urlscan.io logo urlscan.io
SecurityTrails logo

www.cyberark.com Open in urlscan Pro
104.16.69.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authenticati...
Submission: On May 09 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 8 countries across 55 domains to perform 226 HTTP transactions. The main IP is 104.16.69.86, located in and belongs to CLOUDFLARENET, US. The main domain is www.cyberark.com. The Cisco Umbrella rank of the primary domain is 458947.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 28th 2024. Valid for: a year.
This is the only time www.cyberark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 104.16.69.86 13335 (CLOUDFLAR...)
32 18.66.102.94 16509 (AMAZON-02)
10 2600:9000:272... 16509 (AMAZON-02)
4 104.17.25.14 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:249... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.117.77.79 396982 (GOOGLE-CL...)
2 104.102.38.132 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.19.228.126 16509 (AMAZON-02)
10 23.213.161.224 20940 (AKAMAI-ASN1)
4 23.197.121.18 16625 (AKAMAI-AS)
4 13.225.78.57 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
7 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.172.64.0 14618 (AMAZON-AES)
1 52.208.77.120 16509 (AMAZON-02)
1 1 52.48.26.70 16509 (AMAZON-02)
1 66.235.152.225 15224 (OMNITURE)
1 13.225.78.35 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.28.147.68 15224 (OMNITURE)
3 142.250.185.232 15169 (GOOGLE)
3 4 142.250.186.164 15169 (GOOGLE)
5 172.217.23.99 15169 (GOOGLE)
1 52.222.236.115 16509 (AMAZON-02)
2 3 142.250.185.194 15169 (GOOGLE)
3 3 216.58.206.66 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 192.28.146.116 15224 (OMNITURE)
2 12 185.89.210.180 29990 (ASN-APPNEX)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 18.245.86.77 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2600:9000:249... 16509 (AMAZON-02)
1 2 172.217.18.6 15169 (GOOGLE)
4 18.194.86.204 16509 (AMAZON-02)
2 35.204.89.238 396982 (GOOGLE-CL...)
1 13.32.99.85 16509 (AMAZON-02)
1 2 34.246.122.39 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 54.152.143.121 14618 (AMAZON-AES)
1 63.140.62.27 15224 (OMNITURE)
17 22 35.204.74.118 396982 (GOOGLE-CL...)
1 2600:9000:211... 16509 (AMAZON-02)
1 46.228.174.117 56396 (AMOBEE)
1 13.248.245.213 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 3.64.79.104 16509 (AMAZON-02)
1 1 3.121.44.8 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 2 3.71.149.231 16509 (AMAZON-02)
1 2 54.78.254.47 16509 (AMAZON-02)
1 52.21.235.251 14618 (AMAZON-AES)
1 23.37.9.66 16625 (AKAMAI-AS)
1 52.211.28.170 16509 (AMAZON-02)
1 52.19.204.214 16509 (AMAZON-02)
2 35.244.174.68 396982 (GOOGLE-CL...)
1 69.173.144.139 26667 (RUBICONPR...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 142.250.186.34 15169 (GOOGLE)
2 108.138.26.44 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 18.245.86.87 16509 (AMAZON-02)
1 1 15.197.193.217 16509 (AMAZON-02)
1 13.225.83.200 16509 (AMAZON-02)
4 142.250.186.46 15169 (GOOGLE)
226 69
36    104.16.69.86 (None, )

ASN13335 (CLOUDFLARENET, US)
www.cyberark.com
32    18.66.102.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-94.fra56.r.cloudfront.net
content.cdntwrk.com
10    2600:9000:2724:c000:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cihost.uberflip.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2600:9000:2490:e400:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.segreencolumn.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
2    104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.19.228.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-126.eu-west-1.compute.amazonaws.com
dpm.demdex.net
10    23.213.161.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-224.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
4    23.197.121.18 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-121-18.deploy.static.akamaitechnologies.com
sjrtp6-cdn.marketo.com
rtp-static.marketo.com
4    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
consent.trustarc.com
2    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
7    2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.segreencolumn.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.172.64.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-64-0.compute-1.amazonaws.com
in.ml314.com
1    52.208.77.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-77-120.eu-west-1.compute.amazonaws.com
cyberark.demdex.net
1    52.48.26.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-26-70.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    66.235.152.225 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-225.data.adobedc.net
cyberark.tt.omtrdc.net
1    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
consent.trustarc.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.28.147.68 (United States)

ASN15224 (OMNITURE, US)
316-czp-275.mktoresp.com
3    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
4    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
5    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net
www.google.de
1    52.222.236.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-115.fra56.r.cloudfront.net
consent-pref.trustarc.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
3    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    192.28.146.116 (United States)

ASN15224 (OMNITURE, US)
sjrtp6.marketo.com
12    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    2a02:26f0:3500:14::1724:a244 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
1    18.245.86.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-77.fra60.r.cloudfront.net
js.driftt.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:2491:3a00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
2    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
9920016.fls.doubleclick.net
4    18.194.86.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
2    35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net
s.dpmsrv.com
2    34.246.122.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-122-39.eu-west-1.compute.amazonaws.com
cnv.event.prod.bidr.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    54.152.143.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-143-121.compute-1.amazonaws.com
a.dpmsrv.com
1    63.140.62.27 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-27.data.adobedc.net
cyberark.sc.omtrdc.net
22    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:211e:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4232:d117:99ec:4378:1ad4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    3.64.79.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-79-104.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    3.121.44.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-44-8.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    52.21.235.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-235-251.compute-1.amazonaws.com
sync.bfmio.com
1    23.37.9.66 (Curitiba, Brazil)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-9-66.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    52.211.28.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-28-170.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.19.204.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-204-214.eu-west-1.compute.amazonaws.com
ce.lijit.com
2    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    108.138.26.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-44.fra56.r.cloudfront.net
nexus.ensighten.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net
js.driftt.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
4    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
36 cyberark.com
www.cyberark.com — Cisco Umbrella Rank: 458947
518 KB
32 cdntwrk.com
content.cdntwrk.com — Cisco Umbrella Rank: 73447
2 MB
24 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4639
i.simpli.fi — Cisco Umbrella Rank: 3809
um.simpli.fi — Cisco Umbrella Rank: 870
11 KB
12 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 482
ib.adnxs.com — Cisco Umbrella Rank: 257
13 KB
11 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5787
c.6sc.co — Cisco Umbrella Rank: 8716
ipv6.6sc.co — Cisco Umbrella Rank: 5928
b.6sc.co — Cisco Umbrella Rank: 3876
21 KB
10 uberflip.com
cihost.uberflip.com — Cisco Umbrella Rank: 104378
323 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
9920016.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 272
2 KB
9 marketo.com
sjrtp6-cdn.marketo.com — Cisco Umbrella Rank: 106217
rtp-static.marketo.com — Cisco Umbrella Rank: 20587
sjrtp6.marketo.com — Cisco Umbrella Rank: 92690
182 KB
8 segreencolumn.com
ob.segreencolumn.com — Cisco Umbrella Rank: 28229
obs.segreencolumn.com — Cisco Umbrella Rank: 23397
40 KB
7 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 425
104 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 338
www.linkedin.com — Cisco Umbrella Rank: 619
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
6 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3223
consent-pref.trustarc.com — Cisco Umbrella Rank: 15546
35 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 7810
318 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3095
391 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
446 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
185 KB
4 dpmsrv.com
s.dpmsrv.com — Cisco Umbrella Rank: 29419
a.dpmsrv.com — Cisco Umbrella Rank: 24091
18 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2777
9 KB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 4015
12 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
137 KB
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 5864
62 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
cyberark.demdex.net — Cisco Umbrella Rank: 433023
2 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1937
in.ml314.com — Cisco Umbrella Rank: 10753
12 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 456
142 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1990
2 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1679
ups.analytics.yahoo.com — Cisco Umbrella Rank: 435
214 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2568
843 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 546
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 493
1 KB
2 bidr.io
cnv.event.prod.bidr.io — Cisco Umbrella Rank: 11128
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
2 omtrdc.net
cyberark.tt.omtrdc.net — Cisco Umbrella Rank: 886579
cyberark.sc.omtrdc.net — Cisco Umbrella Rank: 363716
1 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1160
13 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3868
6 KB
1 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 691
87 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
275 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 527
274 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 404
239 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 891
224 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 983
266 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 931
480 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1605
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6505
176 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 413
141 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 539
99 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 653
238 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 803
17 KB
1 mktoresp.com
316-czp-275.mktoresp.com — Cisco Umbrella Rank: 950111
318 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1376
638 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1317
517 B
0 intentiq.com Failed
sync.intentiq.com Failed
226 55
Domain Requested by
36 www.cyberark.com 1 redirects www.cyberark.com
content.cdntwrk.com
32 content.cdntwrk.com www.cyberark.com
content.cdntwrk.com
22 um.simpli.fi 17 redirects
10 cihost.uberflip.com www.cyberark.com
cihost.uberflip.com
7 b.6sc.co www.cyberark.com
7 secure.adnxs.com j.6sc.co
7 obs.segreencolumn.com ob.segreencolumn.com
www.cyberark.com
7 assets.adobedtm.com www.cyberark.com
assets.adobedtm.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 ib.adnxs.com 2 redirects
5 sjrtp6.marketo.com sjrtp6-cdn.marketo.com
rtp-static.marketo.com
5 www.google.de www.cyberark.com
5 consent.trustarc.com www.cyberark.com
consent.trustarc.com
5 www.googletagmanager.com www.cyberark.com
www.googletagmanager.com
www.google-analytics.com
5 fonts.googleapis.com www.cyberark.com
cihost.uberflip.com
client
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 tags.srv.stackadapt.com www.cyberark.com
tags.srv.stackadapt.com
4 nexus.ensighten.com www.googletagmanager.com
nexus.ensighten.com
4 www.google.com 3 redirects www.cyberark.com
4 cdnjs.cloudflare.com www.cyberark.com
cdnjs.cloudflare.com
3 a.dpmsrv.com s.dpmsrv.com
3 js.driftt.com www.cyberark.com
js.driftt.com
3 rtp-static.marketo.com sjrtp6-cdn.marketo.com
3 googleads.g.doubleclick.net 3 redirects
3 www.googleadservices.com 2 redirects www.googletagmanager.com
2 cm.g.doubleclick.net s.dpmsrv.com
2 idsync.rlcdn.com
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 cnv.event.prod.bidr.io 1 redirects
2 9920016.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net www.cyberark.com
connect.facebook.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.redditstatic.com www.cyberark.com
www.redditstatic.com
2 j.6sc.co www.googletagmanager.com
j.6sc.co
2 dpm.demdex.net assets.adobedtm.com
www.cyberark.com
2 fonts.gstatic.com fonts.googleapis.com
2 munchkin.marketo.net www.cyberark.com
munchkin.marketo.net
2 ml314.com www.cyberark.com
ml314.com
1 d1eoo1tco6rr5e.cloudfront.net nexus.ensighten.com
1 insight.adsrvr.org 1 redirects
1 www.facebook.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 ups.analytics.yahoo.com
1 cms.analytics.yahoo.com 1 redirects
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.1rx.io
1 s.ad.smaato.net
1 cyberark.sc.omtrdc.net assets.adobedtm.com
1 i.simpli.fi tag.simpli.fi
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 s.dpmsrv.com www.cyberark.com
1 tag.simpli.fi www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 region1.analytics.google.com www.googletagmanager.com
1 consent-pref.trustarc.com consent.trustarc.com
1 316-czp-275.mktoresp.com munchkin.marketo.net
1 alb.reddit.com www.cyberark.com
1 cyberark.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 cyberark.demdex.net assets.adobedtm.com
1 in.ml314.com ml314.com
1 sjrtp6-cdn.marketo.com www.cyberark.com
1 ob.segreencolumn.com www.cyberark.com
0 sync.intentiq.com Failed
226 77
Subject Issuer Validity Valid
cyberark.com
Cloudflare Inc ECC CA-3		 2024-01-28 -
2024-12-31		 a year crt.sh
content.cdntwrk.com
Amazon RSA 2048 M02		 2023-09-24 -
2024-10-22		 a year crt.sh
*.uberflip.com
Amazon RSA 2048 M02		 2023-06-23 -
2024-07-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.segreencolumn.com
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2024-04-26 -
2024-07-25		 3 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
6sc.co
R3		 2024-04-09 -
2024-07-08		 3 months crt.sh
*.marketo.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-12-11		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
*.ml314.com
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-12		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-07 -
2024-10-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
drift.com
Amazon RSA 2048 M02		 2023-08-15 -
2024-09-11		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-17 -
2024-05-17		 3 months crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02		 2023-09-29 -
2024-10-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.dpmsrv.com
Amazon RSA 2048 M02		 2024-02-16 -
2025-03-16		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh

This page contains 9 frames:

Primary Page: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Frame ID: 044CF673C6C5F281C7AE5C0481C0E99B
Requests: 218 HTTP requests in this frame

Frame: https://www.cyberark.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 95E8BAC32CA6FB3A66BA56DC7F1DEA4F
Requests: 2 HTTP requests in this frame

Frame: https://cyberark.demdex.net/dest5.html?d_nsid=0
Frame ID: F638B81A63AF04DA01819D759658F41D
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=cyberark.com
Frame ID: ADC25B9929169C9660C6F7E21723EC37
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=5d872c57-6ba1-410a-9abe-43313c0e178a&userType=NEW
Frame ID: EC08077772C5A67528351B0AE20F5257
Requests: 1 HTTP requests in this frame

Frame: https://9920016.fls.doubleclick.net/activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4510za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Frame ID: 0C766C1A1EAA66F034B5FFB4C6A8B479
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=42addc92-0cef-4d2a-b9a6-43368f1b95b2&sessionStarted=1715299170.099&campaignRefreshToken=7c269af9-a080-4a40-a4ea-c3f438700e5f&hideController=false&pageLoadStartTime=1715299166232&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Frame ID: 1B932B5114E47FAD06578DA1B77E4091
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1715299166232
Frame ID: E1F8AB64C9D2B4C446F3179949D5A451
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
Frame ID: 90D6320663183B374DD0BFCE87433E69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

226
Requests

88 %
HTTPS

27 %
IPv6

55
Domains

77
Subdomains

69
IPs

8
Countries

4178 kB
Transfer

8845 kB
Size

84
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://www.cyberark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.cyberark.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Request Chain 103
  • https://cm.everesttech.net/cm/dd?d_uuid=87351779568960975691155907780819784929 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zj1jXwAAAMds7ANe
Request Chain 123
  • https://www.googleadservices.com/pagead/conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIiqLcrOOBhgMVb4mDBx1g3wVZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIiqLcrOOBhgMVb4mDBx1g3wVZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqluHVXPpSoFQLB9hrQNG2dCojhAiBhw&random=1119048868 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIiqLcrOOBhgMVb4mDBx1g3wVZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqluHVXPpSoFQLB9hrQNG2dCojhAiBhw&random=1119048868&ipr=y
Request Chain 138
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1MverOOBhgMVvYiDBx3F_gT2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1MverOOBhgMVvYiDBx3F_gT2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqLzzPmuplfqhUR-jHD10fJ8CEV9FPww&random=468680193 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1MverOOBhgMVvYiDBx3F_gT2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqLzzPmuplfqhUR-jHD10fJ8CEV9FPww&random=468680193&ipr=y
Request Chain 155
  • https://9920016.fls.doubleclick.net/activityi;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4510za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps HTTP 302
  • https://9920016.fls.doubleclick.net/activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4510za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Request Chain 159
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Request Chain 162
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D17906%26time%3D1715299169729%26url%3Dhttps%253A%252F%252Fwww.cyberark.com%252Fresources%252Fthreat-research-blog%252Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cookiesTest=true&liSync=true&e_ipv6=AQK1DY3B3l849wAAAY9fzDjEmdpl48VpYEhCdRwcBBM0M-WaH-6ra3wLwfIA9KXEUDsSU6Nq
Request Chain 165
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&dpmCid%3D%26zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D62%26pixelIndex%3D0%26r%3D698852%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cyberark.com%252Fresources%252Fthreat-research-blog%252Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26dpmCid%253D%2526zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D62%2526pixelIndex%253D0%2526r%253D698852%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cyberark.com%25252Fresources%25252Fthreat-research-blog%25252Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=113004910318121686&dpmCid=&zn=&sn=&q=xImp&v=1.x&cl=62&pixelIndex=0&r=698852&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Request Chain 167
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 168
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 169
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=B4082A4C26C84D0EA641EF7EDD85BE07&dongle=yf3
Request Chain 170
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 171
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 172
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B4082A4C26C84D0EA641EF7EDD85BE07 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1715299170100&ip=80.255.7.106&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217073104877003792919 HTTP 302
  • https://um.simpli.fi/aa_px?sk=217073104877003792919 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 173
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 176
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=B4082A4C26C84D0EA641EF7EDD85BE07;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=B4082A4C26C84D0EA641EF7EDD85BE07;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
Request Chain 177
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0&xl8blockcheck=1
Request Chain 179
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 180
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 181
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 182
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 183
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 184
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1715299169786&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIwK_OreOBhgMV6IuDBx2pCwJrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIwK_OreOBhgMV6IuDBx2pCwJrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSKQB7FLtqMJ6lG-EorapsYreSYCmaGatb9xXpltBprnSC-iC1m1bZSdR8&random=1013656175 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIwK_OreOBhgMV6IuDBx2pCwJrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSKQB7FLtqMJ6lG-EorapsYreSYCmaGatb9xXpltBprnSC-iC1m1bZSdR8&random=1013656175&ipr=y
Request Chain 186
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 187
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B4082A4C26C84D0EA641EF7EDD85BE07&expires=365
Request Chain 188
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B4082A4C26C84D0EA641EF7EDD85BE07
Request Chain 202
  • https://insight.adsrvr.org/tags/0v1kpom/u9beit9/iframe HTTP 301
  • https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe

226 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
www.cyberark.com/resources/threat-research-blog/ 		282 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7520c20a065304f8a12222272ec7ff4de98ee8b1b36ee5e4d625eef2ada435
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8815a4a9fcbb68fb-FRA
content-encoding
gzip
content-language
en
content-security-policy
frame-ancestors 'self' https://www.cyberark.com/
content-type
text/html; charset=UTF-8
date
Thu, 09 May 2024 23:59:26 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
lato.css
content.cdntwrk.com/css/google-fonts/ 		6 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.cdntwrk.com/css/google-fonts/lato.css?v=075928935a99
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88b4bd1c3c8e9af6516b562e9679955ff48479ee6a5771e97ef425d1c5425e1f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 23:05:09 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
521658
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Apr 2024 21:17:34 GMT
server
AmazonS3
etag
W/"37291223d8c6a87c6435a8740e28f134"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
brxlleYqdW-fHXmbOVtIfysdhXs0146OgAKRUYKoeVKs4BS7FZQFtg==
hubs.d9fdeb361862fc14a04f.css
content.cdntwrk.com/css/hubs/ 		267 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.cdntwrk.com/css/hubs/hubs.d9fdeb361862fc14a04f.css
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fe7e313748ef9c88c8bde3bd65111faf8cc408ae3cf0e32274c06a1145b3243

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:50:10 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
439757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 May 2024 18:08:11 GMT
server
AmazonS3
etag
W/"3ce909070123f979fd732057f89d472d"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
wefDLxH1lEFdfasoNNEExgeMAtRCZ_c7dtyn9eF0Rk4iC6gsyfNvDQ==
en.css
cihost.uberflip.com/cyberArk/master/build/en/ 		512 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e81401d2a127d7754b03d63b9cf7f3bf22355faa2a0a5f8232f42e4a2de29eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 06:19:49 GMT
content-encoding
gzip
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jan 2024 22:19:22 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1706653155/ctime:1706653156/gid:127/gname:docker/md5:7b1598146f88edc5b525dd2bf6401fc7/mode:33188/mtime:1706653156/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
64256
x-amz-server-side-encryption
AES256
etag
W/"7b1598146f88edc5b525dd2bf6401fc7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
FHj-bSHIyDzkdMbGCQWOB_m4zmZfrwuBV9uyulOFwcZUxHMG3G6iww==
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4950959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8281
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-b752"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL4mOzX0jLb1BUXuqbRujc5D%2BaSyogahips1bdnJAEV9m%2Fh1UNHxUWoxkD0MP6PVG3x201errokJyuoBT4ChAmJrgrCyzLymOwapPYcI%2B1jUQ1qZkL2loZ09hBj5HtSZ1cmMyQDX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8815a4adbb8f1c0b-FRA
expires
Tue, 29 Apr 2025 23:59:26 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400&display=swap
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bd8a746efd5972536245f2f2c6e4213360405be048112ee66e3a2612edb43bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 23:39:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 23:59:26 GMT
enlighterjs.min.css
www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/ 		78 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/enlighterjs.min.css?ver=5.4.2
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef8a267de455c3a72237bf7db0c97c97e35e52452ff9ece15876d0d60f9c0e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149771
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Aug 2020 16:20:25 GMT
server
cloudflare
etag
W/"5f4d2349-13634"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4ad0dff68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
enlighterjs.min.js
www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/enlighterjs.min.js?ver=5.4.2
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a117f36dba1eb2100f340bb68f3cc4d4c04d50d8a1d61c36a5d0a682aed9d362
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149771
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Aug 2020 16:20:25 GMT
server
cloudflare
etag
W/"5f4d2349-e307"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4ad0e0068fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono&display=swap
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6356b4d88d6f53df4e5e9e3afbc0122d0b2ff6aa696bcbdea1930b5b54dcbced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 22:42:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 23:59:26 GMT
launch-e8e6adf0fe30.min.js
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/ 		298 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f6305ad97ebc710e618453ab70661972a83d3349a3f31754007f33daffc12f3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 18:01:16 GMT
server
AkamaiNetStorage
etag
"60d658145e599ce761bf926739eb76c7:1698429676.422454"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
89810
expires
Fri, 10 May 2024 00:59:26 GMT
84cf3062f98cbab994d639a975b2798e.js
ob.segreencolumn.com/i/ 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:e400:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
65f1a5931b018cd93a01dd8eaf72a21fade81ddb931dffbc2c4fc88d2cffa3a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 18:36:48 GMT
content-encoding
gzip
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA56-P6
age
19362
etag
"1977c-XUbfGRFH241BMo/ElWw7tMNZtv4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
38117
x-amz-cf-id
4NHDx6RcTUJNScU93-HnLBNt-v7VGU_9kdkgnGVecTOqFtcrH-2VBg==
expires
Fri, 10 May 2024 06:36:44 GMT
logo.svg
cihost.uberflip.com/cyberArk/OB-8671/build/assets/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cihost.uberflip.com/cyberArk/OB-8671/build/assets/logo.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
952f35790a58d6c58cd01db0b7994f8b1e3f2d4328f8dd2ed423c01579d403c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 06:18:13 GMT
content-encoding
gzip
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 14:33:49 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1670855619/ctime:1670855619/gid:123/gname:docker/md5:f86c6ef84b83b048b2a5521fb36ab761/mode:33188/mtime:1670855619/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
63842
x-amz-server-side-encryption
AES256
etag
W/"f86c6ef84b83b048b2a5521fb36ab761"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
_7J-TLkTbHLd4hNt-b5_m-sjuBhbXmRbYxHjaagki8tqfQpQVSCfrw==
WhyCA_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 		25 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2021/02/WhyCA_Menu-LeftHandCallOut.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96b944dbdb9c2afcdecae184e3bdc4717c30dc4f5d4624cfd1727461d6569fa
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149771
cf-polished
origFmt=png, origSize=39669
content-disposition
inline; filename="WhyCA_Menu-LeftHandCallOut.webp"
content-length
25958
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Feb 2021 20:17:47 GMT
server
cloudflare
etag
"6019b36b-9af5"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4ad0e0168fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Assets-Icons-Industries-Medical.png
www.cyberark.com/wp-content/uploads/2020/12/ 		362 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2020/12/Assets-Icons-Industries-Medical.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6098f9e4e64f667bc006876813632d5ac79ac56e5284a95c9c821870907cad
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
79372
cf-polished
origFmt=png, origSize=997
content-disposition
inline; filename="Assets-Icons-Industries-Medical.webp"
content-length
362
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Dec 2020 22:10:13 GMT
server
cloudflare
etag
"5fe3c045-3e5"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4ad6e2a68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Products_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 		15 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2021/02/Products_Menu-LeftHandCallOut.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08330120c6d9d4407fd599bae49187289878c557ed68e58d0e091fd5e1ac6c7f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149770
cf-polished
origFmt=png, origSize=22261
content-disposition
inline; filename="Products_Menu-LeftHandCallOut.webp"
content-length
15210
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Feb 2021 20:10:12 GMT
server
cloudflare
etag
"6019b1a4-56f5"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4adce5968fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Privilege.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/Privilege.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0e7a4bdf115afb8e8c5b9b671b0dc4441236f8cf56906d146b7d46a0ee14a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 20:54:15 GMT
server
cloudflare
etag
W/"6019bbf7-c52"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf3d68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Access.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/Access.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e7fd76994e9fe7f19af8a2234efc259debc6e67de4ae8bf2f0e7471132bd02
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:31:38 GMT
server
cloudflare
etag
W/"6019c4ba-12ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf3e68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
DevSecOps.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/DevSecOps.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91b7152c2708e116677591b018f23ed2910c747e932f8985b704f1884d807990
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:31:31 GMT
server
cloudflare
etag
W/"6019c4b3-185c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf3f68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
gtm.js
www.googletagmanager.com/ 		330 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03afb02e177c166a49abff9e8d855ba85a38308e7c0935da168b2b94a257ad65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109435
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:59:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 23:59:26 GMT
finance.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/finance.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234f5e6b36c41a209c87e64949d11927b6360603b94ce3511c53df5bac0f4c26
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:33:34 GMT
server
cloudflare
etag
W/"6019c52e-1a41"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf4068fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
insurance.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/insurance.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e70999bd0ed2afbb2967ca63898c752fc3e66ba8a86a4ac341723be85bb7319
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:34:37 GMT
server
cloudflare
etag
W/"6019c56d-c9f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf4168fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
healthcare.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/healthcare.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a654dbffdb656aacce15df139a6d2701ccae809fe7baab1ec042714bb6336eb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:34:01 GMT
server
cloudflare
etag
W/"6019c549-10bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf4268fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
government.svg
www.cyberark.com/wp-content/uploads//2021/02/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads//2021/02/government.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634358d77171f485bb1738fce1bf1e715e2cd0a94b2c4f3d5c6dafccd0d1031a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Feb 2021 21:34:22 GMT
server
cloudflare
etag
W/"6019c55e-881"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afaf4368fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Nav-Image-ServicesSupport-e1609108892195.png
www.cyberark.com/wp-content/uploads/2020/12/ 		21 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2020/12/Nav-Image-ServicesSupport-e1609108892195.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba3a74eb74823f80c522391734fdeafebfbd2f284167568ad17e7d44b1618e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149770
cf-polished
origFmt=png, origSize=36292
content-disposition
inline; filename="Nav-Image-ServicesSupport-e1609108892195.webp"
content-length
21460
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sun, 27 Dec 2020 22:41:32 GMT
server
cloudflare
etag
"5fe90d9c-8dc4"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4ae1e7968fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
TryBuy_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 		26 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2021/02/TryBuy_Menu-LeftHandCallOut.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aab45b2e3226eb83ceed37f3f622529d0a6ca0a82d8dd9a4d1fb8e46ba84f83
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
cf-polished
origFmt=png, origSize=39090
content-disposition
inline; filename="TryBuy_Menu-LeftHandCallOut.webp"
content-length
26540
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 Feb 2021 20:19:11 GMT
server
cloudflare
etag
"6019b3bf-98b2"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afaf4468fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Icons-Globe@2x.png
www.cyberark.com/wp-content/uploads/2020/12/ 		456 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2020/12/Icons-Globe@2x.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45aca110620ac12009925cac1e38aa4e71426a2b83ee7f356010069b45539d56
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
cf-polished
origFmt=png, origSize=1147
content-disposition
inline; filename="Icons-Globe@2x.webp"
content-length
456
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Wed, 30 Dec 2020 23:04:11 GMT
server
cloudflare
etag
"5fed076b-47b"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afaf4568fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=19a554b579c4
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:50:06 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
256161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2707
last-modified
Thu, 11 Apr 2024 16:49:11 GMT
server
AmazonS3
etag
"5217392f882b27d35ec2e72946f2df7e"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ZDXRl5Z9QeuVjcox53wTHRX6B4h2xt7f2izyL7aVd1Zl3iwbaHzwAQ==
chevron-down-64x64.png
content.cdntwrk.com/img/hubs/ 		760 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 00:58:10 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
514877
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
760
last-modified
Thu, 02 May 2024 18:08:18 GMT
server
AmazonS3
etag
"26818bdf0706c780af4a52b44ea17fdc"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
5enDsj1lRAhnwMMPhJU7G_S9NDZzvpVOGaoG9Zt4HUBpjkTEtmxWEw==
Golden-SAML-image.png
www.cyberark.com/wp-content/uploads/2017/11/ 		68 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/Golden-SAML-image.png
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf59b9c3eb9ce46a4fa0a9745ca1ffe227c94acb49dc5bcfc8a582c75c202b26
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
207612
cf-polished
origFmt=png, origSize=116915
content-disposition
inline; filename="Golden-SAML-image.webp"
content-length
69266
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-1c8b3"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afaf4668fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Image-1.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		55 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/Image-1.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae1d8ff559d265d54750e40737826960c9948d43edfb72b2d33c7fb2dcd3ebb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
qual=85, origFmt=jpeg, origSize=125865
content-disposition
inline; filename="Image-1.webp"
content-length
56394
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-1eba9"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf5e68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
SAML-2.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		18 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/SAML-2.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f4e6e7c111bd008a79fa50a2f95fd41995df4f1995843910ff407c6e805f24
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
degrade=85, origSize=27258, status=webp_bigger
content-length
18691
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-6a7a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6068fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
SAML-2-b.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		40 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/SAML-2-b.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9ff7b06912466abc8c42b979f84706ce896098ab9ea85e81258426db80fdb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
degrade=85, origSize=51667, status=webp_bigger
content-length
40688
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-c9d3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6268fb-FRA
expires
Fri, 09 May 2025 23:59:27 GMT
ADFS-Public-Certificate.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		3 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/ADFS-Public-Certificate.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae39109580d502f2f8728e062d65bee0d92a4b3f45a02b59deb27a904e056d3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
207612
cf-polished
qual=85, origFmt=jpeg, origSize=12610
content-disposition
inline; filename="ADFS-Public-Certificate.webp"
content-length
2658
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-3142"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6368fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
IdP-Name.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		2 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/IdP-Name.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da70aaab22df021fab995b92d471f3e92495729f3c219f5d676c6cae8239b417
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
qual=85, origFmt=jpeg, origSize=12302
content-disposition
inline; filename="IdP-Name.webp"
content-length
2434
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-300e"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6568fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
Role-name.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		3 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/Role-name.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee6eaf59f3744b188505112ab4f349b8a7bdb5a460a253042a55ce40373bf2f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
qual=85, origFmt=jpeg, origSize=12723
content-disposition
inline; filename="Role-name.webp"
content-length
2974
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-31b3"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6668fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
PS-aws.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		4 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/PS-aws.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a7a179044a073f8724448ebb09aef58d8874ffcbb4138c3f89482c3ea5db63
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
qual=85, origFmt=jpeg, origSize=13930
content-disposition
inline; filename="PS-aws.webp"
content-length
4146
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-366a"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6768fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
PS-python.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		20 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/PS-python.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bb468ba17ea560dc3b738083bfdfbe55dea24abc35be5d6889d1bc2fd31182
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
207612
cf-polished
qual=85, origFmt=jpeg, origSize=32045
content-disposition
inline; filename="PS-python.webp"
content-length
20136
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-7d2d"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6968fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
operation-of-tool.jpg
www.cyberark.com/wp-content/uploads/2017/11/ 		32 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2017/11/operation-of-tool.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfcf469c7a66c6b348b50f9cd98a103da4c6ba969f80fb88ee7fed530315b302
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-polished
qual=85, origFmt=jpeg, origSize=82610
content-disposition
inline; filename="operation-of-tool.webp"
content-length
33204
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Sat, 07 Sep 2019 00:02:13 GMT
server
cloudflare
etag
"5d72f385-142b2"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
accept-ranges
bytes
cf-ray
8815a4afdf6b68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
mediaproxy
content.cdntwrk.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2017%2F12%2FPredictions-e1513000344330.jpg&size=1&version=1692112174&sig=bee885467c402bc658d3dc171c4374b3&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
0250e8c55348f0165caec330ed0138ccbb65cfe6535abc96fabea630163b3df1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 19 Feb 2024 09:59:08 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Mon, 19 Feb 2024 09:58:58 GMT
x-amz-cf-pop
FRA56-P2
age
6962418
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="Predictions-e1513000344330.webp"
alt-svc
h3=":443"; ma=86400
content-length
6908
x-amz-cf-id
WmF60U_Hm0SKf5zdY8w8rWv61WvWYsunjhCLZim2O-tKzP8RwhcfTQ==
mediaproxy
content.cdntwrk.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2017%2F10%2Fplugin-e1508789670134.jpg&size=1&version=1692112174&sig=d141632d962aeeb6e47df85a060beea5&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
f7812c4e95ca8f1f951f6cdc39e851fa8495343245ee2679697ebdc2acbd76b7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 18 Feb 2024 11:41:51 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Sun, 18 Feb 2024 11:41:42 GMT
x-amz-cf-pop
FRA56-P2
age
7042654
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="plugin-e1508789670134.webp"
alt-svc
h3=":443"; ma=86400
content-length
5812
x-amz-cf-id
-u1_4LsuLTRFX0gepkFAeUEQKcdJMjpnLIRmdcq15WXTFmgGK3nAUw==
mediaproxy
content.cdntwrk.com/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2024%2F04%2Flinux-with-syzkaller.png&size=1&version=1714060683&sig=317228f9aa9ae29e7f66e964c1314608&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
ef66e9df572ace7075e22087a9df85a85a3fd11f165b4da3d7881813b9684ccf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 15:58:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Thu, 25 Apr 2024 15:58:30 GMT
x-amz-cf-pop
FRA56-P2
age
1238446
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="linux-with-syzkaller.webp"
alt-svc
h3=":443"; ma=86400
content-length
124726
x-amz-cf-id
VvVReIqE3cQJzk7xq-DM9rQngrQLK7TMLsC9Y5bEPUA6MKovS4SPxA==
mediaproxy
content.cdntwrk.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2024%2F03%2Fhero-labs-crumbled-security.jpg&size=1&version=1714053872&sig=aa8c3b5d30af218f2af51eec4b37d8d9&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
0623e10825f73d9189d396ac17783eccc55e05af0f92dd84422d2bb8522680ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 14:06:32 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Thu, 25 Apr 2024 14:06:23 GMT
x-amz-cf-pop
FRA56-P2
age
1245173
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="hero-labs-crumbled-security.webp"
alt-svc
h3=":443"; ma=86400
content-length
24254
x-amz-cf-id
-v30THzZhzqaYn3-K3m4OQb0_bWvQg8z6ptsSBd5b0exLbiVxJFWng==
mediaproxy
content.cdntwrk.com/ 		234 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2024%2F02%2Fcosmos-millions-from-the-blockchain.png&size=1&version=1711467043&sig=e0c6e1ee7e935252f54c3428dc051ba6&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
67916d020980b0b2146bf72b94ac76ba8f60b7258a0c5613ee1b0fe8379ba24c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 15:31:02 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 15:30:53 GMT
x-amz-cf-pop
FRA56-P2
age
3832103
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="cosmos-millions-from-the-blockchain.webp"
alt-svc
h3=":443"; ma=86400
content-length
239536
x-amz-cf-id
GM9Xb08ncx0b3LwEi_w80jlG66PxHVYIwVBteRv5XrkVWxiO634TsQ==
mediaproxy
content.cdntwrk.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F07%2Fdeep-dive-into-penetration-testing.jpg&size=1&version=1708452483&sig=510f3aaa7a50dac0eb3e2ed09a18885f&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
8dd7a7eeccaaffd8a75ac8a2420ae500376d9f7f652dd8545deebd399bb96cfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 20 Feb 2024 18:09:35 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 18:09:25 GMT
x-amz-cf-pop
FRA56-P2
age
6846591
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="deep-dive-into-penetration-testing.webp"
alt-svc
h3=":443"; ma=86400
content-length
6536
x-amz-cf-id
pbmkNx0fh1Km13ZR4mfGHuL4g-ZWO-YgEKDQTUEk4RGcp6pUGJiOwQ==
mediaproxy
content.cdntwrk.com/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2024%2F01%2Fransomware-playing-a-broken-game.png&size=1&version=1707847192&sig=789807869414919003e20b4804e7540e&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
d999840e4597740dd31ed034dca5776a96d92d556d9b30d442c903725a1dc21d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:38 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:28 GMT
x-amz-cf-pop
FRA56-P2
age
7451927
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="ransomware-playing-a-broken-game.webp"
alt-svc
h3=":443"; ma=86400
content-length
145488
x-amz-cf-id
MswDaIY_IHk_86iW3zNURThZpsdQhWag2VX0fbnYFu21feXVFBF5Xw==
mediaproxy
content.cdntwrk.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F12%2Fsafenet-banner.jpg&size=1&version=1707847192&sig=16f83eb5e6bc8fda38cc844daf665df1&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
bce8ce0d0f68ceecff66a7d2a6c3dd78fce20c7595f4239a69909d7c5e2c363a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:38 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:28 GMT
x-amz-cf-pop
FRA56-P2
age
7451928
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="safenet-banner.webp"
alt-svc
h3=":443"; ma=86400
content-length
7054
x-amz-cf-id
TZRvf4eWfC8nSygkoHPMyF2YMArPIocZfovqDFfw_su4vhrVAIexgQ==
mediaproxy
content.cdntwrk.com/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F10%2Ffuzzer_v.png&size=1&version=1701202140&sig=42b4e86002c5f13aaa0bb84223ac6b91&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
864c44b8b866936ec27dcee84017dbc8ff988248461b1246fbe13f0615a43741

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 20:17:04 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 28 Nov 2023 20:16:54 GMT
x-amz-cf-pop
FRA56-P2
age
14096542
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="fuzzer_v.webp"
alt-svc
h3=":443"; ma=86400
content-length
177114
x-amz-cf-id
-TyXrE2ZCgNBA0QZY3QWqBP3VLJ_8bUq-FsEHQ0X6U2v7dj7_v33-g==
mediaproxy
content.cdntwrk.com/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F08%2Fnvme.jpg&size=1&version=1707847192&sig=4da7310d4c8370327e638cc29da5f54a&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
fe68ada9a3d8295f355417eee75328dc8b09a238e2a2cf2dcbb738d4e5ddc511

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:29 GMT
x-amz-cf-pop
FRA56-P2
age
7451927
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="nvme.webp"
alt-svc
h3=":443"; ma=86400
content-length
7518
x-amz-cf-id
C3xOm9bhUBRe4mtZyCyDGCxdL40Er4xJzR4yur_G2xtou6NmsHy9ZQ==
mediaproxy
content.cdntwrk.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F08%2Ffantastic-rootkits.jpg&size=1&version=1707847192&sig=a7e1874a9399e265cd5f369b1eacab07&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
ad48841a67a5fe1429379e173147275e4e87794f01df53c9ec53257ebd3b1042

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:29 GMT
x-amz-cf-pop
FRA56-P2
age
7451927
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="fantastic-rootkits.webp"
alt-svc
h3=":443"; ma=86400
content-length
12384
x-amz-cf-id
cDCBEOfoEnWFjvNR6b4FE4x8k1dfULyVpVMusf6aa8PueXi_MfGGvg==
mediaproxy
content.cdntwrk.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F07%2Fdeep-dive-into-penetration-testing.jpg&size=1&version=1707847192&sig=842609593915945b6263b1cbb8735072&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
8dd7a7eeccaaffd8a75ac8a2420ae500376d9f7f652dd8545deebd399bb96cfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:38 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:28 GMT
x-amz-cf-pop
FRA56-P2
age
7451928
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="deep-dive-into-penetration-testing.webp"
alt-svc
h3=":443"; ma=86400
content-length
6536
x-amz-cf-id
NfT8FFOtm54rOkgLob-D7zZI39lbEvyGQn3U1PNg9M_2jws96_WaFw==
mediaproxy
content.cdntwrk.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F05%2Fhow-to-write-a-poc-for-an-uninitialized-heade-image.jpg&size=1&version=1707847192&sig=dc79b82473d5a23dd15387daae34af7a&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
71fb86ed96b2a09cb43dcd697dfb60bf4c9cfb1ae4bbee5962f5a23ee228b0a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:29 GMT
x-amz-cf-pop
FRA56-P2
age
7451927
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="how-to-write-a-poc-for-an-uninitialized-heade-image.webp"
alt-svc
h3=":443"; ma=86400
content-length
15034
x-amz-cf-id
AageNpPfDj9l8jnVL46CTbf5U8IgqSyQ4lc1Y7LRNrLSBfpDvE9nPw==
mediaproxy
content.cdntwrk.com/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F04%2Fwhite-pheonix-blog.png&size=1&version=1707847192&sig=f374038b356bbda3786e4d1127c55945&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
58e71f037f57bcb8965b5582d232e81fe276d9c8e8928b3c7340f42e146f3eb6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:30 GMT
x-amz-cf-pop
FRA56-P2
age
7451926
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="white-pheonix-blog.webp"
alt-svc
h3=":443"; ma=86400
content-length
142672
x-amz-cf-id
LfbhA2ORWq_-tHu2YlSeB2Sgu8ZR04M5SAok2p0DBHLocp4yAWLQOA==
mediaproxy
content.cdntwrk.com/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F05%2Ffantastic-rootkits-pt-2_header-image.png&size=1&version=1707847192&sig=a4fee519635d40e05b41ba0149f6625d&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
fbc8aabf1c68a4e9a7ceb9467ae3a041db06ae58943eae0982c1435ce1429aef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:39 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:30 GMT
x-amz-cf-pop
FRA56-P2
age
7451926
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="fantastic-rootkits-pt-2_header-image.webp"
alt-svc
h3=":443"; ma=86400
content-length
56742
x-amz-cf-id
qGFouhrrWvTXQbovq8BvxdOS7bgL8N80lVCvXVZSaJ4npBAy3PyYuQ==
mediaproxy
content.cdntwrk.com/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F04%2Fbreaking-docker-header-image.png&size=1&version=1707847192&sig=a6b3e51fd73231eab2eaa0a24015acc2&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
f847142a74e526299a428a2c7a4b2b8e339eeb93c50e05a594a0250bf8f77c91

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:40 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:31 GMT
x-amz-cf-pop
FRA56-P2
age
7451925
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="breaking-docker-header-image.webp"
alt-svc
h3=":443"; ma=86400
content-length
182378
x-amz-cf-id
ZwGR9Bwchqbz_j2WOXpsOQnSsCuVQiHps-dcgPh3dUS6-ulpaRZvuQ==
mediaproxy
content.cdntwrk.com/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F04%2Fheader-image-.png&size=1&version=1692112173&sig=a60a831dc27bae40a7e989010dee4de1&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
7be1b3df507b34b7d05c60510836564455b0f85be0871e96e48201e4947d4cfd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 23 Sep 2023 04:38:28 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Sat, 23 Sep 2023 04:38:18 GMT
x-amz-cf-pop
FRA56-P2
age
19855258
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="header-image-.webp"
alt-svc
h3=":443"; ma=86400
content-length
152128
x-amz-cf-id
Kwoicudld6Yw66LINHNE5j_yNaZh-UNr8GfCNfOnHBEPyb_WYjX8oA==
mediaproxy
content.cdntwrk.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F02%2Fpersistence-header-image.jpg&size=1&version=1707847192&sig=bfeba2fb0ed9fad89ce19b2b929a8bb3&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
94e3cdd5f056065d29360bb92657b5d0e6ce640a685585e12520c3e27f3d1ba9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:40 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:31 GMT
x-amz-cf-pop
FRA56-P2
age
7451925
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="persistence-header-image.webp"
alt-svc
h3=":443"; ma=86400
content-length
38970
x-amz-cf-id
-iPl52OMxMN7jNCAro3f8UJMMmzHuSPwYNl9tFxubLd2V3irWzLa8A==
mediaproxy
content.cdntwrk.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F02%2Ftr-phishing-service-hero.jpg&size=1&version=1707847192&sig=7def873fef75ba272ce100cba28d97df&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
86ccdb948d25950b2b56fa681d1d87e712e5549719d476f355b240fd802f27b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:41 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:31 GMT
x-amz-cf-pop
FRA56-P2
age
7451925
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="tr-phishing-service-hero.webp"
alt-svc
h3=":443"; ma=86400
content-length
9084
x-amz-cf-id
5SFFCxP4nibyiJpjMBhwBFU6F0btP9e2QOtJ0ofdUxtCYbgItxS--Q==
mediaproxy
content.cdntwrk.com/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F02%2Flinux-kernel-hero.png&size=1&version=1707847192&sig=12ca8eacb7a133109ac6e87ea8ed105b&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
9e40a5bfef90ed0fadd653d6c28d9e250c1137bed1fe3888ed58fe4a39e3a53b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:41 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:31 GMT
x-amz-cf-pop
FRA56-P2
age
7451925
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="linux-kernel-hero.webp"
alt-svc
h3=":443"; ma=86400
content-length
78370
x-amz-cf-id
kp_YX6SOwMi5xEgvinKyIRi660zXirCaa0TZNd6s1PRZ1wEix6VeCQ==
mediaproxy
content.cdntwrk.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F02%2Fdocker-desktop-privilege-escalation-1.jpg&size=1&version=1707847193&sig=cc22c12a414d7c821ac7cc9400cf3104&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
7633cd7887e2046b023bdbd496e3d087f5c38e823b267e17244c474e00b6c1c1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:41 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:31 GMT
x-amz-cf-pop
FRA56-P2
age
7451925
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="docker-desktop-privilege-escalation-1.webp"
alt-svc
h3=":443"; ma=86400
content-length
52608
x-amz-cf-id
1t0R_mgK5rOGUBgzXHQkcbZFV08z6UAZrE2MtADEGXBRqG7m_E8oLQ==
email-decode.min.js
www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
server
cloudflare
content-encoding
gzip
etag
W/"663b4689-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8815a4ae2e8868fb-FRA
expires
Sat, 11 May 2024 23:59:26 GMT
hubs_app.d9fdeb361862fc14a04f.js
content.cdntwrk.com/js/hubs/ 		817 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.cdntwrk.com/js/hubs/hubs_app.d9fdeb361862fc14a04f.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37e95127d694d4e83ae2a63427d36108b85d8f116879c790c506a4f9dee75199

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 21:50:11 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
439756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 May 2024 18:08:20 GMT
server
AmazonS3
etag
W/"76f576d4a665a073e2c3aa2714058e8e"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
fuTV6TzpvJiFX0odCqoZ5EW7Q9sHkcbC0URcs753a8tpu7zwQf6pCg==
en.bundle.js
cihost.uberflip.com/cyberArk/master/build/en/ 		297 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberArk/master/build/en/en.bundle.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
723f76e099d5d5b6baccf91c0e57385351bfb02a89b1c96a6e77aa0600d58bbf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 04:40:37 GMT
content-encoding
gzip
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Feb 2024 01:15:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1707182148/ctime:1707182148/gid:127/gname:docker/md5:95f67fb7cfba757f3db3e983712bf2b1/mode:33188/mtime:1707182148/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
70546
x-amz-server-side-encryption
AES256
etag
W/"95f67fb7cfba757f3db3e983712bf2b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
nHMhRzVrR3vDLqrJNwG_hsgkhAKSK5qxB6PFgvAyggsAGEz4wjjU6w==
sha256.min.js
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
92294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2977
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-2339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jsr0kVsWeHXeZ2VbDtDdkw1OeDblrFTpOmqLYgj5NtdHUlUXZ6Xm3IAmemwYmg4e5hrXGKi%2Bcm9jvApbaIYEFcSs0G8Sfd4JFtsMq5QQ9O1mbs5oLu%2B24xXencXaaP%2B9JepwCnE4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8815a4af3a2d380f-FRA
expires
Tue, 29 Apr 2025 23:59:26 GMT
External.svg
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/External.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49bdaf43b043fdd5e79f321a889502b341e83fb3d71caa9ec286369bcb205373

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 01:58:56 GMT
content-encoding
gzip
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Jan 2021 17:35:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611941654/ctime:1611941654/gid:117/gname:docker/md5:cd7c2cec63b67d7f1108cb091b478569/mode:33188/mtime:1611941654/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
79231
etag
W/"cd7c2cec63b67d7f1108cb091b478569"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
XNNN8xmUn1dRG2HomXpb3KPF7BqQS-8rZloPGGVbjnUcmL3R4TehiA==
External-darkblue.svg
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/External-darkblue.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f150486021d4182821249f13273a7a87862756e2b021e3d19121aaae6a2e09d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 01:58:56 GMT
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Jan 2021 20:02:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611950517/ctime:1611950517/gid:117/gname:docker/md5:98bf2668c3bae975ce6b211e1acc322f/mode:33188/mtime:1611950517/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
79231
etag
"98bf2668c3bae975ce6b211e1acc322f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
952
x-amz-cf-id
44bXkh4E8PrGE-EShiMmXA9kDRL1s39Iq18oeEJ11TgTJHNmKHdnnQ==
cyberark-logo-dark.svg
www.cyberark.com/wp-content/uploads/2021/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/wp-content/uploads/2021/01/cyberark-logo-dark.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e2f25233ffe02ea0a70301e7440e6371d8943ca3f759b1d128b590e7e9419b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' cyberark.sc.omtrdc.net sc.omtrdc.net *.everesttech.net everesttech.net *.demdex.net demdex.net *.adobedtm.com adobedtm.com cyberark.tt.omtrdc.net tt.omtrdc.net *.typekit.net typekit.net *.akamaihd.net akamaihd.net s3.amazonaws.com *.amazonaws.com amazonaws.com s3.eu-central-1.amazonaws.com *.adnxs.com adnxs.com *.baidu.com baidu.com *.btttag.com btttag.com *.bluekai.com bluekai.com *.bootstrapcdn.com bootstrapcdn.com *.cdntwrk.com cdntwrk.com *.choozle.com choozle.com *.cloudflare.com cloudflare.com *.cloudfront.net cloudfront.net *.cyberark.com cyberark.com g.doubleclick.net *.doubleclick.net doubleclick.net fls.doubleclick.net *.driftt.com driftt.com *.ensighten.com ensighten.com *.facebook.com *.facebook.net facebook.com facebook.net *.fontawesome.com fontawesome.com *.google.ae *.google.al *.google.am *.google.at *.google.az *.google.ba *.google.be *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.ch *.google.ci *.google.cl *.google.cm *.google.cn *.google.com *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.im *.google.iq *.google.is *.google.it *.google.je *.google.jo *.google.kz *.google.lk *.google.lt *.google.lu *.google.lv *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.nl *.google.no *.google.pl *.google.pt *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.sk *.google.sn *.google.sr *.google.tg *.google.tn *.google.tt *.gstatic.com *.translate.goog google.ae google.al google.am google.at google.az google.ba google.be google.bg google.bj google.bs google.by google.ca google.cd google.ch google.ci google.cl google.cm google.cn google.co.ao google.co.bw google.co.cr google.co.id google.co.il google.co.in google.co.jp google.co.ke google.co.kr google.co.ls google.co.ma google.co.mz google.co.nz google.co.th google.co.ug google.co.uk google.co.uz google.co.ve google.co.za google.co.zw google.com google.com.ar google.com.au google.com.bd google.com.bh google.com.bn google.com.bo google.com.br google.com.bz google.com.co google.com.cy google.com.do google.com.ec google.com.eg google.com.et google.com.fj google.com.gh google.com.gt google.com.hk google.com.jm google.com.kh google.com.kw google.com.lb google.com.ly google.com.mm google.com.mt google.com.mx google.com.my google.com.ng google.com.ni google.com.np google.com.om google.com.pa google.com.pe google.com.ph google.com.pk google.com.pr google.com.py google.com.qa google.com.sa google.com.sg google.com.sl google.com.sv google.com.tr google.com.tw google.com.ua google.com.uy google.com.vc google.com.vn google.cz google.de google.dk google.dz google.ee google.es google.fi google.fr google.ge google.gr google.hn google.hr google.hu google.ie google.im google.iq google.is google.it google.je google.jo google.kz google.lk google.lt google.lu google.lv google.mg google.mk google.ml google.mn google.mu google.nl google.no google.pl google.pt google.ro google.rs google.ru google.sc google.se google.sk google.sn google.sr google.tg google.tn google.tt gstatic.com translate.goog googleadservices.com *.googleapis.com googleapis.com *.cloudfunctions.net cloudfunctions.net *.googletagmanager.com googletagmanager.com *.google-analytics.com google-analytics.com *.herokuapp.com herokuapp.com *.hotjar.com *.hotjar.io hotjar.com hotjar.io *.jquery.com jquery.com *.jsdelivr.net jsdelivr.net *.linkedin.com ads.linkedin.com cdn.linkedin.oribi.io linkedin.com linkedin.oribi.io *.licdn.com licdn.com *.marketo.com *.marketo.net *.mktoresp.com marketo.com marketo.net mktoresp.com cognitive.microsofttranslator.com *.microsoft.com microsoft.com *.moz.com moz.com *.myfonts.net myfonts.net *.newrelic.com *.nr-data.net newrelic.com nr-data.net *.openx.net openx.net *.rlcdn.com rlcdn.com *.reddit.com *.redditstatic.com reddit.com redditstatic.com *.rubiconproject.com rubiconproject.com *.krxd.net krxd.net *.stackadapt.com srv.stackadapt.com stackadapt.com *.adsrvr.org adsrvr.org *.trustarc.com trustarc.com *.twitter.com twitter.com *.6sc.co *.litix.io 6sc.co litix.io *.unpkg.com unpkg.com *.wistia.com wistia.com *.wpengine.com wpengine.com analytics.yahoo.com *.googleadservices.com *.duosecurity.com duosecurity.com yoast.com *.ceros.com ceros.com *.transistor.fm transistor.fm segreencolumn.com *.segreencolumn.com cnv.event.prod.bidr.io simpli.fi *.simpli.fi dpmsrv.com *.dpmsrv.com adnxs.com *.adnxs.com *.cloudflareinsights.com cloudflareinsights.com data: blob:; upgrade-insecure-requests;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1149769
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Jun 2021 13:14:28 GMT
server
cloudflare
etag
W/"60d5d6b4-f6a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
midi=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=()
cf-ray
8815a4afdf6d68fb-FRA
expires
Fri, 09 May 2025 23:59:26 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Requested by
Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4eb0c04228dba5578a1eea465369870866c5c604e383ae5470f8ba17d392cde2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 23:31:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 23:59:26 GMT
css2
fonts.googleapis.com/ 		676 KB
180 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;500;700;900&display=swap
Requested by
Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
154a6620b90050b965aafdd6cf7c51327026eaef788f4ffc74f489dd965abdc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 23:09:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 23:59:26 GMT
css2
fonts.googleapis.com/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6356b4d88d6f53df4e5e9e3afbc0122d0b2ff6aa696bcbdea1930b5b54dcbced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 22:42:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 23:59:26 GMT
mediaproxy
content.cdntwrk.com/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F07%2Fdeep-dive-into-penetration-testing.jpg&size=1&version=1707847192&sig=842609593915945b6263b1cbb8735072&default=hubs%2Ftilebg-blogs.jpg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
8dd7a7eeccaaffd8a75ac8a2420ae500376d9f7f652dd8545deebd399bb96cfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 18:00:38 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 18:00:28 GMT
x-amz-cf-pop
FRA56-P2
age
7451928
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=1234567890
content-disposition
inline; filename="deep-dive-into-penetration-testing.webp"
alt-svc
h3=":443"; ma=86400
content-length
6536
x-amz-cf-id
NfT8FFOtm54rOkgLob-D7zZI39lbEvyGQn3U1PNg9M_2jws96_WaFw==
ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ 		3 KB
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=19a554b579c4
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:50:06 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
256161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2707
last-modified
Thu, 11 Apr 2024 16:49:11 GMT
server
AmazonS3
etag
"5217392f882b27d35ec2e72946f2df7e"
vary
Accept-Encoding
access-control-max-age
0
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
wufRiLbXiNlP9BUJXWhV4PfNLFlw1djwuyGAzq8jmswIz2u5t4mDNA==
email-decode.min.js
www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
server
cloudflare
etag
W/"663b4689-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8815a4ae2e8868fb-FRA
expires
Sat, 11 May 2024 23:59:26 GMT
ajax_ping
www.cyberark.com/resources/hubsFront/ 		49 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/resources/hubsFront/ajax_ping
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.d9fdeb361862fc14a04f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
frame-ancestors 'self' https://www.cyberark.com/
referrer-policy
unsafe-url
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-frame-options
DENY
content-type
application/json
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language
en
cf-ray
8815a4b228d368fb-FRA
x-xss-protection
1; mode=block
stats_temp_item_609327918x76d667712ef6e7416e1ef7ca35bee087ccacc1e8f8f0a32d66634331e68bb97b1715299166e41fbe4b8877f2cfdc5fe8807ddb88c5a148a82360417b115bd67cda5ac36369
www.cyberark.com/resources/hubsFront/signalMetricsTemp/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cyberark.com/resources/hubsFront/signalMetricsTemp/stats_temp_item_609327918x76d667712ef6e7416e1ef7ca35bee087ccacc1e8f8f0a32d66634331e68bb97b1715299166e41fbe4b8877f2cfdc5fe8807ddb88c5a148a82360417b115bd67cda5ac36369?t=1715299167061
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
frame-ancestors 'self' https://www.cyberark.com/
referrer-policy
unsafe-url
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-frame-options
DENY
content-type
text/html; charset=UTF-8
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language
en
cf-ray
8815a4b248de68fb-FRA
x-xss-protection
1; mode=block
tag.aspx
ml314.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?104
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:42:58 GMT
via
1.1 google
content-encoding
br
age
989
x-guploader-uploadid
ABPtcPprIpgqUFR7rAWHFeSPrqGR4Us4ODjO5WblXHZlGZj0kblPBfrPBpTPsaWCTM8vGmoDp3g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10611
last-modified
Tue, 07 May 2024 22:27:04 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1715120823907330
x-goog-hash
crc32c=10AurQ==, md5=zLoLKAsL6lcopoHLyCZEiw==
content-type
application/javascript
cache-id
FRA-1209ea83
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
34184
accept-ranges
bytes
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-38-132.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
sprite-1x.png
content.cdntwrk.com/img/hubs/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/img/hubs/sprite-1x.png
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.d9fdeb361862fc14a04f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://content.cdntwrk.com/css/hubs/hubs.d9fdeb361862fc14a04f.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 23:02:39 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
age
89809
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
60511
last-modified
Wed, 01 May 2024 17:13:01 GMT
server
AmazonS3
etag
"9e7227669aa01cd19bcc27e802668929"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
esYeu9Kr_DrnrhHtUC-zQO7q2mae8Ld5extj3pjTF3nc6dk9W4_mnw==
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
uparrow.png
content.cdntwrk.com/img/hubs/ 		194 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/img/hubs/uparrow.png
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.d9fdeb361862fc14a04f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://content.cdntwrk.com/css/hubs/hubs.d9fdeb361862fc14a04f.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 11:26:47 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
age
217978
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
194
last-modified
Mon, 29 Apr 2024 17:56:20 GMT
server
AmazonS3
etag
"e5bbd7205c8f2ff1cd6c9f777f31da64"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
vtiauKNt4Aks9nYJgh07kM9C5bRYIcziRt81pmwkoDskoIqmbNX08w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
522811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 22:45:56 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1022544
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
62472
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-f408"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCliVFyixWz0l3nLBre5I0TWYHNUdJx84DCpOE3zdcSU5abvw%2FFkxmxY%2By8W1HwJz4Cg%2Fc7Mx6BB5Uu5QYouDqL%2Bl2haPvLcujHYzXpH%2FC70bBP%2BGui47fa3JwaPBdIrYqMuoCJg"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8815a4b39f091c0b-FRA
expires
Tue, 29 Apr 2025 23:59:27 GMT
372722_2_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_2_unhinted_0.woff2
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f5f9d511700318e988d3ef843afc49224162c8bb2435db7b9dc3590f525306f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 04:40:38 GMT
via
1.1 e23d0cd26e88be416569e15d7299b25c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
69982
x-cache
Hit from cloudfront
content-length
26033
last-modified
Wed, 27 May 2020 16:17:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:83914a011477cb60998949144e2ac5aa/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag
"83914a011477cb60998949144e2ac5aa"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
k9VGICmpHEW2tLgmU2-f8-dVz19HXBqlwwX-gt5tnZ3n4ZD01OSVJw==
372722_4_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_4_unhinted_0.woff2
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66c708b80cab108a2fde84cac9677c07435537bc9d06085ccd1ac80cb93513b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 06:19:53 GMT
via
1.1 e23d0cd26e88be416569e15d7299b25c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
66500
x-cache
Hit from cloudfront
content-length
25237
last-modified
Wed, 27 May 2020 16:17:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:da77e86db861301f9320c467d834e649/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag
"da77e86db861301f9320c467d834e649"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Gk5Loweo0foxIhkBOEhEnkqWeuurEikAQYirKfOVc-cEjgOOYTtqEw==
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2065086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64144
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-fa90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fM8Fz6QEsWR7I3711v088gwMR%2FeIb936Cdl2v0tNrXiZVuMhbjcGVA0uD3QIoKQBtqkxBPttdxH%2F%2Baaau9kQLGyeHtbBJF9Dlp%2BvqiIynLdX906AcMPd1dcATNSI%2FKKPHZKw7Za"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8815a4b39f0a1c0b-FRA
expires
Tue, 29 Apr 2025 23:59:27 GMT
fontawesome-webfont.woff2
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 06:31:19 GMT
via
1.1 e23d0cd26e88be416569e15d7299b25c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
62889
x-cache
Hit from cloudfront
content-length
77160
last-modified
Wed, 27 Jan 2021 17:56:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611770160/ctime:1611770160/gid:117/gname:docker/md5:af7ae505a9eed503f8b8e6982036873e/mode:33188/mtime:1611770160/uid:1001/uname:runner
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
9OUjmezsRFZMnCehZiFlxzVogSo8WxU2ot9eYD0rkwylpS_WUpwx3w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:58:55 GMT
x-content-type-options
nosniff
age
230432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:58:55 GMT
id
dpm.demdex.net/ 		367 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9AB97041603F3EDB0A495C66%40AdobeOrg&d_nsid=0&ts=1715299167218
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.228.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
41d6606ca76e62fa7fae3020cda808a7b1fa2b9da36c13d619881d47a0b721f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v061-0a3570a5a.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
p9UVEvHESKA=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
310
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Fri, 10 May 2024 00:59:27 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Fri, 10 May 2024 00:59:27 GMT
aHViPTEwODU0MCZjbWQ9YmFja2dyb3VuZF9pbWFnZSZ2ZXJzaW9uPTE2OTk0NjY2MDEmc2lnPWI2YzQzMzhjYjNhMjI2NGQ2NjExNDIyNjlhYjM3MTFj
content.cdntwrk.com/files/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.cdntwrk.com/files/aHViPTEwODU0MCZjbWQ9YmFja2dyb3VuZF9pbWFnZSZ2ZXJzaW9uPTE2OTk0NjY2MDEmc2lnPWI2YzQzMzhjYjNhMjI2NGQ2NjExNDIyNjlhYjM3MTFj
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
a36681fe4fd06eb0856952cddb2047065db39f00e819dbf0e9715540083f8198

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Jan 2024 07:32:46 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Thu, 18 Feb 2021 22:21:19 GMT
age
10427201
x-amz-cf-pop
FRA56-P2
etag
"1613686879-be99bf6a6e12dc968d17e108eb199e37"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=15552000
content-disposition
inline; filename="background_image.webp"
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
88a2NAPqd3YWOeBtLvgUQ9A1mS2p80fdrnWvSaGAaPhzCmXwiay83g==
372722_1_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_1_unhinted_0.woff2
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4761d421bbf2f059126b9ce4f5e0a9f7bc83b046a58162780a2b9c3ab8c9a56

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 05:31:08 GMT
via
1.1 e23d0cd26e88be416569e15d7299b25c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
66500
x-cache
Hit from cloudfront
content-length
26041
last-modified
Wed, 27 May 2020 16:17:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:0601eae673330329b340003d42fc1c36/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag
"0601eae673330329b340003d42fc1c36"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ZcXytxlUJmzVSJsTkhXM047bnurTg_Wj_Ymsw1AlWipT5gDTgSHmVg==
ajax_updateMAPUsers
www.cyberark.com/resources/hubsFront/ 		126 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/resources/hubsFront/ajax_updateMAPUsers
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.d9fdeb361862fc14a04f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
frame-ancestors 'self' https://www.cyberark.com/
referrer-policy
unsafe-url
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-frame-options
DENY
content-type
application/json
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language
en
cf-ray
8815a4b3896f68fb-FRA
x-xss-protection
1; mode=block
External-darkblue.svg
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/ 		952 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/External-darkblue.svg
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:c000:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f150486021d4182821249f13273a7a87862756e2b021e3d19121aaae6a2e09d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 01:58:56 GMT
via
1.1 2ce23ed5e0f70e0006a9917211b6355c.cloudfront.net (CloudFront)
last-modified
Fri, 29 Jan 2021 20:02:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611950517/ctime:1611950517/gid:117/gname:docker/md5:98bf2668c3bae975ce6b211e1acc322f/mode:33188/mtime:1611950517/uid:1001/uname:runner
x-amz-cf-pop
FRA56-P12
age
79231
etag
"98bf2668c3bae975ce6b211e1acc322f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
952
x-amz-cf-id
44bXkh4E8PrGE-EShiMmXA9kDRL1s39Iq18oeEJ11TgTJHNmKHdnnQ==
d24194f2-6101-4c07-b071-d2eb5d40f5e6.js
j.6sc.co/j/ 		854 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/j/d24194f2-6101-4c07-b071-d2eb5d40f5e6.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b06ee181a056d674f14dc07a3cf5eaf2b4f85aa65def46ee9c33cffda18573bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
E_7p8DmUGF.SFGebCI0B6mb0uV3e3zDK
content-encoding
gzip
date
Thu, 09 May 2024 23:59:27 GMT
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
456
pragma
no-cache
last-modified
Thu, 07 Sep 2023 14:27:11 GMT
server
AmazonS3
etag
"b87bd20cfa5f7954aff6c87638984d17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
YEoodEh4IRnk6HtAIMRTZygbpEOIxG3dYcyaWLiCuY6IM8-Vx5thsg==
expires
Thu, 09 May 2024 23:59:27 GMT
rtp.js
sjrtp6-cdn.marketo.com/rtp-api/v1/ 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.121.18 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-121-18.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.45.v20220203) /
Resource Hash
fb55a062d9f3b704e9d990f6ead8990e01d09a783c47ff13957578a19076518c
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=63113904
Content-Encoding
gzip
Date
Thu, 09 May 2024 23:59:27 GMT
Last-Modified
Sat, 27 Apr 2024 01:06:26 GMT
Server
Jetty(9.4.45.v20220203)
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
public, max-age=248
Connection
keep-alive
Content-Length
42533
notice
consent.trustarc.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
2fabf85089d70ab869eb260a0b50a8b80358e70765a0a9759921f57584bdc57b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
content-length
5449
x-amz-cf-id
knh2qX3mYNXS18MR8BCWf6NSyXkumC_Y97QVUnZliJ80C5qi6vQ7hw==
pixel.js
www.redditstatic.com/ads/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 07 May 2024 17:43:30 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"337f63427080a8d6a60316b759dab390"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12083
ct
obs.segreencolumn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/ct?id=45375&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715299167374&hl=2&op=0&ag=2115704966&rand=839820261120056088561216769050616309084870990751070210667751548529159125719566118565&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDg3OTBdLFsiYm5jaCIsMV0sWyJhYm5jaCIsMV0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTcsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy02MywiLSJdLFstOSwiKyJdLFstMzAsIltcInZcIiwwXSJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUtREUsbGF0bixncmVnb3J5Il0sWy01MSwiLSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02MCwxOTVdLFstNjQsIlswLFwiV2luMzJcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTI0XCJ9LHtcImJcIjpcIk5vdDpBLUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMjRcIn1dXSJdLFstMTIsIm51bGwiXSxbLTQxLCItIl0sWy00OCwiMCwwIl0sWy0xOSwiWzkwLDkwLDkwLDkwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTMzLCItIl0sWy01MywiMTAwIl0sWy01MCwiLSJdLFstMTQsIi0iXSxbLTIxLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1widGl0bGVcIixcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy02OCwiLSJdLFstNDksIi0iXSxbLTU1LCIxIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZ0VOV2w4S0NROExYd0FCV2x0WVd3QUFEVjBQQ2dCWUFBNE1Xd3NPQUFGY0YxTktBd2dERHc0SUNna1EiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTY3LCItIl0sWy0xMywiLSJdLFstMjgsImVuLVVTLGVuIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MzA4MjAyNzksXCJzZWNcIjpcIlwifSJdLFstNTQsIntcImhcIjpbXCIzNTc0NDA3MDA3XCIsXCIyNzg4NTQwNDU1XCIsXCJfM1wiLFwiMjg3Mjg5OTMyMFwiLFwiMzY4MDM3Nzk5MlwiLFwiNzUwNTYyNzQyXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy0yNCwiW10iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMTUsIi0iXSxbLTMxLCJmYWxzZSJdLFstMTYsIjAiXSxbLTE3LCIxMiJdLFstMjAsIi0iXSxbLTM4LCJsLC0xLC0xLDAsMCw4LDAsMCw4NSw0OTMsLTEsMCwxNTcwLDE1NzAsMTcxMCwxNzExIl0sWy00NiwiMCJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstMjUsIi0iXSxbLTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy02MiwiODAiXSxbLTIzLCIrIl0sWy01OCwiLSJdLFstNjUsIi0iXSxbLTM1LCJbMTcxNTI5OTE2NzM1OSwtMl0iXSxbLTUyLCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yNiwie1widGpoc1wiOjIxMzg5Njg0LFwidWpoc1wiOjE3Mzg3NTQwLFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0zMiwiLSJdLFstNDAsIjMzIl0sWy02LCJ7XCJ3XCI6W10sXCJuXCI6W10sXCJkXCI6W119Il0sWy0xMCwiLSJdLFstMSwiLSJdLFstNDQsIjAsMCwwLDUiXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTIsIjUsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMjksIi0iXSxbLTQ1LCItIl0sWy01LCItIl0sWy0zNCwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00LCItIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbImRkYiIsIjAsNiwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwxLDAsMCwwLDAsMywxLDAsMSwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCw4LDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw2LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsNCwwLDAsMCwwLDAsMCwwLDEsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=Xc04Eu46gS&pto=1729&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715299167.JtCO1lFObtIvP6AP&suid=1.1715299167.6du9OBRRAjgFkCPA&tuid=1.1715299167.1JreSFQa83znW0Mm&fbc=-&gtm=W10%3D&it=81%2C579%2C739&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
84612718201726eaf2d2727d4fcb830519369820f4d8bea485104ad1b6b6912d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript
pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1513
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 May 2024 22:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 May 2024 00:07:49 GMT
RCaadfaa88901e4f0e8cbb8050b0941051-source.min.js
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/ 		538 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/RCaadfaa88901e4f0e8cbb8050b0941051-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
add45a468bcd64e33645f15b1870b5813d1ff1fe97c59cb4bcd9e98fa09c66fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 18:01:17 GMT
server
AkamaiNetStorage
etag
"27301ca53ed689497d352b9a4a49a8d7:1698429677.369864"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
327
expires
Fri, 10 May 2024 00:59:27 GMT
main.js
www.cyberark.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 95E8
Redirect Chain
  • https://www.cyberark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.cyberark.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145a1a4d8bffa0b22d21fdda0c4936ee53accc4404186dc2d576a475b90e16d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8815a4b55a4f68fb-FRA

Redirect headers

date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control
max-age=300, public
cf-ray
8815a4b469da68fb-FRA
content-length
0
utsync.ashx
ml314.com/ 		62 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=52079&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pv=1715299167419_u2y49ozmx&bl=de-de&cb=6172126&return=&ht=&d=&dc=&si=1715299167419_u2y49ozmx&cid=production%7C%7C108540%7C%7C6824673%7C%7C609327918&s=1600x1200&rp=&v=2.7.2.162
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/javascript
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=1042024&v=2.7.2.162
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.64.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-64-0.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:27 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Fri, 10 May 2024 23:59:27 GMT
dest5.html
cyberark.demdex.net/ Frame F638 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberark.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.77.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-77-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 09 May 2024 23:59:27 GMT
dcs
dcs-prod-irl1-1-v061-0e44f6642.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 11:56:33 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
ok3fOw2pRMk=
ibs:dpid=411&dpuuid=Zj1jXwAAAMds7ANe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=87351779568960975691155907780819784929
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zj1jXwAAAMds7ANe
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zj1jXwAAAMds7ANe
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Server
52.19.228.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v061-0ce60d780.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
lNJY5lnTQT4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zj1jXwAAAMds7ANe
Date
Thu, 09 May 2024 23:59:27 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
cyberark.tt.omtrdc.net/rest/v1/ 		351 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cyberark.tt.omtrdc.net/rest/v1/delivery?client=cyberark&sessionId=c5197f9ad7a84192857f73d33562c8c0&version=2.10.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.225 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-66-235-152-225.data.adobedc.net
Software
jag /
Resource Hash
9a40f95bb955d55c98ba69ab85b2c4722d20119bd8a4825baf3714b9d5871c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
bf2e41ae-0369-4212-85ee-021189cf2ed3
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-38-132.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Sat, 17 Aug 2024 23:59:27 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9920016
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e387300a8c1611a6307b70e53bef9f59f5358236cb79134055c2dae2a317aff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73973
x-xss-protection
0
last-modified
Thu, 09 May 2024 21:59:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 23:59:27 GMT
RC215bf8f3db2048f5a863a53bd773832d-source.min.js
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/ 		429 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/RC215bf8f3db2048f5a863a53bd773832d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
94fa9986e84282779b163982fac7dde36adcabd7ae376b82ce764edfccc59894

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 18:01:17 GMT
server
AkamaiNetStorage
etag
"27301ca53ed689497d352b9a4a49a8d7:1698429677.369864"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
278
expires
Fri, 10 May 2024 00:59:27 GMT
v1.7-3281
consent.trustarc.com/asset/notice.js/v/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-3281
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Origin
https://www.cyberark.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Thu, 09 May 2024 23:33:04 GMT
content-encoding
gzip
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 2 May 2024 01:55:11 GMT
x-amz-cf-pop
FRA2-C2
age
1583
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-id
Bx4kyjvfIN9ucCOxamOKaSEe44lfDGxFiiv61hXo9AL3XGyClgI2sg==
get
consent.trustarc.com/ Frame ADC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=cyberark.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
338
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html
date
Thu, 09 May 2024 23:53:49 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-id
ggmwIw62MCtr-DM7-qunt5OGfw46y_28yMXjuKnC57KRXFcEc7rlKA==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
log
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=cyberark.com&country=de&state=&behavior=expressed&session=5d872c57-6ba1-410a-9abe-43313c0e178a&userType=NEW&c=63c6&referer=https://www.cyberark.com
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
Sx-Id_N6fT-3hRShOF4ukObKNIcaWg3IFMMycLfxG1UzJYLY_xx-JQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
t2_o2i62ves_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_o2i62ves_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1715299167613&id=t2_o2i62ves&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=07caf7ea-159b-4a60-a100-6428f2e43ae1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a8bbbcc6&dpm=&dpcc=&dprc=
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
collect
www.google-analytics.com/j/ 		15 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1749098090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ul=de-de&de=UTF-8&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=874252988&gjid=1281039421&cid=1617274274.1715299168&tid=UA-44168172-9&_gid=1028061478.1715299168&_slc=1&gtm=45He4510n715SFWTHv72025662za200&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cd7=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=421990496
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5cbd2c4ce1325baae0fa325bdd95a25a925b094d7e88fc6fcebb834a6906c5b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44168172-9&cid=1617274274.1715299168&jid=874252988&gjid=1281039421&_gid=1028061478.1715299168&npa=1&_u=YGBAgEABAAAAAGAEK~&z=670677439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 09 May 2024 23:59:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
316-czp-275.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://316-czp-275.mktoresp.com/webevents/visitWebPage?_mchNc=1715299167634&_mchCn=&_mchId=316-CZP-275&_mchTk=_mch-cyberark.com-1715299167633-20044&_mchHo=www.cyberark.com&_mchPo=&_mchRu=%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&_mchPc=https%3A&_mchVr=163&_mchEcid=9AB97041603F3EDB0A495C66%40AdobeOrg%3A6%3A83440837631942048121945319657485976396&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:28 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
4d7c8eb0-c8f0-461b-b554-aff365bb6d5a
8815a4a9fcbb68fb
www.cyberark.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 95E8 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/cdn-cgi/challenge-platform/h/g/jsd/r/8815a4a9fcbb68fb
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
8815a4b67adb68fb-FRA
content-length
0
content-type
text/plain; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTLTD7RKN5&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c19b2682dab28d44aed0e7ae86f5576e8d2e6b8dcf53dbf2a0ba09c4480fdbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98831
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 09 May 2024 23:59:27 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44168172-9&cid=1617274274.1715299168&jid=874252988&npa=1&_u=YGBAgEABAAAAAGAEK~&z=1908468788
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44168172-9&cid=1617274274.1715299168&jid=874252988&npa=1&_u=YGBAgEABAAAAAGAEK~&z=1908468788
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
consent-pref.trustarc.com/ Frame EC08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&country=de&action=notice&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=5d872c57-6ba1-410a-9abe-43313c0e178a&userType=NEW
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-3281
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-115.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Thu, 09 May 2024 23:59:27 GMT
expect-ct
max-age=86400; enforce;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-id
EmOClfSt05EznR7_oLLD3jr9JnJSsk-jp7jDC52pVY8Q-FDj-2vEGw==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=cyberark.com&behavior=expressed&country=de&language=en&rand=0.2871981774530077&session=5d872c57-6ba1-410a-9abe-43313c0e178a&userType=NEW&referer=https://www.cyberark.com
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-security-policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA2-C2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cross-origin-opener-policy
cross-origin
expect-ct
enforce, max-age=60
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id
yXcxwFW8YL9C1vRJwhC1blXTvlfmeWgz8jtq36eZgB4EbSHlEn_g0A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071691665&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7759fb03a0bd223abd019f475796910d30a50066a0820c6e227365a45f812318
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86939
x-xss-protection
0
last-modified
Thu, 09 May 2024 23:30:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 23:59:27 GMT
/
www.google.de/pagead/1p-conversion/1071691665/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCL...
  • https://www.google.com/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=Ih...
  • https://www.google.de/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhM...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIiqLcrOOBhgMVb4mDBx1g3wVZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqluHVXPpSoFQLB9hrQNG2dCojhAiBhw&random=1119048868&ipr=y
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1071691665/?label=H8zfCNSYxvwYEJHvgv8D&guid=ON&script=0&ct_cookie_present=false&random=1666299755&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIiqLcrOOBhgMVb4mDBx1g3wVZMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqluHVXPpSoFQLB9hrQNG2dCojhAiBhw&random=1119048868&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obs.segreencolumn.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc53ce3468c9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a148e6a2217071a10acf9f29f674f8b87db56293949ad7c700584328e6bc001630c239651010c3d515ec5ed681c77be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60265f560b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7908677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1813f6696cfe954565bddefe21880efb15b4d74c91479d992ccc3a3194ca27dc778cc0b6a69de5ea1c29f533a4feb875433eae8b27d4f401b95a5946901a44d69983cfd1ff9539842bdd91f8987fff716c24857f3ad9829b5e20d3fe3cbb06f6944e8676a532424559c97bba00d2c1a973f7963bc812a883dbce6995164266ec5f1947795979c1e360a253d7cd8e6bb39964f79c27c995eeb17982a0e25877318bfe484edcbb1f5103f7fae939fa27deb541bcbc71f728bd60d5139706cbba6892082de5b280246a6e235c74195614a9e8907e8110bd573a363be4a61dcd921910ecfd8ea8b668deffa6a9d0adedb31e0d2ef15594aa4b3ddb516f09843b083068b63bfc6405d0b59025d3378661d2f472dfb21fc769133377530f4fc595ba9f452f47900a5887cfcbede2b90f5ccbeef904c2dd7969c5c00e2e2ba583d33d22b42e995c9d1cff369b12dad41af8ba31fe9288d29a5b63efe03b639e77a68db0a80a9d6c34160388694350b1a4438eec14ca9187c954cd84872f0f3747bd3cb704aa55b183759732432547267c7fe15e899d3255b96ac0bbf629c4cc458f686eac16753082e9d20e46f372f38e0cc701310156a13d2c86c2cb7a9f1267ce9719b3dec3fe8743df5f5c2b14f4703b28d8e3735de64a98ac8554c9b3ea7f3d6ebe78634d5d9b055af498f01916916773da9e8647cecabc9b1c2bc542d9651b0c9b38780cb5a1165d9992a68fb6a019f33bb86fd224c48d0bcdecfe2c29eefc0297fdc8d395fbd5876a258c9b7847872dd04acb4ceb8f46b4dd8f9128a08cd5e4e9122ad0b09aa1109010d10d4800473f93cf6724d664f64f81df74bf1d2be16442dc70eedf6d7ea47b625118c9b6ca2786d8573e6b077192cdd7ba8e3ac956e8fd2034979e045748123c7b2de920b0f26745a1e48387f6aca6b0ae9e6bf0ff881f2b7d466369383f1ef34e2554aae0b6ad29badf6014dbca0ff9da&cri=Xc04Eu46gS&ts=479&cb=1715299167853
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
3bbd8ebd-0c0b-41d1-a7fd-b3afa559f149
https://www.cyberark.com/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.cyberark.com/3bbd8ebd-0c0b-41d1-a7fd-b3afa559f149
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
389d6b9e935175b23d1d1b3d6f72353ff22ffefb462ad4a8ecf9c51a61386b41

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
261
Content-Type
f28cbccb-0087-4535-9f43-2e015863d443
https://www.cyberark.com/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.cyberark.com/f28cbccb-0087-4535-9f43-2e015863d443
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df6f5c01e1bc249db3ab75edc80c74d2166f13274feca53dbafc72257e04649e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
529
Content-Type
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XTLTD7RKN5&_ng=1&gtm=45je4580v9135218693za200&_p=1715299166240&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1617274274.1715299168&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sid=1715299167&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&tfd=2279
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTLTD7RKN5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-XTLTD7RKN5&cid=1617274274.1715299168&gtm=45je4580v9135218693za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTLTD7RKN5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cyberark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-XTLTD7RKN5&cid=1617274274.1715299168&gtm=45je4580v9135218693za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0&z=1681547334
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6si.min.js
j.6sc.co/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/d24194f2-6101-4c07-b071-d2eb5d40f5e6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 May 2024 06:01:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"663c66b5-106b3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
18038
expires
Thu, 09 May 2024 23:59:27 GMT
/
www.googleadservices.com/pagead/conversion/1071691665/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1071691665/?random=1715299167973&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071691665&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d8e6b0fadb1d200690a1b4d03fee88ae1bcdf29b6f73c243308770af3900ecbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1799
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.121.18 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-121-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2017 08:57:42 GMT
Server
AkamaiNetStorage
ETag
"7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3752
trw
sjrtp6.marketo.com/gw1/ 		214 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sjrtp6.marketo.com/gw1/trw?aid=cyberarksoftware&trwv.uid=cyberarksoftware-1715299167993-20295e58&trwv.vc=1&trwsa.sid=cyberarksoftware-1715299167994-6555cfdc&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ma=id%3A316-CZP-275%26token%3A_mch-cyberark.com-1715299167633-20044&pm=&viewedTypes=&rts=1715299167999
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.146.116 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
baba8eacc7c69190a86365e6b229f270cd40c6f145b7d893422134ed156051c5
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:28 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
Server
Jetty(9.4.45.v20220203)
Connection
close
Content-Length
214
Content-Type
application/x-javascript;charset=utf-8
ga-integration-2.0.5.js
rtp-static.marketo.com/rtp/libs/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.121.18 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-121-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Jun 2023 08:00:53 GMT
Server
AkamaiNetStorage
ETag
"18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5654
getuidj
secure.adnxs.com/ 		11 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
an-x-request-uuid
a1a70207-a235-4995-a45c-ac3d966a62be
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cyberark.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		7 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:28 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.cyberark.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		20 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a244 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a01:4a0:1338:92::10
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1715299168092_388276228_280121922_19_804_38_80_219";dur=1
content-length
20
expires
Thu, 09 May 2024 23:59:28 GMT
/
www.google.de/pagead/1p-conversion/1071691665/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sy...
  • https://www.google.com/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u...
  • https://www.google.de/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1MverOOBhgMVvYiDBx3F_gT2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqLzzPmuplfqhUR-jHD10fJ8CEV9FPww&random=468680193&ipr=y
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H3
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1071691665/?random=668954335&cv=11&fst=1715299167973&bg=ffffff&guid=ON&async=1&gtm=45be4580v898648185za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&label=H8zfCNSYxvwYEJHvgv8D&hn=www.googleadservices.com&frm=0&tiba=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&gtm_ee=1&npa=1&pscdl=noapi&auid=605443514.1715299167&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1MverOOBhgMVvYiDBx3F_gT2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSGwB7FLtqLzzPmuplfqhUR-jHD10fJ8CEV9FPww&random=468680193&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
msg
sjrtp6.marketo.com/gw1/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sjrtp6.marketo.com/gw1/msg?a=2&sid=cyberarksoftware-1715299167994-6555cfdc&aid=cyberarksoftware&ma=id%3A316-CZP-275%26token%3A_mch-cyberark.com-1715299167633-20044&viewedTypes=&0.7196565583004211&rts=1715299168051
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.146.116 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:28 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
Server
Jetty(9.4.45.v20220203)
Connection
close
Content-Length
0
Content-Type
text/javascript;charset=utf-8
ajax_ping
www.cyberark.com/resources/hubsFront/ 		49 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cyberark.com/resources/hubsFront/ajax_ping
Requested by
Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.d9fdeb361862fc14a04f.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:28 GMT
content-security-policy
frame-ancestors 'self' https://www.cyberark.com/
referrer-policy
unsafe-url
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-frame-options
DENY
content-type
application/json
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language
en
cf-ray
8815a4b8bbb568fb-FRA
x-xss-protection
1; mode=block
img.gif
b.6sc.co/v1/beacon/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:28 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:28 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22059bf2ba2b88e39bb3200769d2e411fc%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%7B%5C%5C%5C%22name%5C%5C%5C%22%3A%5C%5C%5C%22prod-cat%5C%5C%5C%22%7D%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22d24194f2-6101-4c07-b071-d2eb5d40f5e6%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:28 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:28 GMT
mon
obs.segreencolumn.com/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/mon
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:28 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.segreencolumn.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/mon
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:28 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
msg
sjrtp6.marketo.com/gw1/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sjrtp6.marketo.com/gw1/msg?a=2&sid=cyberarksoftware-1715299167994-6555cfdc&aid=cyberarksoftware&ma=id%3A316-CZP-275%26token%3A_mch-cyberark.com-1715299167633-20044&viewedTypes=&0.08235899510137545&rts=1715299169018
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.146.116 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:29 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=63113904
Server
Jetty(9.4.45.v20220203)
Connection
close
Content-Length
0
Content-Type
text/javascript;charset=utf-8
img.gif
b.6sc.co/v1/beacon/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A28%20GMT%22%2C%22timeSpent%22%3A%221011%22%2C%22totalTimeSpent%22%3A%221011%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:29 GMT
RC5266e3ee597a459fbc388f1132b7e943-source.min.js
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/ 		521 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/RC5266e3ee597a459fbc388f1132b7e943-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ce04010f81026943ad5db47aaac761f4ac4103774c970056ec95316d1fd5eaca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 18:01:17 GMT
server
AkamaiNetStorage
etag
"27301ca53ed689497d352b9a4a49a8d7:1698429677.369864"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
329
expires
Fri, 10 May 2024 00:59:29 GMT
jquery-custom-ui.min.js
rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/ 		522 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtp-static.marketo.com/rtp/libs/jqueryui/1.13.2/jquery-custom-ui.min.js
Requested by
Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.121.18 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-121-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 11:54:52 GMT
Server
AkamaiNetStorage
ETag
"85c4e68263c6de164e4bad3fb60222a5:1685620750.615377"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ey22i6m9p82y.js
js.driftt.com/include/1715299200000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1715299200000/ey22i6m9p82y.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-77.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b5ef7dd34cf17eb441a01a651d089e520dff86ae2337ff95ee079f46a394880a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Z_PrOFTRMvL4O0aYU62zlt9FokvO7ucK
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 09 May 2024 23:59:29 GMT
via
1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Fri, 03 May 2024 15:33:08 GMT
server
istio-envoy
etag
W/"cb9fee71607daf9b9d3bb7b3d5abc6da"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Rbw5Fq66H4_epYBHOlZY94CnCDOqU3hkB0aTq4VWbPcPpbTAodGRPg==
destination
www.googletagmanager.com/gtag/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1071691665&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
93529a0ce0c8cc50f7c71068809419e8e1a3659249ca37cbe189bf80f019b076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86985
x-xss-protection
0
last-modified
Thu, 09 May 2024 23:30:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 May 2024 23:59:29 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=36645
accept-ranges
bytes
content-length
16683
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e17b5f6d30a928cb9fd9ab42adf8d8954b6b71b114b2c22b88628999e4f4e76
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 23:59:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57843
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2802, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma
public
x-fb-debug
y1+RAjFiF93O+yDHME9gtHNXF75Fk3DtUOl229OzF9EqOY79eukNQhI6xdeEiZUyI31F622bHjY+OgpTylnuYw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Bootstrap.js
nexus.ensighten.com/choozle/14963/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8078cebf9ab8ba5c0802536ed68317072ca51f1cb5293db16d63f923aad2e011

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Dec 2023 00:36:54 GMT
x-amz-version-id
x04iqw22f74TR7YV8WcAUNCuLsQOa2Ho
content-encoding
br
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
12525756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 28 Oct 2023 14:30:41 GMT
server
CloudFront
etag
W/"ae9736f2c4e7558eebdb8be79cbd6a8d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
SxXgJa1hAA35jNI_jSJ33azIwJWu-pqE8DIAphjfAS32kwZVRPcM6g==
activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome...
9920016.fls.doubleclick.net/ Frame 0C76
Redirect Chain
  • https://9920016.fls.doubleclick.net/activityi;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chro...
  • https://9920016.fls.doubleclick.net/activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9920016.fls.doubleclick.net/activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4510za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9920016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
446
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 May 2024 23:59:29 GMT
expires
Thu, 09 May 2024 23:59:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 May 2024 23:59:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9920016.fls.doubleclick.net/activityi;dc_pre=CJ_wya3jgYYDFYhsQQIdn-YMyA;src=9920016;type=websi0;cat=websi0;ord=9356660433015;npa=1;auiddc=605443514.1715299167;uaa=x86;uab=64;uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4510za200;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f3b0904c8899b452bd8af15036a36934710ede9a2680e05a7706a82b425cf479

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 23:59:29 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
dc000d50-4dbc-4d9a-ba52-c3015680f76c
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/dc000d50-4dbc-4d9a-ba52-c3015680f76c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.89.204.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
329eba5224a490e972374a62dd94c61794c440471cc2d40a13a73d6586d7394d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F833gb8r_pySikaCfJ_B
expires
Thu, 01 Jan 1970 00:00:00 GMT
dpm_511a418e72591eb7e33f703f04c3fa16df6c90bd.min.js
s.dpmsrv.com/ 		80 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_511a418e72591eb7e33f703f04c3fa16df6c90bd.min.js
Requested by
Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
236381e2317e13613193c1249ff0315bcfce2761c0d7f2f2de4f8480c07d1db4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 01:19:39 GMT
Content-Encoding
gzip
Via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
Last-Modified
Wed, 24 Apr 2024 15:00:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
81591
ETag
"cc1cdeb4a5ba5aaad66921651df5ab0b"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14951
X-Amz-Cf-Id
hF3LIYWwPMyoeRW7qJ8JQ8LgVtBcvIpOHfaKKURONLkN1uXChNIe7A==
cnv
cnv.event.prod.bidr.io/log/
Redirect Chain
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=[ORDER]&ord=[CACHEBUSTER]
  • https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Protocol
HTTP/1.1
Server
34.246.122.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-122-39.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cnv.event.prod.bidr.io/log/cnv?tag_id=188&buzz_key=intentsify&value=&segment_key=intentsify-1098&account_id=2&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1
Date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
favicon.png
content.cdntwrk.com/files/aHViPTEwODU0MCZjbWQ9ZmF2aWNvbiZ2ZXJzaW9uPTE2OTk0NjY2MDEmZXh0PXBuZyZzaXplPTMyJnNpZz0yOGIzZTJmMTlmZjZkZDI5NTkyMWM4Mjk5NWZmNTdmNw%253D%253D/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://content.cdntwrk.com/files/aHViPTEwODU0MCZjbWQ9ZmF2aWNvbiZ2ZXJzaW9uPTE2OTk0NjY2MDEmZXh0PXBuZyZzaXplPTMyJnNpZz0yOGIzZTJmMTlmZjZkZDI5NTkyMWM4Mjk5NWZmNTdmNw%253D%253D/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
/
Resource Hash
3315068613710cfcc08a1d43d532aec5d37aaa6b78e6b51f1240cdd429652f10

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 09:35:24 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified
Sat, 13 Apr 2024 09:35:24 GMT
age
2298245
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
content-disposition
inline; filename="s3_favicon_661a51dcba755_uberflip-ca-central-1-files-prd_hubs_40_108540_108540_favicon.png"
alt-svc
h3=":443"; ma=86400
content-length
1967
x-amz-cf-id
V3tvNRSuwOHLkXpLs6RELCU96Nxo5qavVhcrG6Vs-GyPUOzd2zwJ0A==
RCa5164e12c82447adb2cd80d0c9b8bb38-source.min.js
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/ 		504 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/c9fca00f1528/RCa5164e12c82447adb2cd80d0c9b8bb38-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ecceaab7dbf1f1fe1d9065a03b9b9e0f1b54e1f73b7db1c76a91fb2444dc67de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 18:01:17 GMT
server
AkamaiNetStorage
etag
"27301ca53ed689497d352b9a4a49a8d7:1698429677.369864"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.cyberark.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
324
expires
Fri, 10 May 2024 00:59:29 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-for...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-for...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D17906%26time%3D1715299169729%26url%3Dhttps%253A%252F%252Fwww.cyberark.com%252Fres...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-for...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-fo...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cookiesTest=true&liSync=true&e_ipv6=AQK1DY3B3l849wAAAY9fzDjEmdpl48VpYEhCdRwcBBM0M-WaH-6ra3wLwfIA9KXEUDsSU6Nq
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CAA0D154888C4017B66CC2548A49D825 Ref B: FRAEDGE2005 Ref C: 2024-05-09T23:59:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYYDjXDIHg75o3wJtGSYw==

Redirect headers

date
Thu, 09 May 2024 23:59:30 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5F0AFC2BD07F4C799C32917ABA1E74CB Ref B: DUS30EDGE0422 Ref C: 2024-05-09T23:59:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1715299169729&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cookiesTest=true&liSync=true&e_ipv6=AQK1DY3B3l849wAAAY9fzDjEmdpl48VpYEhCdRwcBBM0M-WaH-6ra3wLwfIA9KXEUDsSU6Nq
x-li-proto
http/2
content-length
0
x-li-uuid
AAYYDjW9pCuXSzHAR4eXzQ==
serverComponent.php
nexus.ensighten.com/choozle/14963/ 		393 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/14963/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/14963/code/&publishedOn=Sat%20Oct%2028%2014:30:32%20GMT%202023&ClientID=923&PageID=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3a00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2ea45590cad9715bb9cf550845613d7a9ce53c2f9886f7d7a74228076f05d3d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
content-length
393
x-amz-cf-id
L8v4TgAx68tifrD_xlhDP_3HGQ3hyDXpLNPVjjGWTm2G452-EidkEA==
expires
Thu, 09 May 2024 23:59:28 GMT
p
i.simpli.fi/ 		798 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=440562&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/dc000d50-4dbc-4d9a-ba52-c3015680f76c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.89.204.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
979b3279da04a0ff858cf6b0e684b11af0411775f9ab8ac8c518ac451856b1d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&dpmCid%3D%26zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D62%26pixelIndex%3D0%26r%3D698852%26tzOffset%3D-120%26url%3Dhttps%253A...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26dpmCid%253D%2526zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D62%2526pixelIndex...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=113004910318121686&dpmCid=&zn=&sn=&q=xImp&v=1.x&cl=62&pixelIndex=0&r=698852&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-b...
244 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=113004910318121686&dpmCid=&zn=&sn=&q=xImp&v=1.x&cl=62&pixelIndex=0&r=698852&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Protocol
HTTP/1.1
Server
54.152.143.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-143-121.compute-1.amazonaws.com
Software
/
Resource Hash
77eb2efe0ae85775ccaeecec32629254d3d3a3c1ad12abfbe061e754b152cb97

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
216
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
an-x-request-uuid
1eb5d2ed-1067-46c2-861e-87e37247b602
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://a.dpmsrv.com/dpmpxl/index.php?id=113004910318121686&dpmCid=&zn=&sn=&q=xImp&v=1.x&cl=62&pixelIndex=0&r=698852&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
s32371538123820
cyberark.sc.omtrdc.net/b/ss/cyberarkproduction/1/JS-2.23.0-LDQM/ 		43 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cyberark.sc.omtrdc.net/b/ss/cyberarkproduction/1/JS-2.23.0-LDQM/s32371538123820
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.27 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-27.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 May 2024 23:59:29 GMT
server
jag
etag
3683576918885171200-4618351759462689198
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.cyberark.com
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 08 May 2024 23:59:29 GMT
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B4082A4C26C84D0EA641EF7EDD85BE07
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
2600:9000:211e:b000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
cache-control
no-cache, must-revalidate
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
lxgJQ_pfQBUWYA1sthgkzxGhK5l968rVKGyXwxQeoIUD7J4uo8rpZg==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
B4082A4C26C84D0EA641EF7EDD85BE07
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/B4082A4C26C84D0EA641EF7EDD85BE07
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/simplifi/B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.1rx.io/usersync/simplifi/B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=B4082A4C26C84D0EA641EF7EDD85BE07&dongle=yf3
37 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=B4082A4C26C84D0EA641EF7EDD85BE07&dongle=yf3
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=B4082A4C26C84D0EA641EF7EDD85BE07&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=B4082A4C26C84D0EA641EF7EDD85BE07
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
2600:1f18:612b:4232:d117:99ec:4378:1ad4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 09 May 2024 23:59:30 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07
95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 09 May 2024 23:59:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B4082A4C26C84D0EA641EF7EDD85BE07
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B4082A4C26C84D0EA641EF7EDD85BE07
  • https://d.agkn.com/pixel/10751/?che=1715299170100&ip=80.255.7.106&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217073104877003792919
  • https://um.simpli.fi/aa_px?sk=217073104877003792919
  • https://um.simpli.fi/empty.gif
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Thu, 09 May 2024 23:59:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B4082A4C26C84D0EA641EF7EDD85BE07
0
0
pubmatic
um.simpli.fi/ 		43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 08 May 2024 23:59:29 GMT
freewheel
um.simpli.fi/ 		43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 08 May 2024 23:59:29 GMT
cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=B4082A4C26C84D0EA641EF7EDD85BE07;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=B4082A4C26C84D0EA641EF7EDD85BE07;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.112 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.112
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
date
Thu, 09 May 2024 23:59:30 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.112
content-length
344
content-language
en
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 09 May 2024 23:59:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=B4082A4C26C84D0EA641EF7EDD85BE07&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 08 May 2024 23:59:29 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=B4082A4C26C84D0EA641EF7EDD85BE07
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
HTTP/1.1
Server
52.21.235.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-235-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 09 May 2024 23:59:30 GMT

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=B4082A4C26C84D0EA641EF7EDD85BE07
62 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
23.37.9.66 Curitiba, Brazil, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-9-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 09 May 2024 23:59:31 GMT
content-length
62
x-request-id
dcaa7ebb0a018e9971ffde420a46fee8
content-type
image/gif

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
tpid=B4082A4C26C84D0EA641EF7EDD85BE07
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B4082A4C26C84D0EA641EF7EDD85BE07
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
52.211.28.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-28-170.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.95
content-length
49
expires
0

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=B4082A4C26C84D0EA641EF7EDD85BE07
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
52.19.204.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-204-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
x-merge
GDPR Optout true
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=B4082A4C26C84D0EA641EF7EDD85BE07
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1715299169786&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiw...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiww...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIwK_OreOBhgMV6IuDBx2pCwJrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSKQB7FLtqMJ6lG-EorapsYreSYCmaGatb9xXpltBprnSC-iC1m1bZSdR8&random=1013656175&ipr=y
Protocol
H3
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=2110336672&cv=7&fst=1715299169786&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIwK_OreOBhgMV6IuDBx2pCwJrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6iQFodHRwczovL3d3dy5jeWJlcmFyay5jb20vcmVzb3VyY2VzL3RocmVhdC1yZXNlYXJjaC1ibG9nL2dvbGRlbi1zYW1sLW5ld2x5LWRpc2NvdmVyZWQtYXR0YWNrLXRlY2huaXF1ZS1mb3JnZXMtYXV0aGVudGljYXRpb24tdG8tY2xvdWQtYXBwcw&is_vtc=1&cid=CAQSKQB7FLtqMJ6lG-EorapsYreSYCmaGatb9xXpltBprnSC-iC1m1bZSdR8&random=1013656175&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=B4082A4C26C84D0EA641EF7EDD85BE07
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
an-x-request-uuid
56a1a171-0ba5-4840-8e51-32c98a9224e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B4082A4C26C84D0EA641EF7EDD85BE07&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B4082A4C26C84D0EA641EF7EDD85BE07&expires=365
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B4082A4C26C84D0EA641EF7EDD85BE07&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B4082A4C26C84D0EA641EF7EDD85BE07
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B4082A4C26C84D0EA641EF7EDD85BE07
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 09 May 2024 23:59:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B4082A4C26C84D0EA641EF7EDD85BE07
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 08 May 2024 23:59:29 GMT
pixel
cm.g.doubleclick.net/ 		170 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
286320195733404
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/286320195733404?v=2.9.156&r=c2&domain=www.cyberark.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9407923b4efec075261261927a4327dffe182bf43eb8d12ca2ac299d73910669
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 May 2024 23:59:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=64, mss=1294, tbw=63346, tp=-1, tpl=-1, uplat=68, ullat=0
pragma
public
x-fb-debug
LQcDLrY9lh+cd0LozUeie4Zh5TsMsJzCFjuzxUyTIdNdntPORzZlB2oHPjHTRIfPryIUH4XzatUV9Bq3Pks3LA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
08773fb052a2034353e4744495485b88.js
nexus.ensighten.com/choozle/14963/code/ 		673 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/14963/code/08773fb052a2034353e4744495485b88.js?conditionId0=4910939
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-44.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
60f515991307abd345708ae3d50ff9a7751c68c208e2586d992c3c6ff729d6b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 16:53:59 GMT
x-amz-version-id
kpkF4PXL.K8vMpkqxwzwd03dNtjBok8N
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
age
2012730
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
673
last-modified
Sat, 28 Oct 2023 14:30:41 GMT
server
CloudFront
etag
"314ad2369d67fe2807f627dbfdcbf52d"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
7TZgeCHmo8LtK47qUU7qWRnw5yeaD3zoyOoiP5lKtgkP6YqdcgREgg==
d3d14424fac71699bdbff068d9b1184b.js
nexus.ensighten.com/choozle/14963/code/ 		2 KB
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/14963/code/d3d14424fac71699bdbff068d9b1184b.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.26.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-44.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e80cfc6df2f882813f88dcf1175bc0c47e13c0cd8517bc240a65ee6cc758b0f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 17 Dec 2023 00:47:32 GMT
x-amz-version-id
ffPQ1iXE0NqYZgujQn.J5knMjbGtNIPl
content-encoding
br
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
age
12525118
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 28 Oct 2023 14:30:45 GMT
server
CloudFront
etag
W/"e8e93310d35a9462151b8fdab5b436ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
BayNAt4JL1rcQ_9F-qCPTdvPyVPUkIYU12B8myAMtnwgE-Tv5jnw1w==
sa.css
tags.srv.stackadapt.com/ 		65 B
204 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f035a6e2e3541df5682ad89576ba1b04abf055a885bc15c67e13a6b906587774

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 23:59:29 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 09 May 2024 23:59:30 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
visitor
sjrtp6.marketo.com/gw1/rtp/api/v1_1/ 		772 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sjrtp6.marketo.com/gw1/rtp/api/v1_1/visitor?sid=cyberarksoftware-1715299167994-6555cfdc&aid=cyberarksoftware&1715299169905
Requested by
Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.146.116 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
3462f453bf2f2cd4d202d9eb2badc0efa57dc326663bee3eaf646b9f453abc40
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
No-cache
Date
Thu, 09 May 2024 23:59:30 GMT
Strict-Transport-Security
max-age=63113904
Last-Modified
Thu May 09 18:59:30 CDT 2024
Server
Jetty(9.4.45.v20220203)
Vary
Origin
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cyberark.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sgm
sjrtp6.marketo.com/gw1/ga/ 		769 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sjrtp6.marketo.com/gw1/ga/sgm?sid=cyberarksoftware-1715299167994-6555cfdc&1715299169906
Requested by
Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.146.116 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
Jetty(9.4.45.v20220203) /
Resource Hash
51ea05933c6ecb117f63e09cd2578d341622495a6fb9887f5a08935f97fccf9f
Security Headers
Name Value
Strict-Transport-Security max-age=63113904

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 09 May 2024 23:59:30 GMT
Strict-Transport-Security
max-age=63113904
Server
Jetty(9.4.45.v20220203)
Content-Type
text/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Length
769
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=286320195733404&ev=PageView&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&rl=&if=false&ts=1715299169964&sw=1600&sh=1200&v=2.9.156&r=c2&ec=0&o=4126&fbp=fb.1.1715299169961.1268614510&cs_est=true&ler=empty&cdl=API_unavailable&it=1715299169833&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 May 2024 23:59:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
img.gif
b.6sc.co/v1/beacon/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A29%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222012%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:30 GMT
saq_pxl
tags.srv.stackadapt.com/ 		185 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=hLcqEj_jyS_TFE6yvRCw0w&is_js=true&landing_url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&t=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&tip=2VuNDrJ13XKic9W0mYLinqwiMld3DvlK-nzanI49IsI&host=https%3A%2F%2Fwww.cyberark.com&sa_conv_data_css_value=%270-8b10da7b-3e40-55d6-45e0-334215ea8778%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98b10da7b3e4055d645e0334215ea877850ff076a&sa-user-id-v3=s%253AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDhxvWxBjABOgS9M-cxQgTGmj6d.9oLa6QiLLXnxXTcDTch6qgrEWYT6KU9Vq0l6nCvMHUc&sa-user-id-v2=s%253AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI&sa-user-id=s%253A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%252FNaZ4%252FprvyJPqinKSMtufiyR6E%252BpueMO%252BP6d4
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.86.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-86-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b62a7cb7330e30caac7fbca43afcfd4f18e2fffd1fa372cab93c625f3d2f3f1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:30 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
185
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
core
js.driftt.com/ Frame 1B93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=42addc92-0cef-4d2a-b9a6-43368f1b95b2&sessionStarted=1715299170.099&campaignRefreshToken=7c269af9-a080-4a40-a4ea-c3f438700e5f&hideController=false&pageLoadStartTime=1715299166232&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1715299200000/ey22i6m9p82y.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-87.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 09 May 2024 23:59:30 GMT
etag
W/"bfed674d771366425d072381f4efc1f7"
last-modified
Fri, 03 May 2024 15:32:45 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-id
Yj-d2Kflj4WHnPPy4LY6kkAxASz3OHWv8p4sQE9Zpd9d2xc3sAdLIw==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
S5LI.Dztu4EwHCgPf20gC00X3KqcCutb
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
17
chat
js.driftt.com/core/ Frame E1F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1715299166232
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1715299200000/ey22i6m9p82y.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-87.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 09 May 2024 23:59:30 GMT
etag
W/"bfed674d771366425d072381f4efc1f7"
last-modified
Fri, 03 May 2024 15:32:45 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
x-amz-cf-id
ovh8dkY48koDYlX5LnwEuR4rPD9vhxXAlZtfoO9HuS9hGTyWboo9QQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
S5LI.Dztu4EwHCgPf20gC00X3KqcCutb
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
19
iframe
d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/ Frame 90D6
Redirect Chain
  • https://insight.adsrvr.org/tags/0v1kpom/u9beit9/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/code/08773fb052a2034353e4744495485b88.js?conditionId0=4910939
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Age
73895
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Thu, 09 May 2024 04:37:36 GMT
ETag
"d45046dc61fcd53aaf217c2c9496ec77"
Last-Modified
Fri, 01 Oct 2021 23:43:18 GMT
Server
AmazonS3
Via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
X-Amz-Cf-Id
rtOURScbjgArlPpXfk2lswLiAHdq5GqPrgrXaWKc006Zc9a_F9iyTA==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
0
date
Thu, 09 May 2024 23:59:30 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
pixel
cm.g.doubleclick.net/ 		170 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=113004910318121686&pixelIndex=0
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_511a418e72591eb7e33f703f04c3fa16df6c90bd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=113004910318121686
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1749098090&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ul=de-de&de=UTF-8&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAGAEK~&jid=&gjid=&cid=1617274274.1715299168&tid=UA-44168172-9&_gid=1028061478.1715299168&gtm=45He4510n715SFWTHv72025662za200&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cd7=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=Core-Backbone%20Gmbh&npa=1&z=851377823
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 08:21:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56286
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1749098090&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ul=de-de&de=UTF-8&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=Opt-In%20Campaign%20Audience&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAGAEK~&jid=&gjid=&cid=1617274274.1715299168&tid=UA-44168172-9&_gid=1028061478.1715299168&gtm=45He4510n715SFWTHv72025662za200&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cd7=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=Core-Backbone%20Gmbh&npa=1&z=61363183
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 08:21:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56286
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1749098090&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ul=de-de&de=UTF-8&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=All%20visitors&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAGAEK~&jid=&gjid=&cid=1617274274.1715299168&tid=UA-44168172-9&_gid=1028061478.1715299168&gtm=45He4510n715SFWTHv72025662za200&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cd7=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=Core-Backbone%20Gmbh&npa=1&z=183188375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 08:21:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56286
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1749098090&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&ul=de-de&de=UTF-8&dt=Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=Gartner%20MQ%202020&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAGAEK~&jid=&gjid=&cid=1617274274.1715299168&tid=UA-44168172-9&_gid=1028061478.1715299168&gtm=45He4510n715SFWTHv72025662za200&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&cd7=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=Core-Backbone%20Gmbh&npa=1&z=1373066486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 08:21:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56286
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mon
obs.segreencolumn.com/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/mon
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:30 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.segreencolumn.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/mon
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:30 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
/
px.ads.linkedin.com/wa/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 23:59:31 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9A8612EB2A254E8A8994B24F11F792DA Ref B: DUS30EDGE0422 Ref C: 2024-05-09T23:59:30Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.cyberark.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYYDjXGDfvqFKU++WfOuw==
img.gif
b.6sc.co/v1/beacon/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A30%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%223017%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:31 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:31 GMT
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?dpmCid=&zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=20714219&cl=62&pixelIndex=0&r=458859&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&id=113004910318121686
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_511a418e72591eb7e33f703f04c3fa16df6c90bd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.143.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-143-121.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
seg
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?member=827&add=20714219
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:31 GMT
an-x-request-uuid
2145b44d-2df0-4935-804a-d797d70468cb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A31%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224019%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-224.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 09 May 2024 23:59:32 GMT
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?dpmCid=&zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=8179407%2C17469484%2C17455522%2C17469469%2C17469519%2C17503755%2C3781750&cl=62&pixelIndex=0&r=586207&tzOffset=-120&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&id=113004910318121686
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_511a418e72591eb7e33f703f04c3fa16df6c90bd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.143.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-143-121.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
seg
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?member=827&add=8179407,17469484,17455522,17469469,17469519,17503755,3781750
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
18bb9f4a-cc0e-4e97-ab1d-1c1cc92b9a36
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=830208&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
96b90cdc-139a-414a-8bb2-b25110eeb010
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1093460&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
9125159c-1607-4ee1-a58e-765d61d100b9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1092981&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
6a30f3c6-3086-424a-8837-746fabd0daf6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1093451&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
4cbe0061-eb90-40da-9e4d-cbe9854db3c2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1093467&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
a214fcb8-5261-4299-88fe-5868cde2cc9f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1095425&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 09 May 2024 23:59:32 GMT
an-x-request-uuid
2e281792-4ffa-4b91-8b3e-ef04b25ab452
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
mon
obs.segreencolumn.com/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.segreencolumn.com/mon
Requested by
Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/84cf3062f98cbab994d639a975b2798e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.cyberark.com
date
Thu, 09 May 2024 23:59:32 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B4082A4C26C84D0EA641EF7EDD85BE07
Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=46748594-f189-47f7-82e4-f76c87c67c43&session=23fa601a-0250-441f-8cc3-7227a98578d9&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2009%20May%202024%2023%3A59%3A32%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225020%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20blog%20post%2C%20we%20introduce%20a%20new%20attack%20vector%20discovered%20by%20CyberArk%20Labs%20and%20dubbed%20%E2%80%9Cgolden%20SAML.%E2%80%9D%20The%20vector%20enables%20an%20attacker%20to%20create%20a%20golden%20SAML%2C%20which%20is%20basically%20a%20forged%20SAML...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Golden%20SAML%3A%20Newly%20Discovered%20Attack%20Technique%20Forges%20Authentication%20to%20Cloud%20Apps%22%2C%22prod-cat%22%3A%22%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps&pageViewId=fdfd85b8-4d86-4cf0-84db-293f08cbbdad&an_uid=0&webTagId=d24194f2-6101-4c07-b071-d2eb5d40f5e6&v=1.1.20

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer object| ubermenu_data object| EnlighterJS object| Hubs function| g_iFrameLoadDataCallback function| g_iFrameScrollCallback object| frontEndPage object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Shared object| MBP object| html5 function| _ function| ufa object| Modernizr function| jQuery function| $ function| imagesLoaded function| getBomboraUuid function| getBomboraUrlId object| _ml function| loadMarketoTracking object| Munchkin object| obData function| getMatchingTileTag boolean| onbrandLoaded function| __ctcg_ct_45375_exec object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| ufPageTitle string| prefix object| tagArray undefined| ufAssetType function| firstSubmission function| secondarySubmission function| persistParams function| getQueryString object| queryString function| submitQueryStrings object| urlArray function| stateControl function| previewField function| thirdPartyCTA function| thirdPartyCtaLink function| uber_supports function| uber_op function| uberMenu_openMega function| uberMenu_openFlyout function| uberMenu_close function| uberMenu_redrawSubmenus function| flexTable function| sha256 function| sha224 object| psArray object| topicArray object| industryArray object| typeArray object| stageArray object| personaArray string| tagPrefix object| ufTagArray object| digital_data function| rtp object| _wq object| __dispatched__ undefined| __i__ function| rdt string| GoogleAnalyticsObject function| ga function| mktoMunchkinFunction function| mktoMunchkin function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| onYouTubeIframeAPIReady object| input function| _truste_eumap object| truste string| userType object| $temp_box_overlay function| redditNormalizeEmail object| gaplugins object| gaGlobal object| gaData object| MunchkinTracker function| gtag number| jsErrorsCount function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| _cq object| _6si object| GooglebQhCsO function| getInternetExplorerVersion function| consoleMessage function| makeGetRequest function| createCORSRequest object| ITLocalStorageAPI object| InsighteraUtil object| iiq object| ibq object| trackObj function| isCurrentSession function| addDynamicScript function| rtpRCMD object| AITag object| aiq object| AIConfig function| setButtonWidthHeight function| getDirectionForWidgetSide function| updateWidget function| initialize function| showWidgetCampaign function| hideWidgetCampaign function| injectContent function| execute function| destroy object| InsighteraWidget function| setTimeoutFunction object| exp_2_year function| loadRichMediaImage function| drift undefined| driftt string| _linkedin_data_partner_id function| fbq function| _fbq function| saq function| _saq function| extUrl function| lintrk boolean| _already_called_lintrk object| ensBootstraps object| Bootstrapper object| sifi_att_42656 object| dpmPixels function| cookieWrite function| cookieRead string| g number| s_loadT object| s_i_cyberarkproduction function| alignElementPosition function| applyAttributeHeightToPics function| revertAttributeHeightToPics object| res object| saCookies string| current_window_url_param object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| ORIBILI object| drift_sentry_config

84 Cookies

Domain/Path Name / Value
www.cyberark.com/ Name: _MGZ_
Value: ufi2bphacssoo9c2t27r5imr1v
www.cyberark.com/ Name: pdf_event
Value: WyJbe1widXVpZFwiOjI1NzQ3MTM3NzN9LDMxNTM2MDAwXSIsImI1MThlZjhjNDAzODI3MDdjYmNkNzZiYmU3MjMyZmRkIl0%3D
.cyberark.com/ Name: __cf_bm
Value: w.AndqJkLIBCuXlzwerS_zeioIr4WpbWF.142Qusd2Q-1715299166-1.0.1.1-L2N6sEoFq9qBfO.UCj1bgfue3F16lCjk2Pkf_.RZrMzZKzK_AdR9oYjf1QObmrKe2QBKyXVFip1k8UWf4Ijqfg
.www.cyberark.com/ Name: _ufav
Value: 11356fc3f0884dcc846bdde1152b8ddd
.www.cyberark.com/ Name: _ufas
Value: 80473116d33f422bba63b8731383c17e
.cyberark.com/ Name: at_check
Value: true
www.cyberark.com/ Name: ufentry
Value: 20240509.202927
.cyberark.com/ Name: _gcl_au
Value: 1.1.605443514.1715299167
.cyberark.com/ Name: _cq_duid
Value: 1.1715299167.JtCO1lFObtIvP6AP
.cyberark.com/ Name: _cq_suid
Value: 1.1715299167.6du9OBRRAjgFkCPA
.demdex.net/ Name: demdex
Value: 87351779568960975691155907780819784929
.cyberark.com/ Name: AMCVS_9AB97041603F3EDB0A495C66%40AdobeOrg
Value: 1
.cyberark.com/ Name: TAsessionID
Value: 5d872c57-6ba1-410a-9abe-43313c0e178a|NEW
.cyberark.com/ Name: notice_behavior
Value: expressed,eu
.cyberark.com/ Name: _rdt_uuid
Value: 1715299167611.07caf7ea-159b-4a60-a100-6428f2e43ae1
.cyberark.com/ Name: _ga
Value: GA1.2.1617274274.1715299168
.cyberark.com/ Name: _gid
Value: GA1.2.1028061478.1715299168
.cyberark.com/ Name: _dc_gtm_UA-44168172-9
Value: 1
.cyberark.com/ Name: _mkto_trk
Value: id:316-CZP-275&token:_mch-cyberark.com-1715299167633-20044
.cyberark.com/ Name: mbox
Value: session#c5197f9ad7a84192857f73d33562c8c0#1715301028|PC#c5197f9ad7a84192857f73d33562c8c0.37_0#1778543968
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zj1jXwAAAMds7ANe
obs.segreencolumn.com/ Name: cg_uuid
Value: 694ba56bc47139a975c90531c8e13c3c
.cyberark.com/ Name: cf_clearance
Value: BE3Q48gDU_gM9N9YT7z2wLmia224axqO77rOF1SPGRI-1715299167-1.0.1.1-4HHEwH5sdV.ux7oQNe23vudgc7Q6Vmkqs3bO5C31r5U2DvEqN8hbr9Dl9gpp27C1d7HH_x79cKDVEnSj6gmIBQ
.dpm.demdex.net/ Name: dpm
Value: 87351779568960975691155907780819784929
.cyberark.com/ Name: AMCV_9AB97041603F3EDB0A495C66%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19853%7CMCMID%7C83440837631942048121945319657485976396%7CMCAAMLH-1715903967%7C6%7CMCAAMB-1715903967%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1715306367s%7CNONE%7CMCSYNCSOP%7C411-19860%7CvVersion%7C5.5.0
.cyberark.com/ Name: trwv.uid
Value: cyberarksoftware-1715299167993-20295e58%3A1
.cyberark.com/ Name: trwsa.sid
Value: cyberarksoftware-1715299167994-6555cfdc%3A1
www.cyberark.com/ Name: _gd_visitor
Value: 46748594-f189-47f7-82e4-f76c87c67c43
www.cyberark.com/ Name: _gd_session
Value: 23fa601a-0250-441f-8cc3-7227a98578d9
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
www.cyberark.com/ Name: _an_uid
Value: 0
.simpli.fi/ Name: suid
Value: B4082A4C26C84D0EA641EF7EDD85BE07
www.cyberark.com/ Name: dpm_url_count
Value: 1
.cyberark.com/ Name: gpv_c51
Value: https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Fgolden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
.cyberark.com/ Name: s_nr30
Value: 1715299169790-New
.cyberark.com/ Name: s_cc
Value: true
.simpli.fi/ Name: uid_syncd_secure
Value: true
.adnxs.com/ Name: XANDR_PANID
Value: BHdHiJY__ftOH96_m5Q1WalT6kug7jeONGBjRtjog_qrfXsuXpanPLfASFIDFdZgvqnz1c7hxOpKvff0zhosMemwHJdLzMcVQNOmPQW9Iq0.
.adnxs.com/ Name: uuid2
Value: 113004910318121686
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDhxvWxBjABOgS9M-cxQgTGmj6d.9oLa6QiLLXnxXTcDTch6qgrEWYT6KU9Vq0l6nCvMHUc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDhxvWxBjABOgS9M-cxQgTGmj6d.9oLa6QiLLXnxXTcDTch6qgrEWYT6KU9Vq0l6nCvMHUc
www.cyberark.com/ Name: sa-user-id
Value: s%253A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%252FNaZ4%252FprvyJPqinKSMtufiyR6E%252BpueMO%252BP6d4
www.cyberark.com/ Name: sa-user-id-v2
Value: s%253AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
www.cyberark.com/ Name: sa-user-id-v3
Value: s%253AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDhxvWxBjABOgS9M-cxQgTGmj6d.9oLa6QiLLXnxXTcDTch6qgrEWYT6KU9Vq0l6nCvMHUc
.doubleclick.net/ Name: IDE
Value: AHWqTUmrRmp2UZQXNx9eU2BO6qMSfbk02GMF5aKm-wHon-SjA28MIuPWnlIBG6dEyJE
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.bidr.io/ Name: bito
Value: AADkuk7MescAABPcBubmuQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.cyberark.com/ Name: _fbp
Value: fb.1.1715299169961.1268614510
.linkedin.com/ Name: li_sugr
Value: 3bf17f1b-aada-4873-8737-9b003f663dc9
.linkedin.com/ Name: bcookie
Value: "v=2&fbcfe6e8-9977-4e3e-80a6-2574597dd2ac"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3394:u=1:x=1:i=1715299169:t=1715385569:v=2:sig=AQGBXX9KqHVyy-rTcY_mTbg-14gQi9mG"
www.cyberark.com/ Name: drift_campaign_refresh
Value: 7c269af9-a080-4a40-a4ea-c3f438700e5f
.agkn.com/ Name: ab
Value: 0001%3ArXlvqOXKOZwnOupY106MTu5FJOWymYgs
.tapad.com/ Name: TapAd_TS
Value: 1715299170098
.tapad.com/ Name: TapAd_DID
Value: e2f762ef-5ed9-4025-a31a-f676892f6c37
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pro-market.net/ Name: anProfile
Value: "k6ip6ys4xyo6+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0133800920000000000000010+s2=(sd8tb6)+vm=24-B4082A4C26C84D0EA641EF7EDD85BE07"
.pro-market.net/ Name: anHistory
Value: "k6ip6ys4xyo6+2+!#7')#M#:nt"
.linkedin.com/ Name: UserMatchHistory
Value: AQJOjC0M5aRW4QAAAY9fzDdIwoERRNE0XdNohMbbHLT0IQ7oGXfv5_jTmz-uEWBWYTW4fKdA7OhXcg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKc2AUc2YLz7wAAAY9fzDdIbUPBEDKYlFRaHYdKZMm6Ht1O0PuevRZqu2_p6e0y8tZuCCSsiPNwzJP6tc3SCA
.exelator.com/ Name: EE
Value: "89329339df8b44b6e7536611f63d0821"
.agkn.com/ Name: u
Value: C|0AAAAAAAALdAf4gAAAAAA
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHC0tjI0tjYMiXNIsnEJMks1dzU2MzM0DDNzDjFwMLIcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIZEl%252BUWb6IhfXxUUpaQyLSopPBR9f%252FwwAV6kqEg%253D%253D"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240509235930b52527ff-a9b0-40cd-89d0-39fe6d4f694aAQFj7TSR1crec7EbbcvbgtKEnYWSnAk7"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTUyOTkxNzA7MjswMjHsRGulDC/9ED7D8C8rAN2nmQwEdpk70g5Hh7ua8JSewA==
.dpmsrv.com/ Name: dpm_pxl
Value: be2f5c7cbc5f7d8a695d2fb0b5d4bf7075048eb0
.dpmsrv.com/ Name: dpm_pxl_aid
Value: 113004910318121686
www.cyberark.com/ Name: hasLiveRampMatch
Value: true
.bfmio.com/ Name: __141_cid
Value: B4082A4C26C84D0EA641EF7EDD85BE07
.bfmio.com/ Name: __io_cid
Value: 6be9afb4a65ddd921a0dbd55def255af09f0676d
.cyberark.com/ Name: _ga_XTLTD7RKN5
Value: GS1.2.1715299167.1.0.1715299170.57.0.0
www.cyberark.com/ Name: drift_aid
Value: d33a3f82-2a85-4977-b156-e920249aef3b
www.cyberark.com/ Name: driftt_aid
Value: d33a3f82-2a85-4977-b156-e920249aef3b
.bluekai.com/ Name: bku
Value: blx99sBMwVqbULy6
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwD/61eQ0xEHe1MjemeHW1WPOBMxhHDRlHDHWmePYHE9l9y9GIxFe
www.cyberark.com/ Name: dpm_time_site
Value: 2.003
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2E>vu`w$?!EKxF%v.>eJ3rZsFqTVbV5F%G6PZtLV8sOAa2?d>V`K$*axc4Ea9/._aNlmG7CI4^/Jal)!*0qZ(SUc*!+B6gZBuWw
.dpmsrv.com/ Name: xdpm_segsid_62
Value: 20714219
.dpmsrv.com/ Name: xdpm_segs_62
Value:

220 Console Messages

Source Level URL
Text
rendering warning URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.bundle.js
Message:
Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker verbose URL: blob:https://www.cyberark.com/3bbd8ebd-0c0b-41d1-a7fd-b3afa559f149(Line 1)
Message:
Error
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/286320195733404?v=2.9.156&r=c2&domain=www.cyberark.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=B4082A4C26C84D0EA641EF7EDD85BE07
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B4082A4C26C84D0EA641EF7EDD85BE07
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Refused to execute script from 'https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=113004910318121686&pixelIndex=0' because its MIME type ('image/png') is not executable.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/423396.gif?partner_uid=113004910318121686
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.cyberark.com/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

316-czp-275.mktoresp.com
9920016.fls.doubleclick.net
a.dpmsrv.com
aa.agkn.com
alb.reddit.com
assets.adobedtm.com
b.6sc.co
bcp.crwdcntrl.net
c.6sc.co
cdnjs.cloudflare.com
ce.lijit.com
cihost.uberflip.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cnv.event.prod.bidr.io
connect.facebook.net
consent-pref.trustarc.com
consent.trustarc.com
content.cdntwrk.com
cyberark.demdex.net
cyberark.sc.omtrdc.net
cyberark.tt.omtrdc.net
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
dpm.demdex.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.driftt.com
loadm.exelator.com
ml314.com
munchkin.marketo.net
nexus.ensighten.com
ob.segreencolumn.com
obs.segreencolumn.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rtp-static.marketo.com
s.ad.smaato.net
s.dpmsrv.com
secure.adnxs.com
simplifi.partners.tremorhub.com
sjrtp6-cdn.marketo.com
sjrtp6.marketo.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
tags.srv.stackadapt.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.cyberark.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
b.6sc.co
sync.intentiq.com
104.102.38.132
104.16.69.86
104.17.25.14
108.138.26.44
13.107.42.14
13.225.78.35
13.225.78.57
13.225.83.200
13.248.245.213
13.32.99.85
142.250.185.194
142.250.185.232
142.250.186.164
142.250.186.34
142.250.186.46
15.197.193.217
151.101.129.140
172.217.18.6
172.217.23.99
18.194.86.204
18.245.86.77
18.245.86.87
18.66.102.94
185.89.210.180
192.28.146.116
192.28.147.68
2001:4860:4802:32::36
216.58.206.66
23.197.121.18
23.213.161.224
23.37.9.66
2600:1901:0:8eee::
2600:1f18:612b:4232:d117:99ec:4378:1ad4
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:211e:b000:1b:5138:8a40:93a1
2600:9000:2490:e400:18:15b9:5a80:93a1
2600:9000:2491:3a00:2:8f43:5780:93a1
2600:9000:2724:c000:12:53a8:95c0:93a1
2620:1ec:21::14
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c1d::9c
2a02:26f0:3500:14::1724:a244
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:591::1e80
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
3.121.44.8
3.64.79.104
3.71.149.231
34.111.113.62
34.117.77.79
34.246.122.39
34.98.64.218
35.204.74.118
35.204.89.238
35.244.174.68
46.228.174.117
52.19.204.214
52.19.228.126
52.208.77.120
52.21.235.251
52.211.28.170
52.222.236.115
52.48.26.70
54.152.143.121
54.172.64.0
54.78.254.47
63.140.62.27
66.235.152.225
69.173.144.139
0250e8c55348f0165caec330ed0138ccbb65cfe6535abc96fabea630163b3df1
03afb02e177c166a49abff9e8d855ba85a38308e7c0935da168b2b94a257ad65
0623e10825f73d9189d396ac17783eccc55e05af0f92dd84422d2bb8522680ec
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
08330120c6d9d4407fd599bae49187289878c557ed68e58d0e091fd5e1ac6c7f
0ae1d8ff559d265d54750e40737826960c9948d43edfb72b2d33c7fb2dcd3ebb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7520c20a065304f8a12222272ec7ff4de98ee8b1b36ee5e4d625eef2ada435
145a1a4d8bffa0b22d21fdda0c4936ee53accc4404186dc2d576a475b90e16d9
154a6620b90050b965aafdd6cf7c51327026eaef788f4ffc74f489dd965abdc1
19bb468ba17ea560dc3b738083bfdfbe55dea24abc35be5d6889d1bc2fd31182
1ba3a74eb74823f80c522391734fdeafebfbd2f284167568ad17e7d44b1618e3
1e17b5f6d30a928cb9fd9ab42adf8d8954b6b71b114b2c22b88628999e4f4e76
1f150486021d4182821249f13273a7a87862756e2b021e3d19121aaae6a2e09d
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2
234f5e6b36c41a209c87e64949d11927b6360603b94ce3511c53df5bac0f4c26
236381e2317e13613193c1249ff0315bcfce2761c0d7f2f2de4f8480c07d1db4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ea45590cad9715bb9cf550845613d7a9ce53c2f9886f7d7a74228076f05d3d9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5f9d511700318e988d3ef843afc49224162c8bb2435db7b9dc3590f525306f
2fabf85089d70ab869eb260a0b50a8b80358e70765a0a9759921f57584bdc57b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
329eba5224a490e972374a62dd94c61794c440471cc2d40a13a73d6586d7394d
3315068613710cfcc08a1d43d532aec5d37aaa6b78e6b51f1240cdd429652f10
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
3462f453bf2f2cd4d202d9eb2badc0efa57dc326663bee3eaf646b9f453abc40
37e95127d694d4e83ae2a63427d36108b85d8f116879c790c506a4f9dee75199
389d6b9e935175b23d1d1b3d6f72353ff22ffefb462ad4a8ecf9c51a61386b41
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d6606ca76e62fa7fae3020cda808a7b1fa2b9da36c13d619881d47a0b721f9
45aca110620ac12009925cac1e38aa4e71426a2b83ee7f356010069b45539d56
49bdaf43b043fdd5e79f321a889502b341e83fb3d71caa9ec286369bcb205373
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb0c04228dba5578a1eea465369870866c5c604e383ae5470f8ba17d392cde2
51ea05933c6ecb117f63e09cd2578d341622495a6fb9887f5a08935f97fccf9f
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58e71f037f57bcb8965b5582d232e81fe276d9c8e8928b3c7340f42e146f3eb6
59a7a179044a073f8724448ebb09aef58d8874ffcbb4138c3f89482c3ea5db63
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5cbd2c4ce1325baae0fa325bdd95a25a925b094d7e88fc6fcebb834a6906c5b4
5ccd2a2d0cfc8f7b36c238c935a36c751eb306a4f23788a0c6c33eec1a5a2071
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec
5e81401d2a127d7754b03d63b9cf7f3bf22355faa2a0a5f8232f42e4a2de29eb
5eeb76abbd17b81bc8a7f6722be1f0b980897bce2c1fe38bbe9f126573486d25
60f515991307abd345708ae3d50ff9a7751c68c208e2586d992c3c6ff729d6b0
634358d77171f485bb1738fce1bf1e715e2cd0a94b2c4f3d5c6dafccd0d1031a
6356b4d88d6f53df4e5e9e3afbc0122d0b2ff6aa696bcbdea1930b5b54dcbced
65f1a5931b018cd93a01dd8eaf72a21fade81ddb931dffbc2c4fc88d2cffa3a7
66c708b80cab108a2fde84cac9677c07435537bc9d06085ccd1ac80cb93513b4
67916d020980b0b2146bf72b94ac76ba8f60b7258a0c5613ee1b0fe8379ba24c
67e2f25233ffe02ea0a70301e7440e6371d8943ca3f759b1d128b590e7e9419b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6e6098f9e4e64f667bc006876813632d5ac79ac56e5284a95c9c821870907cad
6fe7e313748ef9c88c8bde3bd65111faf8cc408ae3cf0e32274c06a1145b3243
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
71fb86ed96b2a09cb43dcd697dfb60bf4c9cfb1ae4bbee5962f5a23ee228b0a6
723f76e099d5d5b6baccf91c0e57385351bfb02a89b1c96a6e77aa0600d58bbf
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
7633cd7887e2046b023bdbd496e3d087f5c38e823b267e17244c474e00b6c1c1
7759fb03a0bd223abd019f475796910d30a50066a0820c6e227365a45f812318
77eb2efe0ae85775ccaeecec32629254d3d3a3c1ad12abfbe061e754b152cb97
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7b0e7a4bdf115afb8e8c5b9b671b0dc4441236f8cf56906d146b7d46a0ee14a8
7be1b3df507b34b7d05c60510836564455b0f85be0871e96e48201e4947d4cfd
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7ef8a267de455c3a72237bf7db0c97c97e35e52452ff9ece15876d0d60f9c0e9
8078cebf9ab8ba5c0802536ed68317072ca51f1cb5293db16d63f923aad2e011
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84612718201726eaf2d2727d4fcb830519369820f4d8bea485104ad1b6b6912d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
864c44b8b866936ec27dcee84017dbc8ff988248461b1246fbe13f0615a43741
86ccdb948d25950b2b56fa681d1d87e712e5549719d476f355b240fd802f27b5
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
88b4bd1c3c8e9af6516b562e9679955ff48479ee6a5771e97ef425d1c5425e1f
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8aab45b2e3226eb83ceed37f3f622529d0a6ca0a82d8dd9a4d1fb8e46ba84f83
8bd8a746efd5972536245f2f2c6e4213360405be048112ee66e3a2612edb43bf
8dd7a7eeccaaffd8a75ac8a2420ae500376d9f7f652dd8545deebd399bb96cfa
91b7152c2708e116677591b018f23ed2910c747e932f8985b704f1884d807990
93529a0ce0c8cc50f7c71068809419e8e1a3659249ca37cbe189bf80f019b076
9407923b4efec075261261927a4327dffe182bf43eb8d12ca2ac299d73910669
94e3cdd5f056065d29360bb92657b5d0e6ce640a685585e12520c3e27f3d1ba9
94fa9986e84282779b163982fac7dde36adcabd7ae376b82ce764edfccc59894
952f35790a58d6c58cd01db0b7994f8b1e3f2d4328f8dd2ed423c01579d403c6
979b3279da04a0ff858cf6b0e684b11af0411775f9ab8ac8c518ac451856b1d1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a40f95bb955d55c98ba69ab85b2c4722d20119bd8a4825baf3714b9d5871c08
9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52
9e40a5bfef90ed0fadd653d6c28d9e250c1137bed1fe3888ed58fe4a39e3a53b
9e70999bd0ed2afbb2967ca63898c752fc3e66ba8a86a4ac341723be85bb7319
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a117f36dba1eb2100f340bb68f3cc4d4c04d50d8a1d61c36a5d0a682aed9d362
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594
a36681fe4fd06eb0856952cddb2047065db39f00e819dbf0e9715540083f8198
a654dbffdb656aacce15df139a6d2701ccae809fe7baab1ec042714bb6336eb9
ad48841a67a5fe1429379e173147275e4e87794f01df53c9ec53257ebd3b1042
add45a468bcd64e33645f15b1870b5813d1ff1fe97c59cb4bcd9e98fa09c66fe
ae39109580d502f2f8728e062d65bee0d92a4b3f45a02b59deb27a904e056d3a
b06ee181a056d674f14dc07a3cf5eaf2b4f85aa65def46ee9c33cffda18573bb
b122e173fb310c409d02c56e57eea40f1ea470fed839599c902b085d8fdb0129
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f4e6e7c111bd008a79fa50a2f95fd41995df4f1995843910ff407c6e805f24
b5ef7dd34cf17eb441a01a651d089e520dff86ae2337ff95ee079f46a394880a
b62a7cb7330e30caac7fbca43afcfd4f18e2fffd1fa372cab93c625f3d2f3f1a
b65f414221cf068135ffc1d6b5a814da1b1a363325b451698c52a4064303a5bb
b96b944dbdb9c2afcdecae184e3bdc4717c30dc4f5d4624cfd1727461d6569fa
b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34
baba8eacc7c69190a86365e6b229f270cd40c6f145b7d893422134ed156051c5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce8ce0d0f68ceecff66a7d2a6c3dd78fce20c7595f4239a69909d7c5e2c363a
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
c19b2682dab28d44aed0e7ae86f5576e8d2e6b8dcf53dbf2a0ba09c4480fdbdc
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
ce04010f81026943ad5db47aaac761f4ac4103774c970056ec95316d1fd5eaca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf59b9c3eb9ce46a4fa0a9745ca1ffe227c94acb49dc5bcfc8a582c75c202b26
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d4761d421bbf2f059126b9ce4f5e0a9f7bc83b046a58162780a2b9c3ab8c9a56
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d8e6b0fadb1d200690a1b4d03fee88ae1bcdf29b6f73c243308770af3900ecbe
d999840e4597740dd31ed034dca5776a96d92d556d9b30d442c903725a1dc21d
da70aaab22df021fab995b92d471f3e92495729f3c219f5d676c6cae8239b417
da9ff7b06912466abc8c42b979f84706ce896098ab9ea85e81258426db80fdb0
dc93c5b3243e66c7b2e27c51b76fa6a11bd7a6d7546c5fa26bbffa001f885305
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6f5c01e1bc249db3ab75edc80c74d2166f13274feca53dbafc72257e04649e
dfcf469c7a66c6b348b50f9cd98a103da4c6ba969f80fb88ee7fed530315b302
e387300a8c1611a6307b70e53bef9f59f5358236cb79134055c2dae2a317aff3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80cfc6df2f882813f88dcf1175bc0c47e13c0cd8517bc240a65ee6cc758b0f2
e8e7fd76994e9fe7f19af8a2234efc259debc6e67de4ae8bf2f0e7471132bd02
ecceaab7dbf1f1fe1d9065a03b9b9e0f1b54e1f73b7db1c76a91fb2444dc67de
eee6eaf59f3744b188505112ab4f349b8a7bdb5a460a253042a55ce40373bf2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef66e9df572ace7075e22087a9df85a85a3fd11f165b4da3d7881813b9684ccf
f035a6e2e3541df5682ad89576ba1b04abf055a885bc15c67e13a6b906587774
f3b0904c8899b452bd8af15036a36934710ede9a2680e05a7706a82b425cf479
f6305ad97ebc710e618453ab70661972a83d3349a3f31754007f33daffc12f3f
f7812c4e95ca8f1f951f6cdc39e851fa8495343245ee2679697ebdc2acbd76b7
f847142a74e526299a428a2c7a4b2b8e339eeb93c50e05a594a0250bf8f77c91
fb55a062d9f3b704e9d990f6ead8990e01d09a783c47ff13957578a19076518c
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fbc8aabf1c68a4e9a7ceb9467ae3a041db06ae58943eae0982c1435ce1429aef
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe68ada9a3d8295f355417eee75328dc8b09a238e2a2cf2dcbb738d4e5ddc511