFCampaignID%5D=eaeef433fea73cf4091c0d31d7ef49285ce710a228b8dd4a17c30aa221a428ec7017V000001gqyjQAA&sprig%3Avariables%5BfieldRedirectURL%5D=164b1caa67e52a33cbe2f8c9abc290915be3787be5cf88cd721ae8798eb2aaa2https%3A%2F%2Fwww.beyondtrust.com%2Fcontact-sales&sprig%3Avariables%5BfieldDropdown%5D=104d95831d958ac2b9eb12d6ad50319d9b09820210ea93e55e19e5d2bad58422%5B%5D

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

beafe5042d9de19b74e2d269a8e62a2bc9ee56f0e0d22091bf69564bce3bdbcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-wohrmg
HX-Request: true
HX-Target: component-wohrmg
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2661993 PNNN RT(1680537644990 627) q(0 5 5 -1) r(9 9) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: 5aheJFkrLIOHWIBCtAJPe_mV1IthVOxgcrmSN1TTyfbsCEtk9_Y8pw==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:32:30 GMT
x-content-type-options: nosniff
age: 538095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:32:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 30ms
29ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.beyondtrust.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:32:21 GMT
x-content-type-options: nosniff
age: 538104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:32:21 GMT

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 6 KB
3 KB 1009ms
1008ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

950872a3a86054c893334fa5dbfcf4dbdcad8fa996e6c16819e663aa11a13f81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-bcrdrn
HX-Request: true
HX-Target: component-bcrdrn
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662082 PNNN RT(1680537644990 633) q(0 5 5 -1) r(10 10) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: SeeiwXypiZKEu_nr1JcOG2guMAnuoqddWtnuxRn5F1TjLeK-TEpnzg==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 5 KB
2 KB 1017ms
1016ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cf89588851dbcfd07db0fbb163b810e5800544ab2fa39b45b5e6ca1e4ee2bb83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-lkghlm
HX-Request: true
HX-Target: component-lkghlm
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662086 PNNN RT(1680537644990 638) q(0 6 6 -1) r(10 10) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: NrIsdTxLrSc7Me32uo4c1kbvAuVhHhZ3tjNExEByEvu8JjuxHRaZhQ==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 4 KB
2 KB 1024ms
1010ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

beafe5042d9de19b74e2d269a8e62a2bc9ee56f0e0d22091bf69564bce3bdbcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-jccwlw
HX-Request: true
HX-Target: component-jccwlw
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662078 PNNN RT(1680537644990 656) q(0 6 6 -1) r(10 10) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: O4QaIlAAmTxJuX0Y-OcNlRjlWEL6RtonCE8arNew3r9EJZ3pk9NLdA==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 7 B
228 B 1049ms
1040ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=933674bd9a7aa20be91ad4a29b9ad099eeab26c5624dc6cfd4f7c2baaa418218webinars%2F_components%2Fvideo-section&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BregistrationHeading%5D=8510f4607688d7320e4102460cbe9d06edd97487a7b8b6dbbe55217f323291f1Thank%20you%20for%20registering!&sprig%3Avariables%5BregistrationMessage%5D=42125ae8b01b879fc164466387e87d60c1181684988e82feb8a381fa3c9b5f56Please%20check%20your%20spam%20filter%20for%20a%20confirmation%20email%20from%20%3Ci%3Ewebinar%26%23x2E%3Bhost%26commat%3Bbigmarker%26%23x2E%3Bcom%3C%2Fi%3E%20that%20contains%20details%20about%20logging%20in%20on%20the%20day%20of%20the%20webinar.&sprig%3Avariables%5BskipRegistration%5D=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfromElId%5D=6805955be4c378cd9c82fe227095d40ac887d975635dd58ca7a21808475be43e455269

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-jqjcmn
HX-Request: true
HX-Target: component-jqjcmn
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662080 PNNN RT(1680537644990 658) q(0 6 6 -1) r(10 10) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: xpWf-mciv9qYiva3s845IPh-heJFGNFLVccB7OHj1rE4z2Z2-8vhNw==

GET
H2 200 render Show response
www.beyondtrust.com/actions/sprig-core/components/ 6 KB
2 KB 1497ms
1488ms XHR
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/sprig-core/components/render?FirstName=&LastName=&EmailAddress=&Organization=&Phone=&MiddleName=&FavoriteColor=&WebinarDate=2023-03-28&WebinarId=f90bacca05d1&WebinarName=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%20Access%20%26%20the%20Unnoticed%20Masters%20%7C%20Part%202&elqFormName=LiveWebinarForm&LeadSource=Webinar%20-%20Digital&Language=English&LandingPageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&LeadSourceDetails=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%20Access%20%26%20the%20Unnoticed%20Masters%20%7C%20Part%202&RedirectURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%23video-container&SFCampaignID=7017V000001gqyjQAA&ResourceProductTag=Endpoint%20Privilege%20Management%2CPrivilege%20Management%20for%20Windows%20and%20Mac&integrity=5d9fa282da489ea679b5ca12e05ea4022baf4cd33de8e0beb35946b161e5524d&sprig%3AsiteId=4724aa87e6cd4eba14b4831a388ec4e77995f371bd9b942d8f5bb278d1884baa1&sprig%3Atemplate=2df039bb9b1b3e0f69007359564716f4935cb206979c80eee57104f27a7a30e0webinars%2F_components%2Fsidebar-form&sprig%3Acomponent=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfieldLanguage%5D=c76014d74443249aecdccc82a404bfa0411eb6b114f28bba76054fdeedd82b5cEnglish&sprig%3Avariables%5BfieldLandingPageURL%5D=c5ee9c351eab4ffe3399d43f3116ae21c37931bb90f3fc913855213435e8fd8bhttps%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&sprig%3Avariables%5BfullPath%5D=2eac3ebe1f38b5ce5d9833381bba94f31d132fa96cd1ad899e48d6b5cc846b0dwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&sprig%3Avariables%5BfieldSFCampaignID%5D=eaeef433fea73cf4091c0d31d7ef49285ce710a228b8dd4a17c30aa221a428ec7017V000001gqyjQAA&sprig%3Avariables%5BskipRegistration%5D=026156cecdf9761d6f58e98ffe0e425e9b87293db4c20deda2cdac877929c11e&sprig%3Avariables%5BfromElId%5D=6805955be4c378cd9c82fe227095d40ac887d975635dd58ca7a21808475be43e455269

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

25bf7a26ea42121eb6eaf442598964a9d76b168cd894e6f3aa9feba7cbacbac2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
HX-Trigger: component-xligbp
HX-Request: true
HX-Target: component-xligbp
HX-Current-URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662084 PNNN RT(1680537644990 660) q(0 9 9 -1) r(15 15) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: vq6uSf5vRyTq2lzdUdspIL4DxTX8Cy7BoSofxCwwtlVyhGbSi8enUA==

GET
H2 200 get Show response
www.beyondtrust.com/actions/blitz/templates/ 0
273 B 1456ms
1448ms Fetch
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/blitz/templates/get?template=736375cc193d63581884d0361b37df819e3c51b814ad9c2bd6d216d3a390de7f_partials%2Fadmin-tools&params%5BfromElId%5D=455269&params%5BpathInfo%5D=webinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&siteId=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2661993 PNNN RT(1680537644990 664) q(0 9 9 -1) r(14 14) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: 425gumF7Gk0lSqsQcHtyQvytQMS41A6cyBFVazlFJC35DpCf4dTWfw==

GET
H2 200 get Show response
www.beyondtrust.com/actions/blitz/templates/ 943 B
747 B 1500ms
1492ms Fetch
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/blitz/templates/get?template=e5f7789edc0523f6a052b16cb5e1d76e1b1fc16d912bd012b930720af08c2d78_partials%2Fannouncement-bar.twig&params%5Bsegment%5D=webinars&siteId=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

505b685c83343f0eb4d398cf4077d75bbe21a7853b6918d36e5c670595696092

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662082 PNNN RT(1680537644990 665) q(0 10 10 -1) r(15 15) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: 2W5FFlC0ozWyPGUTXQZEH6pNIn8PX6O5bWaN-z1DGwyTt7GIhfip8g==

GET
H2 200 json Show response
www.beyondtrust.com/actions/blitz/csrf/ 308 B
660 B 1177ms
1171ms Fetch
application/json 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/blitz/csrf/json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b88ed8971bb5727c9f12d0bdfd242f736cc491cd0913390199b38c9950c2a58f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662086 PNNN RT(1680537644990 666) q(0 10 10 -1) r(11 11) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: pVfHESTBoSJj1HjcLopErirJit8hJ8_w17Bxe0zw2YX1pp-djryxlg==

GET
H2 200 get Show response
www.beyondtrust.com/actions/blitz/templates/ 0
227 B 1286ms
1281ms Fetch
text/html 45.60.63.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.beyondtrust.com/actions/blitz/templates/get?template=8c59ed585f0bfaa502d6fc0103953f4014be4d1e7eaf9ddb6d09aaafa77817e3_partials%2Fcookie-notice&params%5BfieldRedirectURL%5D=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&params%5BfieldLanguage%5D=English&params%5BfieldLandingPageURL%5D=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&siteId=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.63.64 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
content-security-policy: frame-ancestors 'self' https://*.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://*.facebook.com https://*.facebook.net https://*.googletagmanager.com https://*.btdevops.io https://*.wistia.com; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
via: 1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-cache: Miss from cloudfront
x-iinfo: 9-2661988-2662078 PNNN RT(1680537644990 667) q(0 10 10 -1) r(13 13) U24
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
x-robots-tag: none
x-amz-cf-id: IIkkGIRMjIIcVnzVnCjWJVFOSCBkclgph9PtPiCFm1BV6zlxgjtM4w==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 95ms
25ms Script
application/x-javascript 23.73.231.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/eloqua.ede7d69528e8ca6d396c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.73.231.40 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-231-40.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 03 Apr 2023 16:00:46 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H2 200 beyondtrust-logo-white.png
assets.beyondtrust.com/assets/images/logos/ 10 KB
11 KB 49ms
44ms Image
image/png 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.beyondtrust.com/assets/images/logos/beyondtrust-logo-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

83a39268456391ad5ac4c8d520ee29b20a2b00d7ccc85f693cd04fefa2ca474f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:42 GMT
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 561210
x-cache: Hit from cloudfront
x-imgix-id: 9a9c114f3a846a47a1cab397167e3f86eff2396f
cross-origin-resource-policy: cross-origin
content-length: 10196
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10032-SJC, cache-cmh1290064-CMH
x-imgix-render-farm: 02.8744
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Mar 2023 04:07:16 GMT
server: Google Frontend
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: LwBmH8uMbhy1b5Y4a-xjxuVnD8lJZFJpO39WK7ul9EqPXROnpamEsw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 45ms
43ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1434058-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cb76073a2664d72765f886ddcb60410417b3c042042782db2aa24b864ba84e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 57ms
50ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071875138&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf5b11158b24f520857ab0687abdfddc7cdfbb16925e777effb1945b45e1450d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51778
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 54ms
45ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9900116&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c14644cdd710a23e6d02b51c2e91e8e7a8144806caa5beeb13d66c88253e6c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45198
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 49ms
40ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-701142632&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

319e0bbd560cc7094a0a5bc323f882dafe4333fa60b953eb70b433dde0696597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51802
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:45 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/885586/domain/beyondtrust.com/ 36 B
376 B 99ms
27ms XHR
application/json 2600:9000:2509:5c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/885586/domain/beyondtrust.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:5c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:46:39 GMT
content-encoding: gzip
via: 1.1 afe53a1754be43c9b4c5c6fbf0780438.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
age: 847
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: EQqyGfSTkUVGIomJvgh87az554LxDpKths8DxgQU4Weu2U86VKNXvw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D885586%26time%3D1680537645980%26url%3Dhttps%253A%252F%252Fwww.beyondtrust.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-master...

0
488 B

103ms
49ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&cookiesTest=true&liSync=true&e_ipv6=AQIQOskbf5qxNQAAAYdH2XTbPNohD2Nx7AI_bGJKpdVpnSRkdIgfDdtFzZfKauIjyBVDcaibFA
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8FB5D8F904F749829D7304586183244F Ref B: YMQ01EDGE0812 Ref C: 2023-04-03T16:00:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4cKlx8MP0urWb1o0Dnw==

Redirect headers

date: Mon, 03 Apr 2023 16:00:45 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BC8E7016CAB34C28B430C3E24119E1CD Ref B: YMQ01EDGE0312 Ref C: 2023-04-03T16:00:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=885586&time=1680537645980&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&cookiesTest=true&liSync=true&e_ipv6=AQIQOskbf5qxNQAAAYdH2XTbPNohD2Nx7AI_bGJKpdVpnSRkdIgfDdtFzZfKauIjyBVDcaibFA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4cKlwUGQHmoaDT0pQYQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
82 KB 49ms
49ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5W4QD38R5C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1434058-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86c9babee1a4bdc5976901a94f70ab0bfc402bb2c6b27d2659fdf76547eec838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 78ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 03 Apr 2023 16:00:45 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 632D0A470C78497DA72C60BC1EF5FA2B Ref B: YMQ01EDGE0519 Ref C: 2023-04-03T16:00:46Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 55ms
16ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?33
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:45:52 GMT
content-encoding: br
age: 894
x-guploader-uploadid: ADPycdulZVxnw1oIXSyV1pTBllPGXWbIy7BhJzr2LYk_AhpdwvQpfjdXxsel_bEp8Z7v8J8BlDY7crTEN4iAaGJ0t4E2Cw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10477
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: YUL-62c5aa93
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 221ms
122ms Script
application/javascript 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 21:36:45 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "640a516d-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H/1.1 200
OK svrGP Show response
s1017.t.eloqua.com/visitor/v200/ 79 B
581 B 60ms
56ms Script
application/javascript 142.0.173.26
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1017.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1017&ms=122

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.26 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

b9305ca6217a3c5cc641c2e523612af102dfcdff4448414019f1ed82ec7d70a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Mon, 03 Apr 2023 16:00:45 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 106
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
s1017.t.eloqua.com/visitor/v200/ 49 B
448 B 171ms
112ms Image
image/gif 142.0.173.26
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1017.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1017&ref2=elqNone&tzo=0&ms=122&optin=disabled

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.26 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Mon, 03 Apr 2023 16:00:45 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 utsync.ashx Show response
ml314.com/ 644 B
1 KB 60ms
60ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=69780&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&pv=1680537646226_1tva6ydkb&bl=en-us&cb=5717333&return=&ht=&d=&dc=&si=1680537646226_1tva6ydkb&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e024602a8713a8b3490b6e70e70a37428f2c8ee39f32aa4cce2d112f5c7a6f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:45 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
expires: 0

GET
H2 204 4018380.js Show response
bat.bing.com/p/action/ 0
118 B 67ms
66ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4018380.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 03 Apr 2023 16:00:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4F915C69C314B279A0A250B56FA5C5E Ref B: YMQ01EDGE0519 Ref C: 2023-04-03T16:00:46Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 40ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4018380&Ver=2&mid=547f328b-4b47-4a19-b47d-a51aef6ebec8&sid=b1e03290d23811edb50c87a7b607233b&vid=b1e0b350d23811edb0dbcb65d1b06fb7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=On-Demand%20%7C%20Crouching%20Admin,%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&p=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&r=&lt=1292&evt=pageLoad&sv=1&rn=695788

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Apr 2023 16:00:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBCAD6845B78465AB91CEE5B642D35AA Ref B: YMQ01EDGE0519 Ref C: 2023-04-03T16:00:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3634715729837686807&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3634715729837686807&redir=

42 B
940 B

57ms
56ms

Image
image/gif

52.87.116.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3634715729837686807&redir=

Requested by

Protocol

HTTP/1.1

Server

52.87.116.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-116-233.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-02e07d948.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lIVPgTBvQZM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v045-02add4958.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1phAFCRoQEs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3634715729837686807&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3634715729837686807
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNDcxNTcyOTgzNzY4NjgwNxAAGg0IrvCroQYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=b8041ba6271da6089312804caab8cf187260c41833d6ae440de1bb4e85a29710f4cb09cee1a4f8eb&person_id=3634715729837686807&eid=50082

43 B
60 B

78ms
77ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=b8041ba6271da6089312804caab8cf187260c41833d6ae440de1bb4e85a29710f4cb09cee1a4f8eb&person_id=3634715729837686807&eid=50082
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Tue, 04 Apr 2023 12:00:46 GMT

Redirect headers

date: Mon, 03 Apr 2023 16:00:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=b8041ba6271da6089312804caab8cf187260c41833d6ae440de1bb4e85a29710f4cb09cee1a4f8eb&person_id=3634715729837686807&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&gdpr=0&gdpr_consent=
https://ml314.com/csync.ashx?fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&person_id=3634715729837686807&eid=53819

43 B
60 B

30ms
30ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&person_id=3634715729837686807&eid=53819
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:45 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Tue, 04 Apr 2023 12:00:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:45 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
location: https://ml314.com/csync.ashx?fp=b36416d9-fc33-4e43-b5ce-f43c04b15f42&person_id=3634715729837686807&eid=53819
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 04 Apr 2023 12:00:46 GMT

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3634715729837686807
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3634715729837686807
https://ml314.com/csync.ashx?fp=d2fdcca9e45900e47e21452914a1917&eid=50146&person_id=3634715729837686807

43 B
60 B

58ms
58ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=d2fdcca9e45900e47e21452914a1917&eid=50146&person_id=3634715729837686807
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Tue, 04 Apr 2023 12:00:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=d2fdcca9e45900e47e21452914a1917&eid=50146&person_id=3634715729837686807
cache-control: no-cache
x-server: 10.40.38.197
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2Fd2noWryF6TYHxZfY_SIITjrCQ_UbKraY-xTiL3VB1g&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2Fd2noWryF6TYHxZfY_SIITjrCQ_UbKraY-xTiL3VB1g&person_id=3634715729837686807&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

27ms
26ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 03 Apr 2023 16:00:46 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date: Mon, 03 Apr 2023 16:00:45 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
expires: Tue, 04 Apr 2023 12:00:46 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
823 B 65ms
19ms XHR
application/json 68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 16:00:46 GMT
AN-X-Request-Uuid: 75dde19f-4d48-4495-97eb-62caf7622f90
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.beyondtrust.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.184; 149.56.153.184; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
205 B 48ms
30ms XHR
text/html 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-11-188.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.beyondtrust.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 21 B
316 B 94ms
20ms XHR
text/html 2600:1400:d::1721:ee69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:ee69 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7a099c226b965e0d1fb4ef2fa01159e1564cd73e3879178a0cd216e8abb901ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.beyondtrust.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::10
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466816_388099685_60885047_19_739_19_0";dur=1
content-length: 21
expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 56ms
38ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1efbb74860ef40eefc9e23f181ad3dfb&svisitor=null&visitor=fc647797-8c54-4019-8cc4-91a00402b435&session=c50cd147-aa87-4db5-807d-a612d0362ff4&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2003%20Apr%202023%2016%3A00%3A46%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2003%20Apr%202023%2016%3A00%3A46%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%221efbb74860ef40eefc9e23f181ad3dfb%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2003%20Apr%202023%2016%3A00%3A46%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2003%20Apr%202023%2016%3A00%3A46%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%7B%5C%5C%5C%22name%5C%5C%5C%22%3A%5C%5C%5C%22product%5C%5C%5C%22%7D%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2003%20Apr%202023%2016%3A00%3A46%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22BeyondTrust%E2%80%99s%20Privileged%20Access%20Management%20platform%20protects%20your%20organization%20from%20unwanted%20remote%20access%2C%20stolen%20credentials%2C%20and%20misused%20privileges%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust%22%2C%22product%22%3A%22Endpoint%20Privilege%20Management%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&pageViewId=12f3004b-f7dd-443b-841a-d8be2e52a181&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 utils.chunk.b3be19b3614974e16893.js Show response
assets.beyondtrust.com/assets/js/ 229 KB
49 KB 88ms
84ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/utils.chunk.b3be19b3614974e16893.js

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/formFields.46d0c1b18df404af6327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63a7ded1e80381e358d3eb5ad537a4e8156f4e73a98cffb8026482bcd8d948a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
x-amz-version-id: F8Qjlu.NhGypJx_8EkWeuu8OmxJro2zb
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:59 GMT
server: AmazonS3
etag: W/"8c342c77e04a1fd6bd3a89024e4135e4"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: b9qFcYBGDn3JumjORLFwpUn__NWG2BxjD7f8FUFHGwInKBym-jtEmg==

GET
H2 200 _prepopulate-field.f98c7670d16be2885904.js Show response
assets.beyondtrust.com/assets/js/ 1 KB
1 KB 114ms
111ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/_prepopulate-field.f98c7670d16be2885904.js

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/formFields.46d0c1b18df404af6327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58b2e431697d22a4908b6fcc4c1515a6af806a25a533f3433f82f546ffff027f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
x-amz-version-id: 80ogeb3bHtlUT599w5kkVHBdOUxxPndx
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"6cd919a22b349ae7158d795f529918ac"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: WYultJaxhJLZ6YE6meGby_xAHxSVC9rGO8BdqmtTK9MvpFDWW160OA==

GET
H2 200 _password-check.1081c367e4a97754e5b8.js Show response
assets.beyondtrust.com/assets/js/ 1 KB
1 KB 70ms
69ms Script
application/javascript 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.beyondtrust.com/assets/js/_password-check.1081c367e4a97754e5b8.js

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/formFields.46d0c1b18df404af6327.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10f4ab7bde460aeab498a87f9f5baf810423946335960b22912f5d56f686f1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
x-amz-version-id: WxcgyXeGgNO07eVcEhwu9.HzbWZkMCyW
content-encoding: br
x-content-type-options: nosniff
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 19:21:58 GMT
server: AmazonS3
etag: W/"10b52b9e05e057fd0f51cb30a1c828a9"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: x-ljLt85LHmV3rwAh8j2klwt2Kz82eu-qV3VBcv_nsa2X3hR5N9f4w==

GET
H2

200

src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12057285;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
https://adservice.google.com/ddm/fls/z/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons...

42 B
401 B

116ms
44ms

Image
image/gif

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Protocol

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=12057285;dc_pre=CI6c3suKjv4CFUq7nwod38MBKQ;type=sitek0;cat=demo-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flags.png
assets.beyondtrust.com/assets/images/icons/ 71 KB
72 KB 59ms
58ms Image
image/png 2600:9000:2203:4600:12:deb6:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.beyondtrust.com/assets/images/icons/flags.png

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/css/intlTelInput.31bce6ff0ed1e09ca26b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2203:4600:12:deb6:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

4be904114a2234508927cb3809d6d7be2c0605f1f47a44133fb5fb533c2494f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://assets.beyondtrust.com/assets/css/intlTelInput.31bce6ff0ed1e09ca26b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:57:44 GMT
via: 1.1 bcc27c91d74af44f5af3fc2789d84114.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ORD53-C1
age: 3572481
x-cache: Hit from cloudfront
x-imgix-id: f24042ea6a934cf5576b1bd7e60fbee5c98d2143
cross-origin-resource-policy: cross-origin
content-length: 73010
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10035-SJC, cache-cmh1290047-CMH
x-imgix-render-farm: 01.0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 21 Feb 2023 07:39:25 GMT
server: imgix
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zKNKXMBiKsszaeWQQ0gojVDQNbVNad_O3ZFr1HTpLp4DcMsVeOVMNA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 58ms
57ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1efbb74860ef40eefc9e23f181ad3dfb&svisitor=null&visitor=fc647797-8c54-4019-8cc4-91a00402b435&session=c50cd147-aa87-4db5-807d-a612d0362ff4&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22BeyondTrust%E2%80%99s%20Privileged%20Access%20Management%20platform%20protects%20your%20organization%20from%20unwanted%20remote%20access%2C%20stolen%20credentials%2C%20and%20misused%20privileges%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust%22%2C%22product%22%3A%22Endpoint%20Privilege%20Management%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&pageViewId=12f3004b-f7dd-443b-841a-d8be2e52a181&an_uid=0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 uyftdv4t2k95.js Show response
js.driftt.com/include/1680537900000/ 220 KB
63 KB 300ms
63ms Script
application/javascript 13.225.223.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1680537900000/uyftdv4t2k95.js

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/drift.67abbd0860f2493efd42.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-48.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

77365674504ce1e35703d1f6b3723d0c82fcfbcf280a901804952a4bf931906d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
x-amz-version-id: v7oqgUdcZPMChwRXmiWtzNNVfDJw.rOl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 27 Mar 2023 18:09:24 GMT
server: istio-envoy
etag: W/"f090a5ed264e92c26ba3cd4ee087255c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y3Y3P5DDOEE4ggrn20CDFTjPu6BbcyuyI4DE-V8YSAo3HO7R4c4ZIQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 38ms
37ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12057285

Requested by

Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd2560fac91d175271244bc22e6cc456d9c12ed025f53ef385ad90d78a3a4fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45146
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
44 KB 41ms
39ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12057285&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0f41b41a7830a6904d3552438fc34c5899e194fc97b87aa0d7bd9c864f675b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45180
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Apr 2023 16:00:46 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 245ms
29ms Script
application/x-javascript 52.84.21.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: assets.beyondtrust.com
URL: https://assets.beyondtrust.com/assets/js/htmx.7c4ae74461d7cc2e8b08.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.21.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-21-129.ord53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 06:33:25 GMT
Content-Encoding: gzip
Via: 1.1 075cbfecdb7a7b3711dffaa6c5a5c160.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: ORD53-C2
Age: 34046
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: vq5BbAc6-1El9V21cSERcnDv3f6G0hG5ZX1A20q8EiGV2z9bEqzCxA==

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-mas...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-...

42 B
410 B

37ms
36ms

Ping
image/gif

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&gtm=45be33t0&auid=1740310144.1680537647

Requested by

Protocol

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=822573737.1680537647&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&gtm=45be33t0&auid=1740310144.1680537647
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/685788122/ 3 KB
2 KB 257ms
94ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/685788122/?random=1680537645960&cv=11&fst=1680537645960&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-685788122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d76480a5f0a0d580291124809e64976a5abdb82df3a271ff6d130aa34c4cc04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
21ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1434058-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Apr 2023 14:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 03 Apr 2023 16:05:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071875138/ 3 KB
2 KB 247ms
95ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071875138/?random=1680537646077&cv=11&fst=1680537646077&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=NKgkCKvGqwQQwoiO_wM&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-88RX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a741137819cb3ecc5e0fb5bfeb435772fd3946700ee995cc261f5436254c8572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992175529/ 3 KB
2 KB 192ms
41ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992175529/?random=1680537646078&cv=11&fst=1680537646078&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-88RX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f7f15681c870a05c765d131d64ba390874d312ce22fceff3db408124edcddca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1386
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861854303/ 3 KB
2 KB 242ms
93ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861854303/?random=1680537646079&cv=11&fst=1680537646079&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=AdWords%20Display%20Remarketing%20-%20861854303&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-88RX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf58033e41b7a45c4153d3b439a56c17240c2894b30da609a49ca32f053fdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1468
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701142632/ 3 KB
2 KB 72ms
43ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701142632/?random=1680537646152&cv=11&fst=1680537646152&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-701142632&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45dc6d90c1427c44999125f702652347517669710968842f7b7f7c013689e07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071875138/ 3 KB
2 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071875138/?random=1680537646165&cv=11&fst=1680537646165&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&hn=www.googleadservices.com&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&auid=1740310144.1680537647&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071875138&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b82dac5e4d051aac9aba89652c642828cc7f0cc1e4ca542bd04f5db62e8e4919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 132ms
37ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5W4QD38R5C&gtm=45je33t0&_p=1807908226&_gaz=1&gcs=G111&cid=465441690.1680537647&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680537646&sct=1&seg=0&dl=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&dt=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5W4QD38R5C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beyondtrust.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 130ms
36ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5W4QD38R5C&cid=465441690.1680537647&gtm=45je33t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5W4QD38R5C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beyondtrust.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 110ms
47ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5W4QD38R5C&cid=465441690.1680537647&gtm=45je33t0&aip=1&z=915436429

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

stats
monitor.clickcease.com/stats/
Redirect Chain

https://monitor.clickcease.com/stats/stats.aspx
https://monitor.clickcease.com/stats/stats

631 B
0

98ms
98ms

Image
image/jpeg

2a01:111:f100:a004::bfeb:8c20
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monitor.clickcease.com/stats/stats
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H2
Server: 2a01:111:f100:a004::bfeb:8c20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
cache-control: private
server: Microsoft-IIS/10.0
vm: 10.1.0.24
content-type: image/jpeg

Redirect headers

location: /stats/stats
date: Mon, 03 Apr 2023 16:00:46 GMT
server: Microsoft-IIS/10.0
vm: 10.1.0.24
content-length: 129
content-type: text/html; charset=utf-8

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 61ms
7ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 184ms
35ms Script
application/javascript 2600:9000:2026:5800:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2026:5800:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 b57909894838e27c3bff2a0828c2639c.cloudfront.net (CloudFront)
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: ORD53-C3
age: 4
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: NsU2dmV-6HbwqItRIJatXw159X61EXv-maQVitPts9ufDODGkLp0lw==

GET
H2 200 heap-3462970183.js Show response
cdn.heapanalytics.com/js/ 111 KB
36 KB 142ms
46ms Script
application/javascript 52.84.18.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3462970183.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.18.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-18-103.ord53.r.cloudfront.net

Software

nginx / Express

Resource Hash

5972319dceaafd3ffe1f1f969bdc6fb4093c33069f08dbcc1f715b65df08c97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:04 GMT
content-encoding: br
via: 1.1 0d295dc6f41daf46fd96a295075f9206.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: ORD53-C2
age: 42
x-powered-by: Express
etag: W/"1bcb0-I8QP0XqC9PFFpfMvLUpEzFyYphI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5ZCyndn2QEgn8TJ8OH-nZLWdJse4_xBEHyhn4DrD_ZLrC34VENImEg==

GET
H3

200

activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebina... Show response
12057285.fls.doubleclick.net/ Frame 90EA
Redirect Chain

https://12057285.fls.doubleclick.net/activityi;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fweb...
https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https...

676 B
420 B

68ms
67ms

Document
text/html

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12057285

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

1c1d23f3f1d12f3491e0f3e976df172d0dad7ebfac1cad90d0577ea580a9923a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 16:00:46 GMT
expires: Mon, 03 Apr 2023 16:00:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 16:00:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/992175529/ 42 B
108 B 48ms
47ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992175529/?random=1680537646078&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=2129031942&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/992175529/ 42 B
154 B 51ms
41ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/992175529/?random=1680537646078&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=2129031942&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 41ms
34ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1807908226&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&ul=en-us&de=UTF-8&dt=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1528595482&gjid=524397553&cid=465441690.1680537647&tid=UA-1434058-1&_gid=954292798.1680537647&_r=1&gtm=457e33t0&gcs=G111&jsscut=1&z=1132200166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beyondtrust.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/701142632/ 42 B
108 B 72ms
66ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701142632/?random=1680537646152&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1187544441&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/701142632/ 42 B
108 B 48ms
44ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/701142632/?random=1680537646152&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1187544441&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/861854303/ 42 B
64 B 44ms
44ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861854303/?random=1680537646079&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=AdWords%20Display%20Remarketing%20-%20861854303&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=2445324149&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/861854303/ 42 B
108 B 45ms
42ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/861854303/?random=1680537646079&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=AdWords%20Display%20Remarketing%20-%20861854303&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=2445324149&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/685788122/ 42 B
64 B 51ms
49ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/685788122/?random=1680537645960&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=314025834&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/685788122/ 42 B
108 B 45ms
42ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/685788122/?random=1680537645960&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=314025834&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1071875138/ 42 B
64 B 43ms
42ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071875138/?random=1680537646077&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=NKgkCKvGqwQQwoiO_wM&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=4180744728&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1071875138/ 42 B
108 B 46ms
44ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1071875138/?random=1680537646077&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45He33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&label=NKgkCKvGqwQQwoiO_wM&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&fmt=3&is_vtc=1&random=4180744728&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 93ms
36ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1680537646905&id=t2_qz6b7qdq&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=ef24207a-28c7-4a34-9ee7-abd10066c155&aaid=&em=0000000000000000000000000000000000000000000000000000000000000000&external_id=6871144572570a76b42cd0909194f75b69c2dc968d5edc4bcfe96fb94dc65121&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: www.beyondtrust.com
URL: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:46 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 78ms
36ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1434058-1&cid=465441690.1680537647&jid=1528595482&gjid=524397553&_gid=954292798.1680537647&_u=YADAAUAAAAAAACAAI~&z=1366987050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.beyondtrust.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1071875138/ 42 B
64 B 61ms
45ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071875138/?random=1680537646165&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1785489899&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1071875138/ 42 B
108 B 59ms
40ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1071875138/?random=1680537646165&cv=11&fst=1680537600000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&frm=0&tiba=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1785489899&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=*;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-ha...
adservice.google.com/ddm/fls/z/ Frame 90EA 42 B
107 B 38ms
37ms Image
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=*;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA

Requested by

Host: 12057285.fls.doubleclick.net
URL: https://12057285.fls.doubleclick.net/activityi;dc_pre=CP2g48uKjv4CFRtYDQodAe8JMQ;src=12057285;type=sitek0;cat=demo-0;ord=9927712545234;gtm=45fe33t0;gcs=G111;auiddc=1740310144.1680537647;~oref=https%3A%2F%2Fwww.beyondtrust.com%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://12057285.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 43ms
38ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1434058-1&cid=465441690.1680537647&jid=1528595482&_u=YADAAUAAAAAAACAAI~&z=1457935153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 44ms
40ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1434058-1&cid=465441690.1680537647&jid=1528595482&_u=YADAAUAAAAAAACAAI~&z=1457935153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 87ms
24ms Image
image/gif 18.214.55.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3462970183&u=1053421471800435&v=3023701503599509&s=2622610110581495&b=web&tv=4.0&z=0&h=%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2&q=%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA&d=www.beyondtrust.com&t=On-Demand%20%7C%20Crouching%20Admin%2C%20Hidden%20Hacker%3A%20Privileged%E2%80%A6%20%7C%20BeyondTrust&us=Eloqua&um=email&ua=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&ts=1680537647042&st=1680537647046

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.55.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-55-47.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 16:00:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 33ms
33ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:47 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 33ms
33ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:48 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 72ms
71ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:49 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 51ms
51ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:50 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 46ms
43ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:51 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 57ms
56ms Image
image/gif 23.61.11.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.188 Sterling, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-61-11-188.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.beyondtrust.com/webinars/crouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2?utm_source=Eloqua&utm_medium=email&utm_campaign=Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises&campid=7017V000001gqyjQAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:00:52 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eloqua.com/	1970-01-20 20:19:12	Name: ELOQUA Value: GUID=BF36B8EF42354392A86FBF8B584270AC
.eloqua.com/	1970-01-20 20:19:12	Name: ELQSTATUS Value: OK
.beyondtrust.com/	1970-01-20 19:38:23	Name: visid_incap_2282671 Value: tHS5hFdgQj+z75V7KR/g5i34KmQAAAAAQUIPAAAAAACgeMY1PvUGAPcs3fmL2Qhn
.beyondtrust.com/	1969-12-31 23:59:59	Name: nlbi_2282671 Value: qu/HQucjdkn4SHJ/3YvRTgAAAAALosdoffHH/bC2711zUUZ2
.beyondtrust.com/	1969-12-31 23:59:59	Name: incap_ses_490_2282671 Value: 3juFPQE3XgQNXw2VRNXMBi34KmQAAAAAwmh7W+L7xdkiMR8kmI10Iw==
www.beyondtrust.com/	1970-01-20 15:08:09	Name: wm_kw Value: undefined
www.beyondtrust.com/	1970-01-20 15:08:09	Name: wm_v Value: undefined
www.beyondtrust.com/	1970-01-20 15:08:09	Name: BT_GUID Value: 3b77d856-1829-8981-8651-094a8f937423
www.beyondtrust.com/	1970-01-20 15:08:09	Name: ReferringWebsite Value: undefined
.linkedin.com/	1970-01-20 12:58:33	Name: li_sugr Value: 9dc859ea-d94c-47b9-a656-92bacf01b85a
.linkedin.com/	1970-01-20 19:34:33	Name: bcookie Value: "v=2&76842277-9850-4fbb-86f4-1761bc46e16b"
.linkedin.com/	1970-01-20 10:50:24	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2844:u=1:x=1:i=1680537646:t=1680624046:v=2:sig=AQES3hWExxNMeXHMfdiDv_UAd30u2Pai"
www.beyondtrust.com/	1970-01-20 10:50:24	Name: ln_or Value: eyI4ODU1ODYiOiJkIn0%3D
.linkedin.com/	1970-01-20 11:32:09	Name: UserMatchHistory Value: AQIrag09KBTJ8gAAAYdH2XQ9zPyhqtdd6XATrgWtlRUdVOsSnGIP_rthvs4HRb9jqKt7NiFxVJtbgg
.linkedin.com/	1970-01-20 11:32:09	Name: AnalyticsSyncHistory Value: AQLZKg-qmdPbnAAAAYdH2XQ9wyewnklmzU2-SH7l4x5mILoWxjEvHxJoTk5HT1E1Vv-PbObvfVI0IzBGyN5ufg
.www.linkedin.com/	1970-01-20 19:34:33	Name: bscookie Value: "v=1&2023040316004606b356ee-1273-4721-8941-c9890c1b8513AQFYiuh96zgfXZyeC8HpwONBPc-eASSv"
.beyondtrust.com/	1970-01-20 10:50:24	Name: _uetsid Value: b1e03290d23811edb50c87a7b607233b
.beyondtrust.com/	1970-01-20 20:10:33	Name: _uetvid Value: b1e0b350d23811edb0dbcb65d1b06fb7
.ml314.com/	1970-01-20 10:48:57	Name: u Value: aHR0cHM6Ly93d3cuYmV5b25kdHJ1c3QuY29tL3dlYmluYXJzL2Nyb3VjaGluZy1hZG1pbi1oaWRkZW4taGFja2VyLXByaXZpbGVnZWQtYWNjZXNzLXRoZS11bm5vdGljZWQtbWFzdGVycy1wYXJ0LTI/dXRtX3NvdXJjZT1FbG9xdWEmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249QnJpZGdpbmclMjBhJTIwRGFuZ2Vyb3VzJTIwR2FwJTIwQmV0d2VlbiUyMEluY2lkZW50cyUyMGFuZCUyMEN5YmVyJTIwQ3Jpc2VzJmNhbXBpZD03MDE3VjAwMDAwMWdxeWpRQUE=
.ml314.com/	1970-01-20 19:36:00	Name: pi Value: 3634715729837686807
.ml314.com/	1970-01-20 11:09:07	Name: tp Value: 4%3b4%2f3%2f2023+12%3a00%3a46+PM%3b0
.bing.com/	1970-01-20 20:10:33	Name: MUID Value: 37490140A637647E294513A8A70C659F
.bat.bing.com/	1970-01-20 10:59:02	Name: MR Value: 0
.rlcdn.com/	1970-01-20 19:34:33	Name: rlas3 Value: oFWHQuiiB7Q7rEzoFWUNwrccCNLmuw7A/ySGadyXOLk=
.adsrvr.org/	1970-01-20 19:36:00	Name: TDID Value: b36416d9-fc33-4e43-b5ce-f43c04b15f42
www.beyondtrust.com/	1970-01-20 10:59:02	Name: _an_uid Value: 0
www.beyondtrust.com/	1970-01-20 20:24:57	Name: _gd_visitor Value: fc647797-8c54-4019-8cc4-91a00402b435
www.beyondtrust.com/	1970-01-20 10:49:12	Name: _gd_session Value: c50cd147-aa87-4db5-807d-a612d0362ff4
.adsrvr.org/	1970-01-20 19:36:00	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCK6XjOfTmdo7EAUYBSABKAIyCwie9OuT6pnaOxAFOAE.
.www.beyondtrust.com/	1970-01-20 20:24:57	Name: cookie_preferences Value: %7B%22strictly_necessary%22%3Atrue%2C%22functional%22%3Atrue%2C%22preferences%22%3Atrue%2C%22statistics%22%3Atrue%2C%22advertising%22%3Atrue%2C%22marketing%22%3Atrue%7D
.eyeota.net/	1970-01-20 19:36:00	Name: mako_uid Value: 18747d9753b-2f320000010a517b
.eyeota.net/	1970-01-20 10:48:58	Name: SERVERID Value: 20859~DM
.demdex.net/	1970-01-20 15:08:09	Name: demdex Value: 31553186857521847534329001906572397914
.rlcdn.com/	1970-01-20 12:15:21	Name: pxrc Value: CK7wq6EGEgUI6AcQABIFCNtOEAA=
www.beyondtrust.com/	1970-01-20 11:32:09	Name: utm_campaign Value: Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises
www.beyondtrust.com/	1970-01-20 11:32:09	Name: utm_source Value: Eloqua
www.beyondtrust.com/	1970-01-20 11:32:09	Name: utm_medium Value: email
www.beyondtrust.com/	1970-01-20 11:32:09	Name: campid Value: 7017V000001gqyjQAA
.crwdcntrl.net/	1970-01-20 17:17:46	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 17:17:46	Name: _cc_id Value: d2fdcca9e45900e47e21452914a1917
.6sc.co/	1970-01-20 20:24:57	Name: 6suuid Value: bcf93017ee2800002ef82a64b4010000cace3300
.dpm.demdex.net/	1970-01-20 15:08:09	Name: dpm Value: 31553186857521847534329001906572397914
www.beyondtrust.com/	1969-12-31 23:59:59	Name: DriftPlaybook Value: A
.beyondtrust.com/	1970-01-20 12:58:33	Name: _gcl_au Value: 1.1.1740310144.1680537647
.beyondtrust.com/	1970-01-20 20:24:57	Name: _ga_5W4QD38R5C Value: GS1.1.1680537646.1.0.1680537646.60.0.0
.beyondtrust.com/	1970-01-20 20:24:57	Name: _ga Value: GA1.2.465441690.1680537647
.beyondtrust.com/	1970-01-20 10:50:24	Name: _gid Value: GA1.2.954292798.1680537647
.beyondtrust.com/	1970-01-20 10:48:57	Name: _gat_gtag_UA_1434058_1 Value: 1
.doubleclick.net/	1970-01-20 20:24:57	Name: IDE Value: AHWqTUmYj_BeUeuxaFxfbNXGnr_54I_dsRgGjSf3uBBGppQEyGP4PLOLexbf8r2XAH4
.doubleclick.net/	1970-01-20 10:48:58	Name: test_cookie Value: CheckForPermission
.beyondtrust.com/	1970-01-20 12:58:33	Name: _rdt_uuid Value: 1680537646904.ef24207a-28c7-4a34-9ee7-abd10066c155
.beyondtrust.com/	1970-01-20 20:16:55	Name: _hp2_id.3462970183 Value: %7B%22userId%22%3A%221053421471800435%22%2C%22pageviewId%22%3A%223023701503599509%22%2C%22sessionId%22%3A%222622610110581495%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
www.beyondtrust.com/	1969-12-31 23:59:59	Name: BT_CSRF Value: c8e7aa6737ff312fdcd709068acabd1844ab96191a19c45ecfb921439bb70c6ca%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22BT_CSRF%22%3Bi%3A1%3Bs%3A40%3A%22WtbRaGbY0X2pev1HaWwwnhQEhS9I-FARW1wuYdwP%22%3B%7D
.beyondtrust.com/	1970-01-20 10:48:59	Name: _hp2_ses_props.3462970183 Value: %7B%22us%22%3A%22Eloqua%22%2C%22um%22%3A%22email%22%2C%22ua%22%3A%22Bridging%20a%20Dangerous%20Gap%20Between%20Incidents%20and%20Cyber%20Crises%22%2C%22ts%22%3A1680537647042%2C%22d%22%3A%22www.beyondtrust.com%22%2C%22h%22%3A%22%2Fwebinars%2Fcrouching-admin-hidden-hacker-privileged-access-the-unnoticed-masters-part-2%22%2C%22q%22%3A%22%3Futm_source%3DEloqua%26utm_medium%3Demail%26utm_campaign%3DBridging%2520a%2520Dangerous%2520Gap%2520Between%2520Incidents%2520and%2520Cyber%2520Crises%26campid%3D7017V000001gqyjQAA%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.beyondtrust.com https://beyondtrust.com; base-uri 'self'; form-action 'self' https://.facebook.com https://.facebook.net https://.googletagmanager.com https://.btdevops.io https://.wistia.com; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12057285.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.google.com
app.now.beyondtrust.info
assets.beyondtrust.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.heapanalytics.com
cdn.linkedin.oribi.io
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
idsync.rlcdn.com
img.en25.com
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
match.adsrvr.org
ml314.com
monitor.clickcease.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
s1017.t.eloqua.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
www.beyondtrust.com
www.clickcease.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
13.107.42.14
13.225.223.48
142.0.173.26
142.0.173.37
142.251.40.230
15.197.193.217
151.101.129.140
18.214.55.47
23.61.11.188
23.73.231.40
2600:1400:d::1721:ee69
2600:141b:13::17d7:8279
2600:9000:2026:5800:15:a0d3:77c0:93a1
2600:9000:2203:4600:12:deb6:3a40:93a1
2600:9000:2509:5c00:2:53b2:240:93a1
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:822::2008
2620:1ec:21::14
2620:1ec:c11::200
2a01:111:f100:a004::bfeb:8c20
2a04:4e42::396
34.111.234.236
34.197.192.192
35.190.60.146
45.60.63.64
52.5.98.218
52.84.18.103
52.84.21.129
52.87.116.233
68.67.179.87
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0bedd9f519248abb9ab9124d2ee0685f553f71471412c1b46dac5eef1e88ab23
0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405
10f4ab7bde460aeab498a87f9f5baf810423946335960b22912f5d56f686f1ca
1c1d23f3f1d12f3491e0f3e976df172d0dad7ebfac1cad90d0577ea580a9923a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
25bf7a26ea42121eb6eaf442598964a9d76b168cd894e6f3aa9feba7cbacbac2
25c86c24d166ef3dc2d9ce257d0b69f355158fd2c242304a0b8d10dd22be2657
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2901b8da86426bc606cbb9ab77e9b9f9d8950eb9b82611b3d0fb5329ec2a4901
2bf58033e41b7a45c4153d3b439a56c17240c2894b30da609a49ca32f053fdc6
2e024602a8713a8b3490b6e70e70a37428f2c8ee39f32aa4cce2d112f5c7a6f6
319e0bbd560cc7094a0a5bc323f882dafe4333fa60b953eb70b433dde0696597
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
35399d7dc44d0eace8f2a90f79cb1a365ad1e8180be614c833865a0d5050f6f3
358cfe8de81746de4546bac3f6090f6bcf7eaff532b587293dd79d200e0b3e66
39ccbe3e2477d42cacd6ca8db7446c6adffbfad5ba12d441222555bf02e06f64
45dc6d90c1427c44999125f702652347517669710968842f7b7f7c013689e07e
4be904114a2234508927cb3809d6d7be2c0605f1f47a44133fb5fb533c2494f5
4cb76073a2664d72765f886ddcb60410417b3c042042782db2aa24b864ba84e9
4d1d95bd2de714fedb36ce54257758cc49123ecba2e97b7ec819173c98e4dbe8
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
505b685c83343f0eb4d398cf4077d75bbe21a7853b6918d36e5c670595696092
58b2e431697d22a4908b6fcc4c1515a6af806a25a533f3433f82f546ffff027f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5972319dceaafd3ffe1f1f969bdc6fb4093c33069f08dbcc1f715b65df08c97c
5d93b7025e3bf1bd06f27ecbb099b30187ff1c8de9e7b413427b37fd7ac5c287
5e502786c44a9d52c3b2dbd87c66a770f8e905befbf57222c9ea06623d7c65c9
60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3
63a7ded1e80381e358d3eb5ad537a4e8156f4e73a98cffb8026482bcd8d948a9
694f48f2b14bc9d7f00b6b2eff81ef24d105458ee4afba8d560083dfcc8cb94e
6b27c51bf4b530bbc4b854e9a90b7fd73b517af6c8af16f2628531c94864ebae
6f7f15681c870a05c765d131d64ba390874d312ce22fceff3db408124edcddca
75c1c529a87250eb3e528edb7b9890f1fa2172f6511ec51b4b303a3bf75335f4
77365674504ce1e35703d1f6b3723d0c82fcfbcf280a901804952a4bf931906d
7a099c226b965e0d1fb4ef2fa01159e1564cd73e3879178a0cd216e8abb901ff
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b857f33b5c10a95542ce26ef7bd7e2f78747d300fdaf19e4a2790e0148bcb93
83a39268456391ad5ac4c8d520ee29b20a2b00d7ccc85f693cd04fefa2ca474f
845a9869061e91edc65ef698680ef959bad4f9774bf6265b261f88b7dbf996fe
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86c9babee1a4bdc5976901a94f70ab0bfc402bb2c6b27d2659fdf76547eec838
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
950872a3a86054c893334fa5dbfcf4dbdcad8fa996e6c16819e663aa11a13f81
9649c5937bc3bcd7483d12b323cc4759d94b6085dc06d513733baa073ed832c5
9c991550132e14b16608d02b973c7d28dc2ae7b72a0e8b37424dea6dec726331
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a30c7f4bba128d555dc62e5625456efc0a2a5d9377d47a2d13eb7ec9fc5c433b
a5fceb594dba409b0c44898f100669ad9e6662d00c180c82b5e62feed004a85d
a741137819cb3ecc5e0fb5bfeb435772fd3946700ee995cc261f5436254c8572
a811becf08b6dcf4401f4dcc269b180200b86cabdb71632856eb1af4d6d2447a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0f41b41a7830a6904d3552438fc34c5899e194fc97b87aa0d7bd9c864f675b3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54b59c79969e6ec215b4e940c7cef1b9b558cdab046416c514b0dd3639555a0
b82dac5e4d051aac9aba89652c642828cc7f0cc1e4ca542bd04f5db62e8e4919
b88ed8971bb5727c9f12d0bdfd242f736cc491cd0913390199b38c9950c2a58f
b9305ca6217a3c5cc641c2e523612af102dfcdff4448414019f1ed82ec7d70a6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beafe5042d9de19b74e2d269a8e62a2bc9ee56f0e0d22091bf69564bce3bdbcb
c04eb1874ec264b731a8ce32d9b4465e9e66297e555f4dd4e3aa4787ab66dd69
c14644cdd710a23e6d02b51c2e91e8e7a8144806caa5beeb13d66c88253e6c96
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c98f5685650e50e91f6fd0e5d1ae975a759cef78793b43da65047bb7e016ea44
cb8f3d67be6a6264e7db384007357aeba7952f437fc1fef7fd06d969a08d518d
cc6ea7a708a8d214559439fc08e5a46f29ec977d9829ac0480e0930eafabf398
cd2560fac91d175271244bc22e6cc456d9c12ed025f53ef385ad90d78a3a4fdd
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf5b11158b24f520857ab0687abdfddc7cdfbb16925e777effb1945b45e1450d
cf89588851dbcfd07db0fbb163b810e5800544ab2fa39b45b5e6ca1e4ee2bb83
d25eb8b1b68196309abc3539aa4e363df9100a7a56fbf7e9657918436ea04aae
d54d93f1bd7dadbc91ccd5d47a5ad95817764fc9c3f149da19227e93055a55e5
d76480a5f0a0d580291124809e64976a5abdb82df3a271ff6d130aa34c4cc04e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd977c96be116cbdde6f34baf1a42cf6ccdf160c9533d43f38b9e2a3984549e2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e04236577a4bca796b03b3a71046fceca89440804b5cae3951c8d292b82e5609
e389fa156db9d398b53689c2778bb947f0db23d5a0a712396236420ad1481ebf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee6809cb9c07ee6ecdf07f155ccdd4f635d5627dd1edf90a074d72ba1f924239
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f723425a1e64939e86dbd859763d7ed685e9057290c70a0dd901032fbab110e0
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.beyondtrust.com Open in urlscan Pro 45.60.63.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

93 %HTTPS

49 %IPv6

28 Domains

42 Subdomains

33 IPs

3 Countries

1257 kBTransfer

3598 kBSize

54 Cookies

7 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.beyondtrust.com Open in urlscan Pro
45.60.63.64 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

93 %
HTTPS

49 %
IPv6

28
Domains

42
Subdomains

33
IPs

3
Countries

1257 kB
Transfer

3598 kB
Size

54
Cookies

128 HTTP transactions
2 data transactions