www.splunk.com Open in urlscan Pro
2.16.186.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3Br2SvN
Effective URL:
https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Submission: On September 01 via manual (September 1st 2021, 12:46:56 pm UTC) from US

Summary HTTP 315 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 74 IPs in 4 countries across 54 domains to perform 315 HTTP transactions. The main IP is 2.16.186.152, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.splunk.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 22nd 2021. Valid for: a year.

This is the only time www.splunk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	154.50.198.10 154.50.198.10	174 (COGENT-174) (COGENT-174)
2 2	64.13.171.10 64.13.171.10	11404 (AS-WAVE-1) (AS-WAVE-1)
57	2.16.186.152 2.16.186.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
34	52.32.91.113 52.32.91.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f22... 2a03:2880:f22d:1e6:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2600:9000:224... 2600:9000:2240:5a00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
2	3.121.48.255 3.121.48.255	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
14	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.66.107.126 18.66.107.126	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	209.167.231.15 209.167.231.15	7160 (NETDYNAMICS) (NETDYNAMICS)
1	142.0.173.130 142.0.173.130	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	52.31.175.99 52.31.175.99	16509 (AMAZON-02) (AMAZON-02)
2	34.254.140.182 34.254.140.182	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::ac43:dfcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.63 18.66.112.63	16509 (AMAZON-02) (AMAZON-02)
1	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	99.80.169.12 99.80.169.12	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
1	18.66.107.187 18.66.107.187	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.128 18.66.112.128	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.46 18.66.97.46	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.67.80 52.215.67.80	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.121.62 13.32.121.62	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
64	18.66.112.39 18.66.112.39	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.104 18.66.112.104	16509 (AMAZON-02) (AMAZON-02)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
11	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
1	18.66.97.100 18.66.97.100	16509 (AMAZON-02) (AMAZON-02)
2	34.234.150.139 34.234.150.139	14618 (AMAZON-AES) (AMAZON-AES)
315	74

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.50.198.10 (United States) 1 redirects

ASN174 (COGENT-174, US)

dy.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.13.171.10 (United States) 2 redirects

ASN11404 (AS-WAVE-1, US)

amp.splunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2.16.186.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-152.deploy.static.akamaitechnologies.com

www.splunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 52.32.91.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-91-113.us-west-2.compute.amazonaws.com

account.splunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

splunk-blogs.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6852bd05.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2240:5a00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.48.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

tm.vendemore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.vendemore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.126 (United States)

ASN16509 (AMAZON-02, US)

d2hya7iqhf5w3h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.167.231.15 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)
PTR: now.eloqua.com

secure.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.173.130 (United States)

ASN7160 (NETDYNAMICS, US)

secure.p01.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.175.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-99.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.140.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-140-182.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:dfcf (United States)

ASN13335 (CLOUDFLARENET, US)

v2.listenloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.40 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.63 (United States)

ASN16509 (AMAZON-02, US)

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.169.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-169-12.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.187 (United States)

ASN16509 (AMAZON-02, US)

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.128 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.46 (United States)

ASN16509 (AMAZON-02, US)

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.67.80 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-80.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-62.fra60.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.66.112.39 (United States)

ASN16509 (AMAZON-02, US)

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.104 (United States)

ASN16509 (AMAZON-02, US)

pt37ad6f6a.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.100 (United States)

ASN16509 (AMAZON-02, US)

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.150.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-150-139.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	splunk.com 2 redirects amp.splunk.com www.splunk.com account.splunk.com	1 MB
64	driftt.com js.driftt.com	740 KB
14	6sc.co j.6sc.co c.6sc.co b.6sc.co	19 KB
14	disquscdn.com c.disquscdn.com a.disquscdn.com	519 KB
13	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	3 KB
9	gstatic.com www.gstatic.com	969 KB
9	google.com www.google.com apis.google.com	44 KB
7	disqus.com splunk-blogs.disqus.com disqus.com referrer.disqus.com	59 KB
6	googleusercontent.com lh3.googleusercontent.com lh4.googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com	446 KB
5	google-analytics.com www.google-analytics.com	40 KB
5	facebook.com www.facebook.com	514 B
5	cookielaw.org cdn.cookielaw.org	109 KB
5	bizible.com cdn.bizible.com	64 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	2 KB
4	facebook.net connect.facebook.net	182 KB
4	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	6 KB
4	googletagmanager.com www.googletagmanager.com	273 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	7 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	66 KB
3	eloqua.com 1 redirects secure.eloqua.com secure.p01.eloqua.com	1 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
3	bing.com bat.bing.com	9 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
2	bugsnag.com notify.bugsnag.com	113 B
2	sentry.io sentry.io	806 B
2	amazonaws.com pt37ad6f6a.execute-api.us-east-1.amazonaws.com	494 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	cloudfront.net d2hya7iqhf5w3h.cloudfront.net d6tizftlrpuof.cloudfront.net	7 KB
2	adnxs.com secure.adnxs.com ib.adnxs.com	1 KB
2	vendemore.com tm.vendemore.com analytics.vendemore.com	926 B
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
1	driftcdn.com embeds.driftcdn.com	10 KB
1	googleapis.com fonts.googleapis.com	752 B
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	88 B
1	rlcdn.com id.rlcdn.com	66 B
1	usabilla.com w.usabilla.com	16 KB
1	demandbase.com scripts.demandbase.com	16 KB
1	akstat.io 6852bd05.akstat.io	202 B
1	listenloop.com v2.listenloop.com	33 KB
1	zoominfo.com ws.zoominfo.com	205 B
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com	6 KB
1	contentsquare.net t.contentsquare.net	63 KB
1	taboola.com cdn.taboola.com	25 KB
1	licdn.com snap.licdn.com	2 KB
1	onetrust.com geolocation.onetrust.com	224 B
1	bizibly.com cdn.bizibly.com	203 B
1	vidyard.com play.vidyard.com	22 KB
1	dy.si 1 redirects dy.si	720 B
1	bit.ly 1 redirects bit.ly	246 B
315	54

	Domain	Requested by
64	js.driftt.com	www.splunk.com js.driftt.com
57	www.splunk.com	www.splunk.com
34	account.splunk.com	www.splunk.com account.splunk.com
12	b.6sc.co	www.splunk.com
12	c.disquscdn.com	www.splunk.com disqus.com c.disquscdn.com
9	www.gstatic.com	www.google.com
8	www.google.com	account.splunk.com www.gstatic.com
6	metrics.api.drift.com	js.driftt.com
5	www.google-analytics.com	account.splunk.com www.googletagmanager.com www.google-analytics.com
5	www.facebook.com	www.splunk.com c.disquscdn.com connect.facebook.net
5	cdn.cookielaw.org	www.splunk.com cdn.cookielaw.org
5	cdn.bizible.com	www.splunk.com cdn.bizible.com account.splunk.com
4	connect.facebook.net	www.splunk.com connect.facebook.net c.disquscdn.com
4	disqus.com	www.splunk.com splunk-blogs.disqus.com c.disquscdn.com
4	www.googletagmanager.com	www.splunk.com www.googletagmanager.com account.splunk.com
3	bootstrap.api.drift.com	js.driftt.com
3	bat.bing.com	www.googletagmanager.com www.splunk.com
2	event.api.drift.com	js.driftt.com
2	targeting.api.drift.com	js.driftt.com
2	notify.bugsnag.com	www.splunk.com
2	sentry.io	js.driftt.com
2	pt37ad6f6a.execute-api.us-east-1.amazonaws.com	v2.listenloop.com
2	segments.company-target.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	s.amazon-adsystem.com	1 redirects www.splunk.com
2	rum-collector-2.pingdom.net	rum-static.pingdom.net www.splunk.com
2	insight.adsrvr.org	www.splunk.com
2	secure.eloqua.com	1 redirects account.splunk.com
2	a.disquscdn.com	www.splunk.com c.disquscdn.com
2	tr.outbrain.com	www.splunk.com
2	px.ads.linkedin.com	2 redirects
2	rum-static.pingdom.net	www.splunk.com
2	platform.twitter.com	www.splunk.com
2	www.instagram.com	1 redirects www.splunk.com
2	splunk-blogs.disqus.com	www.splunk.com
2	lh4.googleusercontent.com	www.splunk.com
2	lh3.googleusercontent.com	www.splunk.com
2	amp.splunk.com	2 redirects
1	embeds.driftcdn.com	js.driftt.com
1	fonts.googleapis.com	js.driftt.com
1	www.google.de
1	stats.g.doubleclick.net	www.splunk.com
1	id.rlcdn.com
1	api.company-target.com	www.splunk.com
1	vars.hotjar.com	www.splunk.com
1	d6tizftlrpuof.cloudfront.net	www.splunk.com
1	script.hotjar.com	www.splunk.com
1	w.usabilla.com	www.splunk.com
1	c.amazon-adsystem.com	www.splunk.com
1	scripts.demandbase.com	www.splunk.com
1	static.hotjar.com	www.googletagmanager.com
1	fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	6852bd05.akstat.io	s.go-mpulse.net
1	v2.listenloop.com	www.splunk.com
1	referrer.disqus.com	www.splunk.com
1	secure.p01.eloqua.com	account.splunk.com
1	apis.google.com	c.disquscdn.com
1	analytics.vendemore.com	www.splunk.com
1	ib.adnxs.com	www.splunk.com
1	d2hya7iqhf5w3h.cloudfront.net	www.splunk.com
1	c.6sc.co	www.splunk.com
1	secure.adnxs.com	www.splunk.com
1	px4.ads.linkedin.com	www.splunk.com
1	www.linkedin.com	1 redirects
1	amplify.outbrain.com	www.splunk.com
1	ws.zoominfo.com	www.splunk.com
1	j.6sc.co	www.splunk.com
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	www.splunk.com
1	tm.vendemore.com	www.splunk.com
1	js.adsrvr.org	www.googletagmanager.com
1	t.contentsquare.net	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	syndication.twitter.com	platform.twitter.com
1	geolocation.onetrust.com	www.splunk.com
1	cdn.bizibly.com	www.splunk.com
1	c.go-mpulse.net	www.splunk.com
1	s.go-mpulse.net	www.splunk.com
1	platform.instagram.com	1 redirects
1	lh6.googleusercontent.com	www.splunk.com
1	lh5.googleusercontent.com	www.splunk.com
1	play.vidyard.com	www.splunk.com
1	dy.si	1 redirects
1	bit.ly	1 redirects
315	87

This site contains links to these domains. Also see Links.

Domain
answers.splunk.com
conf.splunk.com
dev.splunk.com
docs.splunk.com
splunkbase.splunk.com
splunklive.splunk.com
usergroups.splunk.com
aws.amazon.com
msrc.microsoft.com
github.com
twitter.com
hashcat.net
blog.cobaltstrike.com
cve.mitre.org
docs.microsoft.com
www.facebook.com
www.slideshare.net
www.instagram.com
www.linkedin.com
www.youtube.com
www.mylogocloud.com

Subject Issuer	Validity	Valid
www.splunk.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-04-27`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
account.splunk.com DigiCert SHA2 Secure Server CA	`2019-08-26` - `2021-10-29`	2 years	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.pingdom.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
t.contentsquare.net Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.vendemore.com Trusted Secure Certificate Authority 5	`2020-02-20` - `2022-02-19`	2 years	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.p01.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-15` - `2022-03-18`	a year	crt.sh
*.eloqua.com DigiCert SHA2 Secure Server CA	`2019-12-23` - `2021-12-22`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
w.usabilla.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Frame ID: 0D86C7DE8978FF75613D86FA547A3007
Requests: 151 HTTP requests in this frame

Frame: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Frame ID: 54FCB6223BDC2FE59535FB7B7818EB27
Requests: 42 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.splunk.com
Frame ID: B24730FD1BD69EE995AFB4E86FEE4460
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
Frame ID: 3389E00B7B78AA605438D61A5B8B31C6
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=sszngotysqp4
Frame ID: D03BD472DEAB903AC31E54EBA777F247
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=3rzvzmkord9c
Frame ID: ED1D5D2F03361EEA82A5D4C8EC181736
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=qmifwmod12k9
Frame ID: AEF7A3C83B2E8FA27E45BA3AF5A8C47F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=2nw0qmtw9elx
Frame ID: 0F0BE7183AED8C82AD795E20BAF7805E
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=65d5w9m&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=zfbopfz&upv=1.1.0
Frame ID: 6DF3D69880EB1B92FD4EE90DDF6DB609
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=afx4zne&upv=1.1.0
Frame ID: BAFCEDF361326651E3D7B24830B9280C
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/26b58e1d9d1d.js?lv=1
Frame ID: A3CCD6F0A49937DB312B2B16FD03FF7A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525&dcc=t
Frame ID: 7917B4B9E6C9C7E87517FDE61B4E5F99
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
Frame ID: 731656C4B670C2420E83D716B86920BD
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: F8B85E31AA0F2FA890241DA0D8E46403
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
Frame ID: D711CCBE3A03D37BABB74B791DBF98DB
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
Frame ID: 9F6AFA846709E52DD654192601E2063C
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detecting SeriousSAM CVE-2021-36934 With Splunk | Splunk

Page URL History Show full URLs

https://bit.ly/3Br2SvN HTTP 301
https://dy.si/mV4KF HTTP 302
https://amp.splunk.com/Article/Redirect/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861... HTTP 302
https://amp.splunk.com/member/post/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861b-4ec... HTTP 302
https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

315
Requests

100 %
HTTPS

43 %
IPv6

54
Domains

87
Subdomains

74
IPs

4
Countries

5368 kB
Transfer

12533 kB
Size

27
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://answers.splunk.com/index.html
Title: Answers

Search URL Search Domain Scan URL

URL: https://conf.splunk.com/
Title: .conf

Search URL Search Domain Scan URL

URL: https://dev.splunk.com/
Title: Developers

Search URL Search Domain Scan URL

URL: https://docs.splunk.com/Documentation
Title: Documentation

Search URL Search Domain Scan URL

URL: https://splunkbase.splunk.com/
Title: Splunkbase

Search URL Search Domain Scan URL

URL: https://splunklive.splunk.com/
Title: SplunkLive!

Search URL Search Domain Scan URL

URL: https://usergroups.splunk.com/
Title: User Groups

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/marketplace/saas/pp/B06XK299KV?ref=_splunk_awspartnerpage
Title: Learn More

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934
Title: CVE-2021-36934

Search URL Search Domain Scan URL

URL: https://github.com/GossiTheDog/HiveNightmare
Title: C

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog
Title: Kevin Beaumont

Search URL Search Domain Scan URL

URL: https://github.com/FireFart/hivenightmare
Title: Go

Search URL Search Domain Scan URL

URL: https://twitter.com/firefart
Title: Christian Mehlmauer

Search URL Search Domain Scan URL

URL: https://hashcat.net/hashcat/
Title: hashcat

Search URL Search Domain Scan URL

URL: https://blog.cobaltstrike.com/2015/05/21/how-to-pass-the-hash-with-mimikatz/
Title: PassTheHash

Search URL Search Domain Scan URL

URL: https://github.com/byt3bl33d3r/CrackMapExec
Title: crackmapexec

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36934
Title: NIST

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/audit-file-system
Title: File System auditing

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4663
Title: 4663

Search URL Search Domain Scan URL

URL: https://splunkbase.splunk.com/app/3449/
Title: Security Content

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/delete_shadowcopy_with_powershell.yml
Title: Delete ShadowCopy With PowerShell

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/credential_dumping_via_symlink_to_shadow_copy.yml
Title: Credential Dumping via Symlink to Shadow Copy

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/creation_of_shadow_copy_with_wmic_and_powershell.yml
Title: Creation of Shadow Copy with wmic and powershell

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/creation_of_shadow_copy.yml
Title: Creation of Shadow Copy

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/credential_dumping_via_copy_command_from_shadow_copy.yml
Title: Credential Dumping via Copy Command from Shadow Copy

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/deleting_shadow_copies.yml
Title: Deleting Shadow Copies

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/extract_sam_from_registry.yml
Title: Extract SAM from registry

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/detect_copy_of_shadowcopy_with_script_block_logging.yml
Title: Detect Copy of ShadowCopy with Script Block Logging

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content/blob/develop/detections/endpoint/sam_database_file_access_attempt.yml
Title: SAM Database File Access Attempt

Search URL Search Domain Scan URL

URL: https://twitter.com/mvelazco
Title: Mauricio Velazco

Search URL Search Domain Scan URL

URL: https://twitter.com/M_haggis
Title: Michael Haag

Search URL Search Domain Scan URL

URL: https://twitter.com/BlackMatter23
Title: Vadim Khrykov

Search URL Search Domain Scan URL

URL: https://github.com/splunk/attack_data/
Title: Attack Data repository

Search URL Search Domain Scan URL

URL: https://github.com/splunk/security_content
Title: Splunk Security Content

Search URL Search Domain Scan URL

URL: https://twitter.com/splunk
Title: @Splunk

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkanswers
Title: @splunkanswers

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkdev
Title: @splunkdev

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkUK
Title: @SplunkUK

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkDE
Title: @SplunkDE

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkGov
Title: @SplunkGov

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkforgood
Title: @SplunkforGood

Search URL Search Domain Scan URL

URL: https://twitter.com/splunkdocs
Title: @SplunkDocs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/splunk
Title: Like us on Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/splunkuniversityjobs
Title: Like Splunk University on Facebook

Search URL Search Domain Scan URL

URL: https://www.slideshare.net/Splunk
Title: Follow us on SlideShare

Search URL Search Domain Scan URL

URL: https://www.instagram.com/splunk/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/splunk
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/-conf-splunk-worldwide-users%27%E2%80%8B-conference/
Title: Follow .conf on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/splunkvideos
Title: Subscribe to our Channel

Search URL Search Domain Scan URL

URL: https://www.mylogocloud.com/splunk
Title: T-Shirt Store

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3Br2SvN HTTP 301
https://dy.si/mV4KF HTTP 302
https://amp.splunk.com/Article/Redirect/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861b-4ecf-a7d9-7f7c7f08186d&f=51285 HTTP 302
https://amp.splunk.com/member/post/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861b-4ecf-a7d9-7f7c7f08186d&f=51285 HTTP 302
https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 132

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1630500397681%26url%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync=true&e_ipv6=AQL4isJ9fHU1JAAAAXuhZaP9YezflwqaU0Q-L8iPjv6G2kOTlPnF9islxji-7hIjRixsE0Dt

Request Chain 166

https://secure.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192 HTTP 302
https://secure.p01.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192&elqCookie=1

Request Chain 199

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5v9nnxqp HTTP 302
https://lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 200

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5v9nnxqp HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 208

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525&dcc=t

Request Chain 213

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw&verifyHash=229a259ebaea63a40e777a3e820d75e07fb2a819

315 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request detecting-serioussam-cve-2021-36934-with-splunk.html Show response
www.splunk.com/en_us/blog/security/
Redirect Chain

https://bit.ly/3Br2SvN
https://dy.si/mV4KF
https://amp.splunk.com/Article/Redirect/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861b-4ecf-a7d9-7f7c7f08186d&f=51285
https://amp.splunk.com/member/post/66291cdb-34ce-4111-aa81-d9e5ccc5e048?uc=4264&g=1125d282-861b-4ecf-a7d9-7f7c7f08186d&f=51285
https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

84 KB
21 KB

1380ms
1326ms

Document
text/html

2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ed1e4d7cf32603c39371895cb056cddbd14762d7fe10d074506ae87758574cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.splunk.com
:scheme: https
:path: /en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
server: Apache
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
last-modified: Wed, 01 Sep 2021 12:46:35 GMT
accept-ranges: bytes
content-encoding: gzip
serverid: prod-web02
x-akamai-transformed: 9 16210 0 pmb=mNONE,1mRUM,2
cache-control: max-age=3600
expires: Wed, 01 Sep 2021 13:46:35 GMT
date: Wed, 01 Sep 2021 12:46:35 GMT
content-length: 19668
vary: Accept-Encoding
set-cookie: AKA_A2=A; expires=Wed, 01-Sep-2021 13:46:35 GMT; path=/; domain=splunk.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=33 origin; dur=1265
x-akam-sw-version: 0.5.0
link: <https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_rg.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_bd.woff2>;rel="preload";as="font";type="font/woff2";crossorigin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Date: Wed, 01 Sep 2021 12:46:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 234
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: report-uri https://sentry.io/api/1479396/security/?sentry_key=ebff80a744024d8a8f5630df4ea55e5d&sentry_environment=PROD&sentry_release=2021-8-21-1; script-src 'self' static.dynamicsignal.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com translate.google.com *.googleapis.com *.cloudfront.net cdnjs.cloudflare.com platform.twitter.com connect.facebook.net assets.adobedtm.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' static.dynamicsignal.com *.cloudfront.net *.googleapis.com maxcdn.bootstrapcdn.com 'unsafe-inline'; font-src * data: blob:; img-src * data: blob:; media-src * data: blob:; frame-src 'self' www.youtube.com platform.twitter.com www.facebook.com reg.voicestorm.com reg-eu.voicestorm.com reg.voicestorm.biz reg.dynamicsignal.com; manifest-src *; connect-src 'self' static.dynamicsignal.com api.dynamicsignal.com www.googletagmanager.com www.google-analytics.com ssl.google-analytics.com translate.google.com *.googleapis.com *.cloudfront.net *.doubleclick.net platform.twitter.com connect.facebook.net assets.adobedtm.com *.sentry.io sentry.io olivia.paradox.ai gateway.zscloud.net relay.voicestorm.com relay-eu.voicestorm.com relay.voicestorm.biz relay.dynamicsignal.com freq.voicestorm.com freq-eu.voicestorm.com freq.voicestorm.biz freq.dynamicsignal.com api.voicestorm.com api-eu.voicestorm.com api.voicestorm.biz api.dynamicsignal.com apigateway.voicestorm.com apigateway-eu.voicestorm.com apigateway.voicestorm.biz apigateway.dynamicsignal.com streaming.voicestorm.com:* streaming-eu.voicestorm.com:* streaming.voicestorm.biz:* streaming.dynamicsignal.com:*
Set-Cookie: articleShareClick=%7B%22articleId%22%3A%2266291cdb-34ce-4111-aa81-d9e5ccc5e048%22%2C%22userChannelId%22%3A%224264%22%7D; Path=/ g=1125d282-861b-4ecf-a7d9-7f7c7f08186d; Path=/; Expires=Thu, 01 Sep 2022 12:46:34 GMT; Secure c=51285; Path=/; Expires=Thu, 01 Sep 2022 12:46:34 GMT; Secure
Location: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Vary: Accept
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 splunkdatasans_w_rg.woff2
www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/ 21 KB
21 KB 120ms
119ms Font
font/woff2 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_rg.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dc6dc98cca0dd4df6b20f3813bb9f7da0b6bf8e0abb42653c0ee673880caecfd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.splunk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AKA_A2=A
:path: /etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_rg.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.splunk.com
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-type-options: nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 21052
last-modified: Thu, 19 Aug 2021 01:49:53 GMT
server: Apache
date: Wed, 01 Sep 2021 12:46:35 GMT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:35 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 splunkdatasans_w_bd.woff2
www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/ 21 KB
21 KB 198ms
198ms Font
font/woff2 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_bd.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6607d39e43283ed0bb6e98c94d643344392be4086426e171c96df8a3ac1f40b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.splunk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AKA_A2=A
:path: /etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_bd.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.splunk.com
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-type-options: nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 21288
last-modified: Thu, 19 Aug 2021 01:28:35 GMT
server: Apache
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 43ms
7ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 21:51:57 GMT
server: ECS (frb/67F3)
age: 53848
etag: "cf369097c49ad71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32240

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 68 KB
22 KB 38ms
7ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2cfbaf00389c46d0932a468d40fb396ef3be12ae61fc25e9704166dffed05b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 1504
x-cache: HIT
x-cache-hits: 4
content-length: 22323
x-served-by: cache-hhn4061-HHN
x-china: 0
last-modified: Wed, 30 Jun 2021 17:50:59 GMT
etag: "e84128e3a77de6f3b8683a333fb471c5"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dist.7785ad4adce2333e3639a33d02b5a5c7.css
www.splunk.com/etc/clientlibs/splunk/splunk-blogs/ 592 KB
50 KB 309ms
308ms Stylesheet
text/css 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f58162bf3734c1a14fe6dd096b9398fe00ce1d8b9d89490ac562c7200f1da44c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 50718
last-modified: Fri, 27 Aug 2021 04:04:51 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: text/css
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 jquery.0811b5e7037ada110b591bbd86240386.js Show response
www.splunk.com/etc.clientlibs/clientlibs/granite/ 288 KB
72 KB 411ms
410ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery.0811b5e7037ada110b591bbd86240386.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e6f237d757cba8f53fb2b91b9a57f2584afe694f3a7448da1bf479e24291fe71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc.clientlibs/clientlibs/granite/jquery.0811b5e7037ada110b591bbd86240386.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 73086
last-modified: Mon, 30 Aug 2021 07:05:22 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 utils.7d1c4e1c54f4b3bce718f5d6a06ffd06.js Show response
www.splunk.com/etc.clientlibs/clientlibs/granite/ 47 KB
9 KB 446ms
445ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc.clientlibs/clientlibs/granite/utils.7d1c4e1c54f4b3bce718f5d6a06ffd06.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

446cb2c77c2807618caf4de745e133e0893780c448f2ce8b1b0266f08f9dfc83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc.clientlibs/clientlibs/granite/utils.7d1c4e1c54f4b3bce718f5d6a06ffd06.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 8846
last-modified: Mon, 30 Aug 2021 21:57:48 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 granite.ed0d934d509c9dab702088c125c92b4f.js Show response
www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/ 10 KB
3 KB 466ms
465ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 2406
last-modified: Tue, 31 Aug 2021 00:43:23 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 jquery.d7602973233c4c7f80959aa5a7f2f4af.js Show response
www.splunk.com/etc.clientlibs/foundation/clientlibs/ 456 B
856 B 483ms
483ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc.clientlibs/foundation/clientlibs/jquery.d7602973233c4c7f80959aa5a7f2f4af.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6eb49924917abab026f80173e564b79d6e1b49b33b88052523ea8d1c6572f6a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc.clientlibs/foundation/clientlibs/jquery.d7602973233c4c7f80959aa5a7f2f4af.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 240
last-modified: Fri, 27 Aug 2021 06:29:39 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 clientlibs.3cf9c61ade4978db0e6e55e07ea59f38.js Show response
www.splunk.com/etc.clientlibs/splunk-blogs/components/structure/generalpage/ 2 KB
1 KB 503ms
503ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc.clientlibs/splunk-blogs/components/structure/generalpage/clientlibs.3cf9c61ade4978db0e6e55e07ea59f38.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b580df40c699ad6dab76b1cb016768fc00a127373ac9798c4c3ccc45da5747d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc.clientlibs/splunk-blogs/components/structure/generalpage/clientlibs.3cf9c61ade4978db0e6e55e07ea59f38.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 694
last-modified: Fri, 27 Aug 2021 03:51:30 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 splunk-logo.svg
www.splunk.com/content/dam/splunk-blogs/images/logos/ 4 KB
2 KB 247ms
238ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/logos/splunk-logo.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1514407cddcffb22e626d44e54c991867fd7b0ef049f6bbb351b5aa63baf32de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/logos/splunk-logo.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=17
content-length: 1320
last-modified: Thu, 26 Aug 2021 22:19:52 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 bulletins.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 413 B
868 B 271ms
263ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/bulletins.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6798de40afe480118095723fd5f271bdb3f0f68c016f2577d07b31eb5fdcabd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/bulletins.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=14
content-length: 252
last-modified: Fri, 27 Aug 2021 10:34:27 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 conf-splunklive.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 404 B
871 B 271ms
263ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/conf-splunklive.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e68397409b6b008cdef8f3599dfb8ade0dd313d7224e01f7fb275e5f2ee02ee3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/conf-splunklive.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 254
last-modified: Mon, 30 Aug 2021 04:10:31 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 customers.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 485 B
894 B 335ms
327ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/customers.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

000e439e8f79b03ddd5167adc0d2e4b80be8909bde10ab18cff49a75b097609f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/customers.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=9
content-length: 277
last-modified: Fri, 27 Aug 2021 18:34:29 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 devops.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 546 B
912 B 360ms
352ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/devops.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2dfcf694584572c4821314335932799b57ecbd8cfe2da750d1da364048a9b49b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/devops.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 295
last-modified: Fri, 27 Aug 2021 00:34:28 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 industries.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 676 B
960 B 385ms
377ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/industries.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cd567d559140ef12751fc613cabdc8f54330ed637d48db3ec0614fffd2f6881e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/industries.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=7
content-length: 343
last-modified: Thu, 26 Aug 2021 22:15:40 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 it.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 1 KB
1 KB 406ms
397ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/it.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d16940d9061536573db2fdf2692f6d0883234c0aeb28b01f27926582812eecf2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/it.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=7
content-length: 536
last-modified: Fri, 27 Aug 2021 09:59:47 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 leadership.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 320 B
843 B 422ms
414ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/leadership.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1e712e8649388c67feb0ee14fb1aab8cb8650c73c1e623bb87f310be53f1c18a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/leadership.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=6
content-length: 227
last-modified: Fri, 27 Aug 2021 02:56:48 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 partners.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 790 B
1017 B 437ms
429ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/partners.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

466be68639e937dbf5be69a5d87308accb475de7ed3da6aeeb2a1a08f6f69703

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/partners.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=2
content-length: 401
last-modified: Mon, 30 Aug 2021 22:00:45 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 platform.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 669 B
925 B 450ms
442ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/platform.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f7b1469431f25e4b25a093871206e5556b46cbc861bf06f68c74576e47687712

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/platform.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=3
content-length: 308
last-modified: Tue, 31 Aug 2021 04:37:09 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 security.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 481 B
876 B 465ms
458ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/security.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

dc4f3b74407a50a874b33ae79c4055c5f646737cfb44c2fb46ea28f827c17a53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/security.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=3
content-length: 260
last-modified: Thu, 26 Aug 2021 23:23:46 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 splunk-for-good.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 367 B
824 B 482ms
474ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/splunk-for-good.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

60db1a4206175e1067d82b3a28e8fcd7a79e63baf32519c99eaadc7fbecd43de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/splunk-for-good.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 208
last-modified: Thu, 19 Aug 2021 02:00:31 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 splunklife.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 491 B
900 B 498ms
491ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/splunklife.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8470410d86aeb687b8a27ecf99ea5ce7db33779120a7cd9a4c5134a4815df720

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/splunklife.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 283
last-modified: Mon, 30 Aug 2021 11:55:02 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 tips-and-tricks.svg
www.splunk.com/content/dam/splunk-blogs/images/category/ 391 B
893 B 521ms
513ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/category/tips-and-tricks.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

23a38506dda87396bc5e047c17a17d94ced462d21aa561593f5a08e28646036b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/category/tips-and-tricks.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=8
content-length: 276
last-modified: Mon, 30 Aug 2021 22:01:12 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:36 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 spot-light-promo-cloud-on-AWS.jpg
www.splunk.com/content/dam/splunk2/images/spotlight/ 21 KB
22 KB 521ms
514ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/spotlight/spot-light-promo-cloud-on-AWS.jpg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c177c3583ed4eaaa84d4df2c0e6e49fefe4ab5e8b0a67f1d5fba9f2465c546af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/spotlight/spot-light-promo-cloud-on-AWS.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 00:39:39 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1511651
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 21800
expires: Sun, 19 Sep 2021 00:40:47 GMT

GET
H2 200 dmerritt.thumb.png
www.splunk.com/content/splunk-blogs/en_us/author/ 1 KB
2 KB 543ms
536ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/splunk-blogs/en_us/author/dmerritt.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

97f36feba7ded66fc58d4d937531bceb544849852d17c4a371872bb314288281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/splunk-blogs/en_us/author/dmerritt.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 21:13:55 GMT
x-serial: 724
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=462444
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1262
server: Akamai Image Manager
expires: Mon, 06 Sep 2021 21:14:00 GMT

GET
H2 200 teresa-carlson.jpg.thumb.png
www.splunk.com/content/dam/splunk2/images/photos/leadership/ 1 KB
2 KB 568ms
561ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/photos/leadership/teresa-carlson.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

475cea02c3f3978917f6ef7dfd022040aa3c012aed8853b16d936d3ff162f9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/photos/leadership/teresa-carlson.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Aug 2021 20:50:08 GMT
x-serial: 1301
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=2361926
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1352
server: Akamai Image Manager
expires: Tue, 28 Sep 2021 20:52:02 GMT

GET
H2 200 Sabino.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/authors/ 840 B
1 KB 588ms
582ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/authors/Sabino.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

734f5195412674e394bbdc5499cf0f2b0d1227d58fa25e814dff2e4ee2e062bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/authors/Sabino.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Aug 2021 20:40:03 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=719690
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 840
expires: Thu, 09 Sep 2021 20:41:26 GMT

GET
H2 200 krobinson.thumb.png
www.splunk.com/content/splunk-blogs/en_us/author/ 2 KB
2 KB 605ms
599ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/splunk-blogs/en_us/author/krobinson.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c092ee6cd5306cfd6dc560b374001fe6ffe15072bd8645f9ebe7e6ed7c211ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/splunk-blogs/en_us/author/krobinson.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Aug 2021 20:41:46 GMT
x-serial: 251
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=2361219
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1938
server: Akamai Image Manager
expires: Tue, 28 Sep 2021 20:40:15 GMT

GET
H2 200 ssellakumar_square.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 1020 B
1 KB 625ms
618ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ssellakumar_square.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

1fd9a028ac776cc238827cc6833a1e8bc5a6cdb91ecc0af1eed5bd6c1303588f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/ssellakumar_square.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 21:15:55 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=462579
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1020
expires: Mon, 06 Sep 2021 21:16:15 GMT

GET
H2 200 janew.jpeg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 2 KB
2 KB 646ms
640ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/janew.jpeg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

fad978fe258d74543c5d3800b056227b79aa47be68ebc3e7e7de88b815b1efac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/janew.jpeg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Aug 2021 20:44:28 GMT
x-serial: 721
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=2361544
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1596
server: Akamai Image Manager
expires: Tue, 28 Sep 2021 20:45:41 GMT

GET
H2 200 btalbot.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 2 KB
2 KB 667ms
661ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/btalbot.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

eed8464673a9058cfc7c31d37b305cf88f4e4f699c08122df808b385a0aaefb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/btalbot.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 21:21:27 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=462877
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 2272
expires: Mon, 06 Sep 2021 21:21:14 GMT

GET
H2 200 jvida.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 1 KB
2 KB 680ms
674ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/jvida.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

aecdb7a35542d5211989ef71161407bec15dc50581ba58c26340fd63abbb5986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/jvida.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Aug 2021 17:46:39 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2350793
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1464
expires: Tue, 28 Sep 2021 17:46:30 GMT

GET
H2 200 mmaier.thumb.png
www.splunk.com/content/splunk-blogs/en_us/author/ 1 KB
1 KB 697ms
691ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/splunk-blogs/en_us/author/mmaier.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

13af0b05403aedeb55f66c108c35903e370da8a769a8cb685ecc21b6409e14ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/splunk-blogs/en_us/author/mmaier.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 20:37:31 GMT
x-serial: 223
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=460193
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1200
server: Akamai Image Manager
expires: Mon, 06 Sep 2021 20:36:30 GMT

GET
H2 200 kriss_%20deiglmeier_headshot.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 2 KB
2 KB 727ms
722ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/kriss_%20deiglmeier_headshot.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9e3566cd6b093f5f0dcd67091cd970bbadf1d3f74d9c4ad376de912ca6401586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/kriss_%20deiglmeier_headshot.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 20:57:55 GMT
x-serial: 677
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=461370
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 2096
server: Akamai Image Manager
expires: Mon, 06 Sep 2021 20:56:07 GMT

GET
H2 200 wemmett.thumb.png
www.splunk.com/content/splunk-blogs/en_us/author/ 648 B
915 B 756ms
751ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/splunk-blogs/en_us/author/wemmett.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

30a04395c8f97783c2d8db643d70d27b604a05fb0b3f335f4360d90a6d085a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/splunk-blogs/en_us/author/wemmett.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 20:40:24 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=460334
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 648
expires: Mon, 06 Sep 2021 20:38:51 GMT

GET
H2 200 rogner.jpg.thumb.png
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 2 KB
2 KB 775ms
770ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/rogner.jpg.thumb.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d22337394156ababc7cbdad71a90029966d63ee212816cbe0b0ee6bea09f119e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/rogner.jpg.thumb.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Aug 2021 21:06:29 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=461942
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1580
expires: Mon, 06 Sep 2021 21:05:39 GMT

GET
H2 200 spot-light-promo-ebook-machine-data.jpg
www.splunk.com/content/dam/splunk2/images/spotlight/ 23 KB
23 KB 790ms
785ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/spotlight/spot-light-promo-ebook-machine-data.jpg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d8293bddc96964fff1b7f49dc8c07ee9c895a0b8ca9ef60c6e0a6d26743b30f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/spotlight/spot-light-promo-ebook-machine-data.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 00:39:56 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1511667
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 23712
expires: Sun, 19 Sep 2021 00:41:04 GMT

GET
H2 200 xcomponent.min.js Show response
account.splunk.com/sign-up/js/ 112 KB
112 KB 557ms
174ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/xcomponent.min.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: e42532e83267013b5acc8ab673387497d38f40000458df33974517f4fc621627

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1beb9"
content-length: 114361
content-type: application/javascript

GET
H2 200 splunk-xcomponent.js Show response
account.splunk.com/sign-up/js/ 4 KB
4 KB 538ms
175ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/splunk-xcomponent.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: c3b8af75d42666f38b4eafc7c7e8bf46f8eb7f1dd252894a35233de576c8e706

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-10c8"
content-length: 4296
content-type: application/javascript

GET
H2 200 jquery_cookie.js Show response
www.splunk.com/etc/clientlibs/splunk/splunk-core/source/js/vendor/ 3 KB
2 KB 49ms
40ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/js/vendor/jquery_cookie.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-core/source/js/vendor/jquery_cookie.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1095
last-modified: Tue, 31 Aug 2021 10:37:47 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 mobile-detect.min.js Show response
www.splunk.com/etc/clientlibs/splunk/splunk-com/source/js/ 38 KB
14 KB 76ms
68ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-com/source/js/mobile-detect.min.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8ec77a1853805bdfbb8cacabd892a59b3c1058a234b1d16a03453067e2c038e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-com/source/js/mobile-detect.min.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 13523
last-modified: Sat, 28 Aug 2021 12:22:10 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 cx-form-iphone-fix.js Show response
www.splunk.com/etc/clientlibs/splunk/splunk-com/source/js/ 2 KB
1 KB 108ms
100ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-com/source/js/cx-form-iphone-fix.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

43a231bcfdb6728631a2e91c7729966338effd9b2dbca6b02478e8eac43190cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-com/source/js/cx-form-iphone-fix.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 541
last-modified: Thu, 19 Aug 2021 02:14:15 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 securityresearch_main.jpg
www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/ 4 KB
4 KB 810ms
805ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/author-profile-pics/securityresearch_main.jpg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

30528b40f9dae32fc1eccf7d9dc797846727f46fc594b0cf2d7858b163a7754f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/author-profile-pics/securityresearch_main.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Aug 2021 10:17:27 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=163915
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 4018
expires: Fri, 03 Sep 2021 10:18:32 GMT

GET
H2 200 WheuqRX8t_IefmYsED4pvh09g28QC-ijNEmfujq0igeF_J3HoUYlXtxpHsOrN3DSmHuww7NyWWrCzUkv7FiMANxFPhkec6-F3WNaigEgMVzDLwKZNcthN1obzPAMqbY9mWQp_29a
lh3.googleusercontent.com/ 38 KB
39 KB 201ms
176ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WheuqRX8t_IefmYsED4pvh09g28QC-ijNEmfujq0igeF_J3HoUYlXtxpHsOrN3DSmHuww7NyWWrCzUkv7FiMANxFPhkec6-F3WNaigEgMVzDLwKZNcthN1obzPAMqbY9mWQp_29a

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a2aea7a6c61af6af8289262b11a012e8e819c6fcdd1fabc0c58c8b7ef5c612ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="image (5).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39136
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Aug 2021 02:36:57 GMT

GET
H2 200 40-8pV2Jd41oF-kf4txpGbV8DWY-q4hGpekF8q6BCE-bXl19ecg3fjY1aprDcEjmzT_oP36NnJgYJD1-XuUyVYD_g9KNdvIkOqgFfPUYWOMzPf82wieYbOvz9gPXeP5IWF4ISU0x
lh4.googleusercontent.com/ 36 KB
37 KB 195ms
168ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/40-8pV2Jd41oF-kf4txpGbV8DWY-q4hGpekF8q6BCE-bXl19ecg3fjY1aprDcEjmzT_oP36NnJgYJD1-XuUyVYD_g9KNdvIkOqgFfPUYWOMzPf82wieYbOvz9gPXeP5IWF4ISU0x

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31ee11fe7b4620a4be9ed27586ffbbf4d6d070ea2a529c98a57d2813f06854a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37055
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:46:36 GMT

GET
H2 200 ZnR4rJ4Q2hInsTvx6b03p8gPqshPOxm51ml15lExQtdRbI8nS9-5vJPPdwkOLP_-LEfs19S9LE3ZshUMgmCdalvIDoxlF92OiEp3swGY9MXOL4S3GBiZIjEg9wz0s29FMIXGBy2q
lh5.googleusercontent.com/ 68 KB
68 KB 242ms
215ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/ZnR4rJ4Q2hInsTvx6b03p8gPqshPOxm51ml15lExQtdRbI8nS9-5vJPPdwkOLP_-LEfs19S9LE3ZshUMgmCdalvIDoxlF92OiEp3swGY9MXOL4S3GBiZIjEg9wz0s29FMIXGBy2q

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

68ecfbc7d97755b216c866e5f212c8e279618387ca200d72f043c1d397fb1e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69510
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:46:36 GMT

GET
H2 200 XtJwru5YcqpWtRtMW8Yw9LtoAhkh5kwb9ewJVdpjtUegWwPKR_QJgkcIjelBIcHENrS5QOkVXy_NeDLHdsqocZ3bs9Fj35rjG5fAUMKiRhHtYpqBNqcW01IZealGb4znJZRepYPV
lh6.googleusercontent.com/ 79 KB
79 KB 194ms
167ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/XtJwru5YcqpWtRtMW8Yw9LtoAhkh5kwb9ewJVdpjtUegWwPKR_QJgkcIjelBIcHENrS5QOkVXy_NeDLHdsqocZ3bs9Fj35rjG5fAUMKiRhHtYpqBNqcW01IZealGb4znJZRepYPV

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

50cc4b9463710100e2323f72d43a57cc7a7bd100e09906adf085b760cf1967b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80385
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:46:36 GMT

GET
H2 200 wxKNsPJPHbgQjrb4b00mPGsM-k6Z0SBtDLM006FN453NmL40epMCss37vlsACbsNwLhjWxVZrbfBkEirIC8OvL7DkbTUT5rF9FNemdgv0HuTC2dwx53JXD9-2g1zCGn2W_yrzdlu
lh4.googleusercontent.com/ 97 KB
97 KB 202ms
175ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/wxKNsPJPHbgQjrb4b00mPGsM-k6Z0SBtDLM006FN453NmL40epMCss37vlsACbsNwLhjWxVZrbfBkEirIC8OvL7DkbTUT5rF9FNemdgv0HuTC2dwx53JXD9-2g1zCGn2W_yrzdlu

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dc3afb1e0dd017bf660627f1c1ff44b8f32d65cb8105c2e883cd10e980e8d4cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99626
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:46:36 GMT

GET
H2 200 fNBBPiYM9mMuCteISo7A-OxAgA2YgzPE0wR5zuUy8BFYiLI6ebipdtiTxPj7SOq2CPVXXBU-dUNL9WLS0yV_-fhg64WnjL5MX9KAWbQeww9Liu5vgCc0PmzOfEAreYntftYpwa4Z
lh3.googleusercontent.com/ 126 KB
127 KB 191ms
184ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fNBBPiYM9mMuCteISo7A-OxAgA2YgzPE0wR5zuUy8BFYiLI6ebipdtiTxPj7SOq2CPVXXBU-dUNL9WLS0yV_-fhg64WnjL5MX9KAWbQeww9Liu5vgCc0PmzOfEAreYntftYpwa4Z

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0142e63bdd6ef309a2f3986fb7e841264b9a2d76ebfb1644a6e1ad315f931891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129391
x-xss-protection: 0
expires: Thu, 02 Sep 2021 12:46:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 386 KB
93 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da114fc6c5ecd812a911b41148a8cba3ebfad53e1c05dcd9b70e8f135fa68551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94919
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 12:46:36 GMT

GET
H/1.1 200
OK count.js Show response
splunk-blogs.disqus.com/ 1 KB
1 KB 74ms
22ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://splunk-blogs.disqus.com/count.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 199
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 30 Aug 2021 19:44:50 GMT
Server: nginx
ETag: "612d3532-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: ZiQ9bU3rZaQq42N10OeifXYiJtLvqmvXuJaRNfv_GQFmrJVh4b1hmA==

GET
H2 200 rteImage.js Show response
www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist/js/ 2 KB
1 KB 138ms
128ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist/js/rteImage.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

10c81ca05b483baa1b8be1082e01f8ea15573302c25e3e6f6737a09b4067715e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-blogs/dist/js/rteImage.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 501
last-modified: Fri, 27 Aug 2021 06:29:59 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

15ms
14ms

Script
text/javascript

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 10:10:39 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Wed, 01 Sep 2021 12:46:36 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6725)
Age: 408
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
6 KB 21ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 1420793
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687e9a356d8f5c62-FRA
expires: Wed, 01 Sep 2021 16:46:36 GMT

GET
H2 200 dist.889f28ac2bd25d2b692b7d0cd94b6340.js Show response
www.splunk.com/etc/clientlibs/splunk/splunk-blogs/ 321 KB
77 KB 167ms
158ms Script
application/javascript 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.889f28ac2bd25d2b692b7d0cd94b6340.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

9c3bf3a782bb18da5d472ddbe4836c8b8255b868a8e917dd5cb19f925bf408be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /etc/clientlibs/splunk/splunk-blogs/dist.889f28ac2bd25d2b692b7d0cd94b6340.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 78118
last-modified: Fri, 27 Aug 2021 02:07:47 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:36 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: application/javascript
expires: Wed, 08 Sep 2021 12:46:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 token.json Show response
www.splunk.com/libs/granite/csrf/ 2 B
577 B 66ms
65ms XHR
application/json 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/libs/granite/csrf/token.json

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /libs/granite/csrf/token.json
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-type-options: nosniff nosniff
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
server: Apache
x-frame-options: SAMEORIGIN SAMEORIGIN
date: Wed, 01 Sep 2021 12:46:36 GMT
serverid: prod-web01
content-type: application/json;charset=iso-8859-1
cache-control: max-age=5184000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 2
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
expires: Sun, 31 Oct 2021 12:46:36 GMT

GET
H2 200 M7Q82-FTRNS-TEZ4E-UCSZ2-NQJ9C Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 26ms
9ms Script
application/javascript 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/M7Q82-FTRNS-TEZ4E-UCSZ2-NQJ9C
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 21:29:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 icomoon.ttf
www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/icomoon/ 37 KB
17 KB 856ms
856ms Font
font/ttf 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/icomoon/icomoon.ttf

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

196cc7f451249dc346920e5c8ed64e1afbb6e1bb39e71f0d9917c90307ea6e64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.splunk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AKA_A2=A
:path: /etc/clientlibs/splunk/splunk-core/source/fonts/icomoon/icomoon.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.splunk.com
referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.splunk.com
Referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: gzip
x-content-type-options: nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=6
vary: Accept-Encoding
content-length: 17228
last-modified: Thu, 19 Aug 2021 01:49:37 GMT
server: Apache
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 splunkdatasans_w_md.woff2
www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/ 20 KB
21 KB 840ms
840ms Font
font/woff2 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.splunk.com/etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_md.woff2

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b6757c564305ac26f444cf3b00f5bfdce1e0684ae40b80706e5d9cffb2d81176

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://www.splunk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: AKA_A2=A
:path: /etc/clientlibs/splunk/splunk-core/source/fonts/splunkdatasans/woff2/splunkdatasans_w_md.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.splunk.com
referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.splunk.com
Referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-type-options: nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 20876
last-modified: Thu, 19 Aug 2021 01:49:41 GMT
server: Apache
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 3 KB
1 KB 25ms
12ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=M7Q82-FTRNS-TEZ4E-UCSZ2-NQJ9C&d=www.splunk.com&t=5435001&v=1.720.0&sl=0&si=ebebf5f0-9410-4da1-be72-0498924c301e-qyra5l&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=418654
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 603c6b75fcd3544415eb3e8b070d59daf4a69bd42f47d14a550c725fc4e1d025

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 843

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 30ms
13ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 1800
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 687e9a3648754e6e-FRA

GET
H2 200 / Show response
account.splunk.com/sign-up/html/ Frame 54FC 30 KB
30 KB 174ms
173ms Document
text/html 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/xcomponent.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: a3668e3372ee4ad547bdc03cde4d898c4c1d697c34cd202fdf31ecf0a0a34b75

Request headers

:method: GET
:authority: account.splunk.com
:scheme: https
:path: /sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
content-type: text/html
content-length: 30901
server: nginx/1.21.1
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
etag: "611c1448-78b5"
accept-ranges: bytes

GET
H2 200 SeriousSAM.png
www.splunk.com/content/dam/splunk-blogs/images/en_us/2021/07/ 6 KB
7 KB 44ms
44ms Image
image/webp 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk-blogs/images/en_us/2021/07/SeriousSAM.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ad6eef3d02365c280ac560f85b72f4b754e0d13938398f447d289374102ae526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /content/dam/splunk-blogs/images/en_us/2021/07/SeriousSAM.png
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Aug 2021 21:49:09 GMT
x-serial: 76
x-frame-options: SAMEORIGIN
content-type: image/webp
x-check-cacheable: YES
cache-control: private, no-transform, max-age=1846897
server-timing: cdn-cache; desc=HIT edge; dur=12
content-length: 6586
server: Akamai Image Manager
expires: Wed, 22 Sep 2021 21:48:14 GMT

GET
H2 200 icon-twitter.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 1017 B
1 KB 56ms
55ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-twitter.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6c52cd0d71d316cb4d0da745f64f44f002cd05ae6abfa7b5467fe2a84e5e7927

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-twitter.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 513
last-modified: Mon, 30 Aug 2021 22:10:34 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-facebook.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 672 B
973 B 74ms
74ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-facebook.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

9d714a88c8d592dd8f9eda439440ae797d312f55d075cd705b5c5acb0115e461

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-facebook.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=2
content-length: 356
last-modified: Fri, 27 Aug 2021 14:08:52 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-linkedin.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 945 B
1 KB 85ms
85ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-linkedin.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

dec656fe8a91816e68abf1cc12a1b73763d7080ab0c734a52dc795e4cc59f21f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-linkedin.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/etc/clientlibs/splunk/splunk-blogs/dist.7785ad4adce2333e3639a33d02b5a5c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=6
content-length: 472
last-modified: Mon, 30 Aug 2021 22:00:49 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H/1.1 200
OK embed.js Show response
splunk-blogs.disqus.com/ 74 KB
25 KB 26ms
26ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://splunk-blogs.disqus.com/embed.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

33c518b871fbdc327562d453591557db4630e5d88a53e55550251f60c7b8c47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Content-Encoding: gzip
Server: openresty
Age: 51
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24676

GET
H2 200 9ff638b7-8097-449d-9741-7b3c526b0da7.json Show response
cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/ 3 KB
2 KB 14ms
14ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/9ff638b7-8097-449d-9741-7b3c526b0da7.json

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2de4125e63c0db3ebac9e9ec44092ac3a1fda1942dc370637a234775a374c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1okM7ZzoEswIs0PBwY4sQQ==
age: 2138111
vary: Accept-Encoding
content-length: 1368
x-ms-lease-status: unlocked
last-modified: Tue, 18 May 2021 21:25:04 GMT
server: cloudflare
etag: 0x8D91A43671CA02E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2188569f-301e-007c-48bd-8b45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687e9a3c4b322c19-FRA

GET
H2 200 icon-twitter-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 1 KB
1 KB 47ms
46ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-twitter-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

434c4f6f549d386b8172952c473bade098cf1780715b93de3a1c4c43fb970fa0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-twitter-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=16
content-length: 531
last-modified: Fri, 27 Aug 2021 09:57:36 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-facebook-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 721 B
1016 B 60ms
59ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-facebook-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3cb56a22123a4976f5608b01c25515298f8cfdf15ef15415ea44ea6bda11f805

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-facebook-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 400
last-modified: Fri, 27 Aug 2021 11:09:07 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-linkedin-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 985 B
1 KB 78ms
77ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-linkedin-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

23f76cc288901a345dca71d537a84aac6a2c41b2db111349945e355eeb7ff9a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-linkedin-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=5
content-length: 487
last-modified: Fri, 27 Aug 2021 07:17:01 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-googleplus-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 846 B
1 KB 103ms
102ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-googleplus-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b22166ae6d29eb08e7eeef4d0469251c54e25bd3f854bc5b181e118e1f6c4cae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-googleplus-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=13
content-length: 461
last-modified: Mon, 30 Aug 2021 21:59:32 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-instagram-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 2 KB
1 KB 122ms
121ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-instagram-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b391f1665ed150f1427bec6627419bea073839413221a688cf537478642facd2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-instagram-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=6
content-length: 758
last-modified: Fri, 27 Aug 2021 20:56:38 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-slideshare-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 1 KB
1 KB 140ms
140ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-slideshare-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c2e00bf1249c5ec8a5f8a7412de74b1f4a9abc5b02f2cb59209f5fc6341debd6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-slideshare-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web01
server-timing: cdn-cache; desc=HIT edge; dur=4
content-length: 656
last-modified: Thu, 19 Aug 2021 02:14:21 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 icon-youtube-hover.svg
www.splunk.com/content/dam/splunk2/images/blogs/icons/ 3 KB
2 KB 153ms
152ms Image
image/svg+xml 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.splunk.com/content/dam/splunk2/images/blogs/icons/icon-youtube-hover.svg

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b9dbadd3ad7be81da266234eceb5b7b15f6bdce4a19d9a33663f4ba119ac2180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:path: /content/dam/splunk2/images/blogs/icons/icon-youtube-hover.svg
pragma: no-cache
cookie: AKA_A2=A; _biz_uid=9e4d88c2ae0f48efd04ee5a921075128; _biz_sid=670680; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3D%26_biz_h%3D-1906410348%26_biz_u%3D9e4d88c2ae0f48efd04ee5a921075128%26_biz_s%3D670680%26_biz_l%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26_biz_t%3D1630500396435%26_biz_i%3DDetecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%2520%257C%2520Splunk%26_biz_n%3D0%26rnd%3D765102%22%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.splunk.com
referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
content-encoding: br
x-content-type-options: nosniff nosniff
serverid: prod-web02
server-timing: cdn-cache; desc=HIT edge; dur=6
content-length: 1209
last-modified: Mon, 30 Aug 2021 13:47:11 GMT
server: Akamai Resource Optimizer
date: Wed, 01 Sep 2021 12:46:37 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sun, 31 Oct 2021 12:46:37 GMT
cache-control: max-age=5184000
accept-ranges: bytes
x-webkit-csp: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com
x-content-security-policy: frame-ancestors *.splunk.com *.touchcast.com *.salesforce.com, frame-ancestors *.splunk.com *.touchcast.com

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 8ms
8ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=9e4d88c2ae0f48efd04ee5a921075128&_biz_s=670680&_biz_l=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&_biz_t=1630500396435&_biz_i=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&_biz_n=0&rnd=765102&cdn_o=a&_biz_z=1630500397538
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Sun, 29 Aug 2021 11:21:51 GMT
server: ECS (frb/6760)
age: 264286
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 20ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=9e4d88c2ae0f48efd04ee5a921075128&_biz_s=670680&_biz_l=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&_biz_t=1630500397540&_biz_i=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&rnd=784071&cdn_o=a&_biz_z=1630500397540
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Thu, 26 Aug 2021 23:56:59 GMT
server: ECS (frb/67C2)
age: 478178
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame B247 319 KB
103 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.splunk.com
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.splunk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 504805
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Sep 2021 12:46:37 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
224 B 23ms
22ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 687e9a3cab04323c-FRA

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
522 B 128ms
127ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=9e4d88c2ae0f48efd04ee5a921075128&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.06.25
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 893b13fb1b9b31bca8710eb40f15eb8fad0a8d6e4b2c32d7614af819fa1da9c6

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: C208BA88
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 217

GET
H2 200 lounge.8affdad980167da3f2dd9f1e933d0669.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 7ms
6ms Other
text/css 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1099048
x-cache: Hit from cloudfront
content-length: 25754
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 19 Aug 2021 18:18:14 GMT
server: nginx
etag: "611ea066-649a"
content-type: text/css; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Fri, 19 Aug 2022 19:29:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: yGTi5CTkdfjUA9lG0wtNqLIOVMMwgKbyMu4dQYl86ogeiHTA3b94HA==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 8ms
7ms Other
application/javascript 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3775164
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: 3lm6bExEEYosjDBEzpPtKn3RoYWD7xwFjf3eqFSuN5RqIQ6BMd0_Pw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.dc50d72ac077058faccdd9a761fea0bc.js
c.disquscdn.com/next/embed/ 0
118 KB 10ms
10ms Other
application/javascript 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.dc50d72ac077058faccdd9a761fea0bc.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 21:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660278
x-cache: Hit from cloudfront
content-length: 120189
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1d57d"
content-type: application/javascript; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Wed, 24 Aug 2022 21:21:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: mJnsW7cBxvPMCWguO7F2UwffclYzI4gzhgyQXycTqoci4lhp81NErw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
13 KB 25ms
7ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 49
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12397
X-XSS-Protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.18.0/ 377 KB
84 KB 17ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cIchS4lr7UaDx9LQCq2apA==
age: 3479699
vary: Accept-Encoding
content-length: 85787
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:55 GMT
server: cloudflare
etag: 0x8D91E52BCFB1A90
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5fe232a2-f01e-00ad-0289-7ff88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687e9a3ce8f65c62-FRA
expires: Thu, 09 Sep 2021 12:46:37 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B247 232 B
431 B 169ms
130ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=43a3df2c357fdd6e9ac5ac620cd00ab93b4d04bf

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.splunk.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 12:46:37 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2104af2ad84976e8def70b2352e90c72955bcdf047100db3ef92f77bca3c3441
content-length: 166

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/b7951409-db27-43d8-a4d6-4a3aaf33d3dd/ 71 KB
14 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/b7951409-db27-43d8-a4d6-4a3aaf33d3dd/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52bb6e8d120c194fb3c184f9af610501526c368c6fc4224916eae858f12bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l8lF6Z9Y6BID7iYM3kTxkw==
age: 2138111
vary: Accept-Encoding
content-length: 14351
x-ms-lease-status: unlocked
last-modified: Tue, 18 May 2021 21:25:07 GMT
server: cloudflare
etag: 0x8D91A436927C281
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 67beb87e-001e-00de-6abd-8b884f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687e9a3d2d072c19-FRA

GET
H2 200 bootstrap.min.css
account.splunk.com/sign-up/styles/ Frame 54FC 139 KB
139 KB 174ms
172ms Stylesheet
text/css 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/styles/bootstrap.min.css
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: cfbc2b70491edecec6ec0a08628a22f772d1a759f7bf4326bdbe44a1ad3b0420

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-22a17"
content-length: 141847
content-type: text/css

GET
H2 200 splunk-core-v3.1.css
account.splunk.com/sign-up/styles/ Frame 54FC 84 KB
85 KB 175ms
173ms Stylesheet
text/css 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/styles/splunk-core-v3.1.css?2020011601
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: fca82066732cdbc824418519f58582389718120dd1a9c86fcdfb7dbd0e7337f0

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1516a"
content-length: 86378
content-type: text/css

GET
H2 200 splunk-express-lane-v3.2.css
account.splunk.com/sign-up/styles/ Frame 54FC 37 KB
37 KB 175ms
174ms Stylesheet
text/css 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/styles/splunk-express-lane-v3.2.css
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 4b12c119c64ad2d3cf0efbec75d691b2c557c8508bc080237b905d5f765a4a98

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-9444"
content-length: 37956
content-type: text/css

GET
H2 200 splunk-signup-component.css
account.splunk.com/sign-up/styles/ Frame 54FC 23 KB
23 KB 338ms
336ms Stylesheet
text/css 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/styles/splunk-signup-component.css?2020011601
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 0aafdec2ebeadf702d6546e3dc26749bca1503f228b7f1a327850e0bd819e1a1

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-5abb"
content-length: 23227
content-type: text/css

GET
H2 200 reset-password-transition.css
account.splunk.com/sign-up/styles/ Frame 54FC 1 KB
1 KB 178ms
176ms Stylesheet
text/css 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/styles/reset-password-transition.css
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 3a2e0a88a65a0528e31ed06c23a9750ee001f4a3b8018c126a0ff2302d6d03ee

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-51e"
content-length: 1310
content-type: text/css

GET
H2 200 reset-password-transition.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 4 KB
4 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/reset-password-transition.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 8f265a16998021312f86c0a652635438e8091bcf0f9bdc5921926938315365ec

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-e64"
content-length: 3684
content-type: application/javascript

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ Frame 54FC 83 KB
32 KB 7ms
7ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 21:51:57 GMT
server: ECS (frb/67F3)
age: 53850
etag: "cf369097c49ad71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32240

GET
H2 200 jquery-1.10.2.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 91 KB
91 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/jquery-1.10.2.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-16bb3"
content-length: 93107
content-type: application/javascript

GET
H2 200 bluebird.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 78 KB
78 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/bluebird.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-136ba"
content-length: 79546
content-type: application/javascript

GET
H2 200 i18n.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 2 KB
2 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/i18n.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: ae59f7fe573dd254192e6801613e7eaf87dd39a14ceb6248812bcb405b948557

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-6f0"
content-length: 1776
content-type: application/javascript

GET
H2 200 array-find-pollyfill.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 1 KB
2 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/array-find-pollyfill.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: bbc4363ab77f5401d867bbda24e0f04c5f573a1f8252cc2510e46170536a4edf

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-5e5"
content-length: 1509
content-type: application/javascript

GET
H2 200 touchswipe.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 16 KB
16 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/touchswipe.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: f33912a551aa9f08f0ad3ab92ff6aee8d51ba0b5f23a2c23d9dcc6ac268405cc

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-4104"
content-length: 16644
content-type: application/javascript

GET
H2 200 jquery_cookie.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 3 KB
3 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/jquery_cookie.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-c31"
content-length: 3121
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 59 KB
59 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/bootstrap.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 7970f31907d91bf0f19efe8aefee74d6f0a2d8c72b2f8f20a5e297d3c414a78f

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-ed09"
content-length: 60681
content-type: application/javascript

GET
H2 200 search-collapse.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 553 B
712 B 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/search-collapse.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 2393d47c2471e2f71d306c694448ba98809c993297f6174bb801fd713e6e5a8a

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-229"
content-length: 553
content-type: application/javascript

GET
H2 200 dropdown.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 557 B
716 B 339ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/dropdown.js?101720170517
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 01b4835815468d5da7bf430298723952fbff756b43e3c9fbef6e9ff4cef417e3

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-22d"
content-length: 557
content-type: application/javascript

GET
H2 200 jquery.customSelect.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 2 KB
3 KB 340ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/jquery.customSelect.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-9ef"
content-length: 2543
content-type: application/javascript

GET
H2 200 jquery.matchHeight.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 11 KB
12 KB 339ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/jquery.matchHeight.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-2db7"
content-length: 11703
content-type: application/javascript

GET
H2 200 xcomponent.min.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 112 KB
112 KB 340ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/xcomponent.min.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: e42532e83267013b5acc8ab673387497d38f40000458df33974517f4fc621627

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1beb9"
content-length: 114361
content-type: application/javascript

GET
H2 200 splunk-xcomponent.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 4 KB
4 KB 339ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/splunk-xcomponent.js?201810151256
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: c3b8af75d42666f38b4eafc7c7e8bf46f8eb7f1dd252894a35233de576c8e706

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-10c8"
content-length: 4296
content-type: application/javascript

GET
H2 200 signup-constants.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 29 KB
30 KB 339ms
336ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/signup-constants.js?201810151256
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 17b1f3642cf0928845fdf667a418bd124dc9d673be46d8e11cb4be5186f0e8d6

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-757d"
content-length: 30077
content-type: application/javascript

GET
H2 200 splunk-input.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 7 KB
7 KB 339ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/splunk-input.js?201810151256
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 762229dfc2f72c6a5f25f134a2be95a7ff63c16e609a74c9a22ee0d04c6508bf

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1cb0"
content-length: 7344
content-type: application/javascript

GET
H2 200 splunk-form.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 73 KB
73 KB 339ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/splunk-form.js?201810151256
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: c16ce74d43d81247b04ccb24090e7830484688d38e808839049e7d5b288dbd7b

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1247f"
content-length: 74879
content-type: application/javascript

GET
H2 200 google-analytics-fields.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 2 KB
3 KB 339ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/google-analytics-fields.js?202129060440
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: d9678daf3c200dd554d7b42dac6d8f90c13ae7b37769a5b15df4cdaced860bab

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-9c0"
content-length: 2496
content-type: application/javascript

GET
H2 200 elqCfg.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 3 KB
3 KB 339ms
338ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/elqCfg.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: a9d985131b944f20b82382b91099a6b5c8924f57d8934dfa38039571d628b58a

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-bf3"
content-length: 3059
content-type: application/javascript

GET
H2 200 elqImg.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 970 B
1 KB 339ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/elqImg.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: e51f6b700a23285bdb36e03eed90138983a82fb2e6a352b18a78231a2400afef

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-3ca"
content-length: 970
content-type: application/javascript

GET
H2 200 elqInit.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 2 KB
2 KB 338ms
337ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/elqInit.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: b3010625e3b25f2167e854834fe0db706d0c426e251f1a85cb4541cf4d40491d

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-751"
content-length: 1873
content-type: application/javascript

GET
H2 200 elqScr.js Show response
account.splunk.com/sign-up/js/ Frame 54FC 486 B
645 B 339ms
338ms Script
application/javascript 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/sign-up/js/elqScr.js
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 641b2a6b40a8e3033eee3dfec5d2c12560f3427b32c1d595b536e38645a86391

Request headers

Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Tue, 17 Aug 2021 19:55:52 GMT
server: nginx/1.21.1
accept-ranges: bytes
etag: "611c1448-1e6"
content-length: 486
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 54FC 909 B
670 B 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: account.splunk.com
URL: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48446b85e4eee5af77a5c4729bb80a6cedcc177c2a9e9e422a4a22bee3b2c799

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Wed, 01 Sep 2021 12:46:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: sRGuD7TxMtktInzABH/Rb6rHU6jubjAu594X6wSVgttxrBUYGGRtiI58xeuiilJkqJmIYKh0bjp0lalZBIEuZg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Sep 2021 12:46:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 12 KB
3 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrQfM8mTXwqoZ1+V6sXNuw==
age: 730432
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:48 GMT
server: cloudflare
etag: 0x8D91E52B88C8775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c0b81b80-c01e-014f-288a-985aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 687e9a3d5d7a2c19-FRA
expires: Thu, 09 Sep 2021 12:46:37 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76614
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: B783CEE04939460C952AE4688DE306D2 Ref B: FRAEDGE1216 Ref C: 2021-09-01T12:46:37Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1341559/ 74 KB
25 KB 24ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e361165a97015b0425a3cece58eb5e8a56f073d0c0932ad36fe7c81a828d307

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 4076fCoEGVhQEjfZ4.m4xED7xQNGp_Pj
content-encoding: gzip
etag: "b37f8e3cb21c63c1a5ecc3849912c2c9"
age: 4
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24751
x-amz-id-2: yfCvAURRpaRqwLuizLPOKysfU0EsPRZQW7OXo2iw+S+y8eDXrTg21mdimOMMogebZDQbsNnY3Gc=
x-served-by: cache-fra19173-FRA
last-modified: Mon, 09 Aug 2021 10:26:50 GMT
server: AmazonS3
x-timer: S1630500398.682050,VS0,VE1
date: Wed, 01 Sep 2021 12:46:37 GMT
vary: Accept-Encoding
x-amz-request-id: NGSVC8J456W63KDB
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 1

GET
H2 200 b05765359b5ba.js Show response
t.contentsquare.net/uxa/ 299 KB
63 KB 59ms
20ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/b05765359b5ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bafcf2cd2fdbbfd190ef2f1251adfe4be70407c906ab9b2c85ce93ee54ab377

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 30 Aug 2021 12:03:54 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 12:01:59 GMT
server: AmazonS3
age: 175364
etag: "77937023a987b7a95cad39a957b5e2cf"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 64198
x-amz-cf-id: JiyXY21egAsfDMpgRrrmgwlRSleV76e8FKv8yhSfxgxnuG-Y-lrejg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 67ms
21ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 14:18:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 80894
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: z9cEWu9MryImYO2dalOcPcqEAX-7KUhvVBjJJRWuKvcawI0zMM3Ezg==

GET
H2 200 cs.js Show response
tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/ 408 B
548 B 80ms
16ms Script
application/javascript 3.121.48.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/cs.js?c=1630500397670

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6bd6f89b1e7f7eef3650d12eb6b8b0b9a839034f1917cccfafb5d22f549d5529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 01 Sep 2021 12:46:37 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-headers: Authorization, Content-Type, username, password

GET
H/1.1 200
OK lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 5 KB
6 KB 84ms
21ms Script
application/x-javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

20b11d2c0012e286c38350d6c9b2ba03341667d9bc7226bf526fb47e89668fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Connection: Keep-Alive
Last-Modified: Fri, 18 Dec 2020 19:31:32 GMT
x-amz-request-id: tx00000000000001515314a-00612cd708-1373bbd6-sfo2a
ETag: "23752d527a82df9be63eb97fe04bceb3"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1630500397.dop011.lo4.t,1630500397.cds002.lo4.shn,1630500397.dop011.lo4.t,1630500397.cds097.lo4.c
Content-Type: application/x-javascript
Cache-Control: max-age=432987
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 5105

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 28ms
25ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9979664

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

772d9a3001192e2906154e4624e6debd1639e4f12568623e5e9a9edce238d06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37912
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 12:46:37 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 26 KB
9 KB 72ms
19ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

9ec1002988b30be58344be55afcc9b1075519b3e2a96380b35ad343922e0d7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8542
Pragma: no-cache
Last-Modified: Fri, 06 Aug 2021 19:26:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "610d8cce-69e1"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 01 Sep 2021 12:46:37 GMT

GET
H2 200 rz5la3FlMSNo3OYdIkfj Show response
ws.zoominfo.com/pixel/ 0
205 B 144ms
143ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/rz5la3FlMSNo3OYdIkfj

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 687e9a3d79db5bfd-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 81ms
29ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Wed, 01 Sep 2021 13:06:37 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 3389 6 KB
4 KB 145ms
143ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default

Requested by

Host: splunk-blogs.disqus.com
URL: https://splunk-blogs.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cc8e908b992c11ea81310e961a481035531a575bdb41c7916649ec8fa55179fa

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.splunk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

Connection: keep-alive
Content-Length: 2735
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 27 Jul 2021 21:48:47 GMT
ETag: W/"lounge:view:8675635608.39eeeb4d6549149faefa2f9b969c08f4.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Wed, 01 Sep 2021 12:46:37 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1630500397681%26url%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync=...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync...

0
156 B

335ms
140ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync=true&e_ipv6=AQL4isJ9fHU1JAAAAXuhZaP9YezflwqaU0Q-L8iPjv6G2kOTlPnF9islxji-7hIjRixsE0Dt
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: I7C+O3mzoBawTyDgmCsAAA==

Redirect headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1630500397681&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&liSync=true&e_ipv6=AQL4isJ9fHU1JAAAAXuhZaP9YezflwqaU0Q-L8iPjv6G2kOTlPnF9islxji-7hIjRixsE0Dt
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: PXHGKHmzoBZw9VVj4ioAAA==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 1642523699107798 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1642523699107798?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

603c53f10afd0de7ef64dbe5b38f5d6be3001429d1f29fefb02c1e7e6a47b2de

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UKdl2jOwHtLa0ahODXbh7tdkgkpj4G51tAsRwK8YmUM2z+uDtzPhh4So/Awps1oK7QmKGtUQdCb8t7/ml5sKmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 12:46:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
688 B 58ms
18ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 12:46:37 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3ebae991-aac4-45f9-925c-a50d2637da90
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.splunk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
370 B 89ms
24ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 836f7b8791541974441252d89ec1fa601076601238c06a14e47837fd520732bc

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.splunk.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK analytics-an-min.js Show response
d2hya7iqhf5w3h.cloudfront.net/scripts/ 4 KB
5 KB 77ms
21ms Script
application/javascript 18.66.107.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hya7iqhf5w3h.cloudfront.net/scripts/analytics-an-min.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 856480dfbd572e8e51fd582b4744916dc6708b2cf12eb311d749f0dc16250410

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 16:30:45 GMT
Via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 May 2021 13:48:14 GMT
Server: AmazonS3
Age: 72953
ETag: "e2295ad89bc05d51307a0a73d8f7aa14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 4603
X-Amz-Cf-Id: fbwZCUuM4m-1fmwBQbTLpieRP6qyzVHGGd-rrOUHldizE_7Qedxqvg==

GET
H2 204 5962822.js Show response
bat.bing.com/p/action/ 0
109 B 29ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5962822.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 12:46:37 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: BCB17453FEA5468982B05F8E98574249 Ref B: FRAEDGE1216 Ref C: 2021-09-01T12:46:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5962822&tm=gtm002&Ver=2&mid=0ad34f5d-7da7-4588-b2ae-111d833f29c2&sid=a5a7d8400b2211ecb1f765f8b6e5e32d&vid=a5a7c6000b2211eca5cf9fe4d63d56bc&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&kw=SeriousSAM,%20CVE-2021-36934,%20Privilege%20Escalation%20Vulnerability&p=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&r=&lt=4206&evt=pageLoad&msclkid=N&sv=1&rn=261770
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Sep 2021 12:46:37 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A5A95D77CBC349BA9F6B3E55507EC133 Ref B: FRAEDGE1216 Ref C: 2021-09-01T12:46:37Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 344ms
86ms Script
application/javascript 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00d61f3947fbcca6a300f9bcb5900fda25
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
X-TraceId: fc4b22a134d36a909a6e0e08093532f3
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 384ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00d61f3947fbcca6a300f9bcb5900fda25&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&optOut=false&bust=009532509794487276
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
Cache-Control: no-cache
X-TraceId: de9dc5fb057bf22575fcf80337bde223
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 247ms
195ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=b83cfc37-11b7-4ca1-8b1c-4fb191f5532f&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A37%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe&an_uid=0

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 lounge.load.53c39e0ce65e4eb0af505908f71410f5.js Show response
c.disquscdn.com/next/embed/ Frame 3389 1 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.53c39e0ce65e4eb0af505908f71410f5.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

30da4c48d022cae31aecd5ed03eb37be68f9cf0ace03efc80eb2e1497cc55612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 21:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660277
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-216"
content-type: application/javascript; charset=utf-8
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
expires: Wed, 24 Aug 2022 21:22:00 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: Zt3cVYh93PgFpshvOS8FFEUfvEUmEP84hRfdxTmP9LOQhwwSiULlTw==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame 3389 282 KB
93 KB 6ms
6ms Script
application/javascript 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.53c39e0ce65e4eb0af505908f71410f5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3775164
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: _QxEc_RrXgkoz8hv9W6lK68zvX21Swj6884jY0p1sEXmzDER8ouYEA==
x-cache-hits: 0

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
688 B 59ms
21ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 12:46:37 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1db0a52e-f7e1-403a-b3fb-9be8a18a3aa1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.splunk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 lounge.8affdad980167da3f2dd9f1e933d0669.css
c.disquscdn.com/next/embed/styles/ Frame 3389 161 KB
26 KB 6ms
6ms Stylesheet
text/css 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

88e7deb2dcbccbe8fa97dfc6973ea174f0b3db01ace23c0d72a8228452171a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1099048
x-cache: Hit from cloudfront
content-length: 25754
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 19 Aug 2021 18:18:14 GMT
server: nginx
etag: "611ea066-649a"
content-type: text/css; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Fri, 19 Aug 2022 19:29:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: rqHXYOuqfwVagsvPiQIoBDoiAx6VM-y9yqrRjHDgPfgwN1JYj2Yrzg==
x-cache-hits: 0

GET
H2 200 lounge.bundle.dc50d72ac077058faccdd9a761fea0bc.js Show response
c.disquscdn.com/next/embed/ Frame 3389 465 KB
118 KB 6ms
6ms Script
application/javascript 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.dc50d72ac077058faccdd9a761fea0bc.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b1bb91151130d620bb916cf8f4b0ac0aa27ed9ab91da8aa3ecc1f845b317170d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 21:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 660278
x-cache: Hit from cloudfront
content-length: 120189
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1d57d"
content-type: application/javascript; charset=utf-8
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
expires: Wed, 24 Aug 2022 21:21:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: n6gvXYX7W76K716_-OzVJHEhjo1JlDt_tYz3JH7xkDb3bT8YF_aQgw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 3389 12 KB
13 KB 8ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e8be42019425fc26bcf13b4b96de105ae4317667ae197a353b3b4e55081ebd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:37 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 49
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12397
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642523699107798&ev=PageView&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&rl=&if=false&ts=1630500397899&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630500397898.2089612755&it=1630500397741&coo=false&exp=p0&rqm=GET

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 12:46:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642523699107798&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&rl=&if=false&ts=1630500397901&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630500397898.2089612755&it=1630500397741&coo=false&exp=p0&rqm=GET

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 12:46:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 20ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642523699107798&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&rl=&if=false&ts=1630500397903&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630500397898.2089612755&it=1630500397741&coo=false&exp=p0&rqm=GET

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 12:46:37 GMT

GET
H2 200 visit Show response
analytics.vendemore.com/ 31 B
378 B 30ms
16ms XHR
text/plain 3.121.48.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.vendemore.com/visit?vlmref=&vaid=&url=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&title=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&path=%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&domain=www.splunk.com&referrer=

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f6c71dcab097a5d46f4d0e3b805a011f23096054395ce542ab65e3d70ea34773

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:37 GMT
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://www.splunk.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type
content-length: 31

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 3389 3 KB
3 KB 110ms
110ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=splunk-blogs&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

efe9852922c1295b9c3ad24e666b3482d94977612778548c122cee8945c35c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3091
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 3389 2 KB
2 KB 33ms
7ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 2250893
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: PbMVeM2iWmudwIaI31RBJmSVugFre_LpJLL2G4ilL6tNFDLra-hEMw==
expires: Fri, 06 Aug 2021 11:31:45 GMT

GET
DATA 200
OK truncated
/ Frame 3389 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 3389 13 KB
13 KB 6ms
6ms Image
image/svg+xml 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10879737
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ur1xc-ypqot0jzREO_vX2njQhrY4gmt0czHBebZyRMImI32AGUjf7Q==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 3389 3 KB
3 KB 6ms
6ms Image
image/gif 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 18172111
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dPD4Xr5X3h36bL9C6z1R4WUembi0Q3Ap2r4VJ6o6DlYqIfyrbY0SkA==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 3389 2 KB
2 KB 7ms
6ms Image
image/png 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7091959
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UrA6AL_czdGw1zQOn_ZRVKcrsQltbvtxwj4zkwu_dRqN9WqzolUQUA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 3389 8 KB
8 KB 15ms
14ms Font
application/octet-stream 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:36:59 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4381779
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 19:36:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hrsLpC2PVP4LGW06YIPdGauuL2Eo14Qq3p8qJQBPrNpWb8VjpmOCUA==
x-cache-hits: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3389 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5e9883c541bdeb985bf00620ac3831b3e07a649012dae4980269d1c2eb73a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: R6Hoy44vjQ0RKnatECUqKQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: l75H8mHUV9uQ27Aj9ElAW9bbeUiEXlCWCG5ezEc1PqouNQf6IPPCONBkWUOBhfJL2083HBSVXhn6rhBxCtSZhw==
x-fb-content-md5: 330fed3e4be9471863d506d56e6364d5
x-frame-options: DENY
date: Wed, 01 Sep 2021 12:46:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d0380508be373af16303c5e8271f821a"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Sep 2021 12:49:51 GMT

GET
H2 403 api.js
apis.google.com/js/ Frame 3389 0
0 344ms
343ms Script
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/api.js
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 3389 13 KB
13 KB 6ms
6ms Image
image/svg+xml 2600:9000:2240:5a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:5a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.8affdad980167da3f2dd9f1e933d0669.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10879737
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ToAQS5_5bFQTOyCa4JGAskqfZVSvryv2rZMDf-xmq0Qn7y1_HEw7uA==
x-cache-hits: 0

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 3389 228 KB
67 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a1a7337b177369d585cd8d40d1668240

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f0111b458474d46469ecec2c20475f08edca8e0854a26bdbbcbe389653fd281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rsd7725dvFlud+ERyxcK3A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68460
x-fb-rlafr: 0
x-fb-debug: tEiYlefrL1FFrF2Awnuv/XRTHsiB+I/l7xlIsxksSxBbs9nFMveNDsOP+WqCvFmRgPQJweSBlssU5Tbi7am+Wg==
x-fb-content-md5: 296088b8403dee068cb291582358b145
x-frame-options: DENY
date: Wed, 01 Sep 2021 12:46:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "72a4df45b288ff7293ecfff89a40f5ce"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 01 Sep 2022 10:43:20 GMT

GET
H2 200 maintenance_mode Show response
account.splunk.com/api/v1/signup/config/property/ Frame 54FC 231 B
484 B 180ms
180ms XHR
application/json 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/api/v1/signup/config/property/maintenance_mode
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 53896c1f267bc82d9e9cf0073123b5c91fdf4ea7c249d8dd2292d95a66e2f9fa

Request headers

Accept: */*
Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: nginx/1.21.1
etag: W/"e7-XJuYe+PNnQC4TAOmIgIU7Q"
content-length: 231
content-type: application/json; charset=utf-8

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame 54FC 386 KB
93 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Requested by

Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/google-analytics-fields.js?202129060440

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6c1212ce55b2e9e68717790229cd7198efa5896eb02d2a4e20c2a7b1bcb2138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94915
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 12:46:38 GMT

GET
H/1.1

200
OK

svrGP.aspx
secure.p01.eloqua.com/visitor/v200/ Frame 54FC
Redirect Chain

https://secure.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192
https://secure.p01.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192&elqCookie=1

49 B
388 B

651ms
277ms

Image
image/gif

142.0.173.130
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.p01.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192&elqCookie=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.130 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Wed, 01 Sep 2021 12:46:38 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: image/gif
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Wed, 01 Sep 2021 12:46:37 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://secure.p01.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1527&ref2=https://www.splunk.com/&tzo=-60&ms=192&elqCookie=1
Cache-Control: private,no-store
Content-Type: text/html; charset=utf-8
Content-Length: 264
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP.aspx Show response
secure.eloqua.com/visitor/v200/ Frame 54FC 0
351 B 459ms
136ms Script
application/javascript 209.167.231.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=1527&ref=https://account.splunk.com/sign-up/html/?uid=f2627b2b24%26version=latest%26dimensions={%22width%22:%22450%22,%22height%22:1200}%26theme=light%26id=header-signup-xcomp%26locale=en_us%26redirectUrl=https://www.splunk.com/en_us/download.html%26title=Get%20Started%20With%20Splunk%26isQuickAccess=1%26isCloseButtonOn=1%26customProps={%22leadSource%22:%22splunk%22}%26xcomponent=1&ms=192

Requested by

Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/elqScr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.167.231.15 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

now.eloqua.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Wed, 01 Sep 2021 12:46:38 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: application/javascript
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H3-29 200 status
www.facebook.com/x/oauth/ Frame 3389 0
0 35ms
34ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.splunk.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dsplunk-blogs%26t_u%3Dhttps%253A%252F%252Fwww.splunk.com%252Fen_us%252Fblog%252Fsecurity%252Fdetecting-serioussam-cve-2021-36934-with-splunk.html%26t_d%3D%250A%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520Detecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%250A%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%26t_t%3D%250A%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520Detecting%2520SeriousSAM%2520CVE-2021-36934%2520With%2520Splunk%250A%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%2520%26s_o%3Ddefault%23version%3D53c39e0ce65e4eb0af505908f71410f5&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbxbs.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: xMid1i/F3i7wIIyKRWTUiFnnCcl+IYp0+tsSuY5TiKYz7z8i0JEYjRF03zJvvttvsF3pfhOXgDFZoln2fzFonA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Sep 2021 12:46:38 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ Frame 54FC 6 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 1802
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 687e9a412fab4e6e-FRA

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvUdTEEsDh1Z2yEhx

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 01 Sep 2021 12:46:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.splunk.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 3389 2 KB
2 KB 7ms
7ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.dc50d72ac077058faccdd9a761fea0bc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 2250893
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: PbMVeM2iWmudwIaI31RBJmSVugFre_LpJLL2G4ilL6tNFDLra-hEMw==
expires: Fri, 06 Aug 2021 11:31:45 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 3389 43 B
295 B 129ms
111ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=590&event=init_embed&thread=8675635608&forum=splunk-blogs&forum_id=4894242&imp=dfe6lqvbpgk2&prev_imp&thread_slug=detecting_serioussam_cve_2021_36934_with_splunk_97&user_type=anon&referrer=https%3A%2F%2Fwww.splunk.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=splunk-blogs&t_u=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%0A%20%20%20%20%20%20%20%20%20%20%20%20&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 en_us Show response
account.splunk.com/api/v1/utils/locale/ Frame 54FC 6 KB
7 KB 206ms
206ms XHR
application/json 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/api/v1/utils/locale/en_us
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 79a5d0c6cdd5c1aeb1305c08deeaeb6c5bb5415f6d76440103b9027ba6d0da6d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: nginx/1.21.1
etag: W/"1917-s2mdBrLg8iKCTwDTdxXIeQ"
content-length: 6423
content-type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 54FC 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/google-analytics-fields.js?202129060440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4459
date: Wed, 01 Sep 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 13:32:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 54FC 340 KB
340 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account.splunk.com
Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:19:46 GMT
x-content-type-options: nosniff
age: 5212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 347943
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 11:19:46 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D03B 40 KB
20 KB 33ms
32ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=sszngotysqp4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd94c6489822657181e738c160b805a7bc583ef588cb34f85bc7f570d461be88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+cKt0ZIql8Hp9ET9gr3LHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=sszngotysqp4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.splunk.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Sep 2021 12:46:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-+cKt0ZIql8Hp9ET9gr3LHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20866
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ED1D 40 KB
20 KB 37ms
37ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6d5804ae4c5bbe1997166b62df22c1e5a8aff88b378fcdbed4ccd22ff26f030

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8xmBgV9F58R+/eDSc4WTxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=3rzvzmkord9c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.splunk.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Sep 2021 12:46:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-8xmBgV9F58R+/eDSc4WTxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20887
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame D03B 52 KB
25 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=sszngotysqp4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 11:10:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame D03B 340 KB
132 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:30:07 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame ED1D 52 KB
25 KB 11ms
11ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 11:10:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame ED1D 340 KB
132 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:30:07 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 228ms
228ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=64bb10028a7d00002d762f61d602000032640f00&session=b83cfc37-11b7-4ca1-8b1c-4fb191f5532f&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A37%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe&an_uid=0

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame D03B 102 B
132 B 17ms
17ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=sszngotysqp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 01 Sep 2021 12:46:38 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame ED1D 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&co=aHR0cHM6Ly9hY2NvdW50LnNwbHVuay5jb206NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&theme=light&size=normal&cb=3rzvzmkord9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 01 Sep 2021 12:46:38 GMT

GET
H2 200 lifecycle_urls Show response
account.splunk.com/api/v1/signup/ Frame 54FC 231 B
359 B 189ms
188ms XHR
application/json 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/api/v1/signup/lifecycle_urls
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: d79a13a262f87836ea99d4a5c4d26cda6e6729e1719009d8fbad922773cd488d

Request headers

Accept: */*
Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: nginx/1.21.1
etag: W/"e7-WKyotFRYPVlkV0zcY3NBrA"
content-length: 231
content-type: application/json; charset=utf-8

GET
H2 200 en_us Show response
account.splunk.com/api/v1/geo/countrylist/ Frame 54FC 27 KB
27 KB 188ms
188ms XHR
application/json 52.32.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account.splunk.com/api/v1/geo/countrylist/en_us
Requested by: Host: account.splunk.com
URL: https://account.splunk.com/sign-up/js/jquery-1.10.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.91.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-91-113.us-west-2.compute.amazonaws.com
Software: nginx/1.21.1 /
Resource Hash: 89137fca3117c82a3cd1196c2cb365c6ad82aa01e019e2d4c9c6fc8f0216e50c

Request headers

Accept: */*
Referer: https://account.splunk.com/sign-up/html/?uid=f2627b2b24&version=latest&dimensions={%22width%22:%22450%22,%22height%22:1200}&theme=light&id=header-signup-xcomp&locale=en_us&redirectUrl=https://www.splunk.com/en_us/download.html&title=Get%20Started%20With%20Splunk&isQuickAccess=1&isCloseButtonOn=1&customProps={%22leadSource%22:%22splunk%22}&xcomponent=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:38 GMT
server: nginx/1.21.1
etag: W/"6a28-7Ku5KDnRDcDnOrG7QYegGQ"
content-length: 27176
content-type: application/json; charset=utf-8

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AEF7 7 KB
1 KB 16ms
15ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=qmifwmod12k9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3e9ec00b8df1382b0d2fdd5b39126114483316950dc986be4ededab943fc205

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rGsku0c0WPDeNzLy7iuGKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=qmifwmod12k9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.splunk.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Sep 2021 12:46:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-rGsku0c0WPDeNzLy7iuGKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 0F0B 7 KB
1 KB 25ms
24ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=2nw0qmtw9elx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb5cd4f9742af985b98ea8c49a08bb6169b218426326014fcd34c63b6d25cb37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-STL6aowVSPsijGKWnswUVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=2nw0qmtw9elx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.splunk.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Sep 2021 12:46:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-STL6aowVSPsijGKWnswUVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame AEF7 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=qmifwmod12k9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 11:10:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame AEF7 340 KB
132 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=qmifwmod12k9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:30:07 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 0F0B 52 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=2nw0qmtw9elx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 11:10:13 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 0F0B 340 KB
132 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Ldu_QUTAAAAAK7Sde76ag0R5axctRY2774xJz75&cb=2nw0qmtw9elx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 10:30:07 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6DF3 0
182 B 93ms
33ms Document
text/html 52.31.175.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=65d5w9m&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=zfbopfz&upv=1.1.0
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=65d5w9m&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=zfbopfz&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

date: Wed, 01 Sep 2021 12:46:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame BAFC 0
181 B 78ms
40ms Document
text/html 52.31.175.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=afx4zne&upv=1.1.0
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=t0q4wl6&ref=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&upid=afx4zne&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

date: Wed, 01 Sep 2021 12:46:39 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ Frame 54FC 0
213 B 121ms
30ms XHR
text/plain 34.254.140.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=552c4298abe53d666aa63604&sAW=1600&sAH=1200&bIW=0&bIH=0&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=0&cE=0&dLE=0&dLS=0&fS=0&hS=-1&rE=-1&rS=-1&reS=1&resS=174&resE=175&uEE=-1&uES=-1&dL=176&dI=1207&dCLES=1207&dCLEE=1213&dC=1840&lES=1840&lEE=1847&s=nt&title=E-2%20and%20E-3%20Direct%20Sign%20Up&path=https%3A%2F%2Faccount.splunk.com%2Fsign-up%2Fhtml%2F&ref=https%3A%2F%2Fwww.splunk.com%2F&sId=s2z2wk29&sST=1630500399&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.140.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-140-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 01 Sep 2021 12:46:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 analytics.bundle.js Show response
v2.listenloop.com/ 96 KB
33 KB 44ms
20ms Script
application/javascript 2606:4700:3036::ac43:dfcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.listenloop.com/analytics.bundle.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:dfcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4e8ad8f9d914b473729264a87d08887e057378e485817f8629b4a691cb6432

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2037
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 3D11J388JSCGPXD1
x-amz-id-2: +UdTupZR2U8GQafAp7J+/rGedykNJcgThw/k30+sbKprlciksvsXT+SIwKw66275Izbz5NZaNTQ=
last-modified: Wed, 01 Sep 2021 08:11:54 GMT
server: cloudflare
etag: W/"98f437c371d690c05cd6c87fae5fd4cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiPaooCl5fnUkTf9vYi6uxLP8jaHttLCdLd7c1O5IHxIxjuafRG38Fmts2MXRQv6T9WBr5Oq8ydx8HnCzep55GDuqjrt0yuCGH6Szj0ygZ6%2FDT9Vpprswd55NRKTWK2HlImNZ634v57rOYM2el%2FbWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 687e9a47f84d5ca4-FRA

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 134ms
30ms XHR
text/plain 34.254.140.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=552c4298abe53d666aa63604&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1156&cE=1197&dLE=1156&dLS=1144&fS=1143&hS=1161&rE=-1&rS=-1&reS=1198&resS=2524&resE=2526&uEE=-1&uES=-1&dL=2527&dI=4173&dCLES=4174&dCLEE=4206&dC=5955&lES=5955&lEE=5963&s=nt&title=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&path=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&ref=&sId=1i4sxoy5&sST=1630500399&sIS=1&rV=0&v=1.4.1
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.140.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-140-182.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 01 Sep 2021 12:46:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H2 204 /
6852bd05.akstat.io/ 0
202 B 24ms
16ms Ping
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd05.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/M7Q82-FTRNS-TEZ4E-UCSZ2-NQJ9C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:39 GMT
content-type: image/gif
access-control-allow-origin: https://www.splunk.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Wed, 01 Sep 2021 12:46:39 GMT

GET
H/1.1

200
OK

results.txt Show response
lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p5v9nnxqp
https://lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

107ms
21ms

XHR
text/plain

2.16.186.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Wed, 01 Sep 2021 12:46:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p5v9nnxqp
https://fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

68ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:39 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net/eum/results.txt
Date: Wed, 01 Sep 2021 12:46:39 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=64bb10028a7d00002d762f61d602000032640f00&session=b83cfc37-11b7-4ca1-8b1c-4fb191f5532f&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A38%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ Frame 54FC 43 B
108 B 9ms
9ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fwww.splunk.com%2F&_biz_h=-1906410348&_biz_u=9e4d88c2ae0f48efd04ee5a921075128&_biz_s=670680&_biz_l=https%3A%2F%2Faccount.splunk.com%2Fsign-up%2Fhtml%2F%3Fuid%3Df2627b2b24%26version%3Dlatest%26dimensions%3D%7B%2522width%2522%3A%2522450%2522%2C%2522height%2522%3A1200%7D%26theme%3Dlight%26id%3Dheader-signup-xcomp%26locale%3Den_us%26redirectUrl%3Dhttps%3A%2F%2Fwww.splunk.com%2Fen_us%2Fdownload.html%26title%3DGet%2520Started%2520With%2520Splunk%26isQuickAccess%3D1%26isCloseButtonOn%3D1%26customProps%3D%7B%2522leadSource%2522%3A%2522splunk%2522%7D%26xcomponent%3D1&_biz_t=1630500400219&_biz_i=E-2%20and%20E-3%20Direct%20Sign%20Up&_biz_n=1&rnd=742230&cdn_o=a&_biz_z=1630500400219
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://account.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:40 GMT
last-modified: Sun, 29 Aug 2021 11:21:51 GMT
server: ECS (frb/6760)
age: 264289
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 197ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=64bb10028a7d00002d762f61d602000032640f00&session=b83cfc37-11b7-4ca1-8b1c-4fb191f5532f&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A39%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:40 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 hotjar-778215.js Show response
static.hotjar.com/c/ 51 KB
6 KB 80ms
29ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-778215.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5125bdba8016b0d15c5475407905b4123d68c10f9fe0c6b2ffe8ea8ef5e667b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 51
etag: W/58438c5a39be6a618dac00c4bd9a1080
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: na4c1xHBE0VHz1H1Qly8E55XNtRYz4xO38Az-vK3AzXoKRNkR04D5Q==
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)

GET
H2 200 FQgOcAAM.min.js Show response
scripts.demandbase.com/ 60 KB
16 KB 141ms
28ms Script
application/javascript 18.66.112.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/FQgOcAAM.min.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b62aa147dc874a3f75e86f0447a5d57ac504014b2cd0082559d786391e4fd1c7

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: QBQUQmoqKqCQgzjVeZWchJurpPXfbjif
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 19:13:56 GMT
server: AmazonS3
age: 151
etag: W/"c122ca4af3e58af3ff8ee7e231bd85eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Wed, 01 Sep 2021 12:44:31 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Xlw0oHa4Nl8zM5DBuEVN-DKHINVGqhAYqA3qiPokKkIQPNu0u6Pb4g==

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 5 KB
5 KB 68ms
22ms Script
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6bb0b70d8e655372c426bb4bd262f9b15d47c376c4d0289306b7f6bd1366a05

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
last-modified: Thu, 05 Nov 2020 19:35:28 GMT
server: AmazonS3
age: 55984
etag: "60d8e99dc4a881085d9730d1a9fc7c3f"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Tue, 31 Aug 2021 21:13:37 GMT
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4686
x-amz-cf-id: JjT1BGYMj0cPWkv_hSDK5MxYCmqNCoTBodBH8bYorMY9PzZameFdeQ==

GET
H2 200 26b58e1d9d1d.js Show response
w.usabilla.com/ Frame A3CC 72 KB
16 KB 94ms
29ms Script
text/javascript 99.80.169.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/26b58e1d9d1d.js?lv=1
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.169.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-169-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d778a8f13fd634ace9e797e6650c898993f3e23de06589de349e7d4de4e7b4c1

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:41 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "e99668c35fe5c91a3934efcd0a332cd9"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 16202

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame 7917
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525
https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525&dcc=t

65 B
973 B

125ms
124ms

Document
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525&dcc=t

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.splunk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A6XtGoaTE08Ml8PXrTzMomM|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

Server: Server
Date: Wed, 01 Sep 2021 12:46:41 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: ZJYGT3KQGCA3E2GSDSS2
Set-Cookie: ad-id=A6XtGoaTE08Ml8PXrTzMomM; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 12:46:41 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 12:46:41 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Wed, 01 Sep 2021 12:46:41 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 6Y7T5F3DC7TJ9NK4D8M7
Set-Cookie: ad-id=A6XtGoaTE08Ml8PXrTzMomM|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 12:46:41 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1630500401525&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 69ms
26ms Script
application/javascript 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zVj24LIxGmbR6w7f1CknhjzWqj71HADis-fCu8mNTPamcmBURyEWKA==

GET
H/1.1 200
OK splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 7316 2 KB
2 KB 65ms
22ms Image
image/png 18.66.107.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8946e8ab0408c419e21f26f0da2b8cf9c984eb9b29400d3289750398cb23e3ea

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 00:07:41 GMT
Via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 18 May 2021 14:55:26 GMT
Server: AmazonS3
Age: 650341
ETag: "77a48f8f9f814cbca9e89a9cef1a2ace"
X-Cache: Hit from cloudfront
x-amz-version-id: quw00hIHAjydomrSDmVhxRmQN7ZVmEoP
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1834
X-Amz-Cf-Id: bwtz2wNT6TLfGqxrZVU7wGdJexGvG411bhBUWDpkkHn0gmfdvEZVOg==

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame F8B8 2 KB
1 KB 81ms
27ms Document
text/html 18.66.112.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: U-4Ba-iXPuQVsUfh6bxrB_cyBk-byfqhKOWbrIuiAmVBnrsECe75qA==
age: 3933011

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 430 B
933 B 114ms
58ms XHR
application/json 18.66.97.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&page_title=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&src=tag&key=3ba085cbec5f85b5afa666ed40e727757c9caa91
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5915f2999f00c10915bb1832eac4b1028abe6ac7dbcf93081c470c1623fc73ab

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:41 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: da06c2e7-f5c3-456f-8d2b-37e3d7e5a2ba
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.splunk.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 60bm9xWUaaHYM3xRP_1L2lyO2sJYqqGpeCb472SxCx8qEBSa0C-pGg==
expires: Tue, 31 Aug 2021 12:46:41 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw&verifyHash=229a259ebaea63a40e777a3e820d75e07fb2a819

26 B
409 B

110ms
110ms

Image
image/gif

13.32.121.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw&verifyHash=229a259ebaea63a40e777a3e820d75e07fb2a819
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-62.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:42 GMT
Via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 2e0d63ca1957ecc3
X-Amz-Cf-Id: encphE-3aaOzk5dHht979V5RZ6AQUL4awUwX0Xf6DPWBoDp64Cq8jg==

Redirect headers

Date: Wed, 01 Sep 2021 12:46:41 GMT
Via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AABf4U7CXuwAABULdKs-jw&verifyHash=229a259ebaea63a40e777a3e820d75e07fb2a819
Connection: keep-alive
trace-id: 478d67c9cbf97c62
Content-Length: 0
X-Amz-Cf-Id: HPyNFwg-TZDgdDC2wKinLEhCZlcJeLCB4bmR9Z3eztkHO_fJxkpx8g==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 36ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:41 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 207ms
207ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=64bb10028a7d00002d762f61d602000032640f00&session=b83cfc37-11b7-4ca1-8b1c-4fb191f5532f&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A40%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%224010%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9979664

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a6976fd57cb54a3969c8796df725cf8d1ada3f4c694a5fb20b464e550bb562c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51762
x-xss-protection: 0
expires: Wed, 01 Sep 2021 12:46:41 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4462
date: Wed, 01 Sep 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 13:32:19 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
12ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5EPM2P39FV&gtm=2oe8u0&_p=1309204055&sr=1600x1200&ul=en-us&cid=1853934231.1630500399&_s=1&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&dt=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&sid=1630500401&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.page=%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&up.2=Not%20Logged%20In&up.4=1630500401795.6tc0gtjg&up.5=2021-09-01T14%3A46%3A41.795%2B02%3A00&up.7=Bot&up.8=(Non-Company%20Visitor)&up.16=1630500401795.bd4ebfc3-fc99-4426-987f-41f882df658b&up.24=GA%20-%20Pageview&up.25=9e4d88c2ae0f48efd04ee5a921075128&up.26=&up.32=0.3467823757697881_1630500401796&up.35=35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 417
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 01 Sep 2021 13:39:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-399680-1&cid=1853934231.1630500399&jid=1750970934&gjid=1622458253&_gid=1141743495.1630500399&_u=SDCAgUAjAAAAAE~&z=210556169

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 12:46:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1309204055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&dr=%2F&dp=%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&ul=en-us&de=UTF-8&dt=Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SDCAgUAj~&jid=1750970934&gjid=1622458253&cid=1853934231.1630500399&tid=UA-399680-1&_gid=1141743495.1630500399&gtm=2wg8u0TPV7TP&cd2=Not%20Logged%20In&cd4=1630500401800.ddepzpk&cd5=2021-09-01T14%3A46%3A41.800%2B02%3A00&cd7=Bot&cd8=(Non-Company%20Visitor)&cd16=1630500401800.3a4a9422-471a-40d5-a57e-e7b5edf2919a&cd24=GA%20-%20Pageview&cd25=9e4d88c2ae0f48efd04ee5a921075128&cd26=&cd32=0.3467823757697881_1630500401796&cd36=GA1.2.1853934231.1630500399&z=981988519

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 23:46:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46817
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-399680-1&cid=1853934231.1630500399&jid=1750970934&_u=SDCAgUAjAAAAAE~&z=821443769

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-399680-1&cid=1853934231.1630500399&jid=1750970934&_u=SDCAgUAjAAAAAE~&z=821443769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 12:46:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 205ms
204ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=c8996340-21ce-481a-8d99-d2982f7bcedc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A41%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225011%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:42 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 217ms
217ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=c8996340-21ce-481a-8d99-d2982f7bcedc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A42%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226012%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:43 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 2h26u57uzx7i.js Show response
js.driftt.com/include/1630500600000/ 214 KB
61 KB 182ms
136ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1630500600000/2h26u57uzx7i.js

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0467b2df5f294f99b0789980c4b793e310074506845aa274d86def91d459161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:44 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:56:33 GMT
server: nginx
etag: W/"5875dce8f1de15c0caa11fe8b42c2bed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IeqNQMWT5mwYwr4xekA5VzfmcvIApytP
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5VkFbB43a5aNqJyvMFugKaRKS2oInpGO2O_UH9MMETbLthRRUXW89w==

POST
H2 400 analytics Show response
pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/ 60 B
494 B 346ms
344ms Fetch
application/json 18.66.112.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/analytics
Requested by: Host: v2.listenloop.com
URL: https://v2.listenloop.com/analytics.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a488a8e0262a5148cd08ed509f8081e1f1eb88897d3cc9b2c591dfea3aea13c0

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amzn-requestid: b9011534-6cd0-4346-be91-3f83dd594cbd
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-612f7634-331dc440287330ac44ed1cd4;Sampled=1
x-cache: Error from cloudfront
x-amz-apigw-id: E-9oTFxFIAMF6kQ=
content-length: 60
x-amz-cf-id: PGkasx2n-lAloKwK2ZyLlrH34vQPLIn7pwt8guE8JIoyu5rbTfBJqA==
access-control-allow-headers: Content-Type

OPTIONS
H2 200 analytics
pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/ Frame 0
0 350ms
291ms Preflight
application/json 18.66.112.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/analytics
Protocol: H2
Server: 18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.splunk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 01 Sep 2021 12:46:44 GMT
x-amzn-requestid: 1320e66e-5fc0-4f15-ab30-6376f47a7c78
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: E-9oQGnzIAMFVgg=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: UoYPN5uWne4yhKO9BqR-bkvtSsf9q7OVoeIii8hEGSDwqh-GX33Mfg==

GET
H2 200 core Show response
js.driftt.com/ Frame D711 2 KB
1 KB 123ms
123ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false

Requested by

Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

394cb779c742349df967ca316c20f4dc78d5d1150535dba5b377624b8a891073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 30 Aug 2021 17:56:24 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 16vvFSfjy3gtrhTZ7WYUfM_bjN7uus6u
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 01 Sep 2021 12:46:44 GMT
cache-control: no-cache
etag: W/"5b961451311844db9e94477f019790d2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YvsxQ2DRcRRg0WSRx9trt_dRmdhqziVJAOihnAX0_rLEsrGDdm-JNg==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 9F6A 2 KB
1 KB 299ms
299ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1630500600000/2h26u57uzx7i.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

394cb779c742349df967ca316c20f4dc78d5d1150535dba5b377624b8a891073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.splunk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.splunk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 30 Aug 2021 17:56:24 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 16vvFSfjy3gtrhTZ7WYUfM_bjN7uus6u
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 01 Sep 2021 12:46:44 GMT
cache-control: no-cache
etag: W/"5b961451311844db9e94477f019790d2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: zKs0RS3ymrEXbLRDwa5n5psbkdgS28PQa10fyMUG2vcOjQ-hZgIUHw==

GET
H2 200 runtime~main.08a27f38.js Show response
js.driftt.com/core/assets/js/ Frame D711 6 KB
3 KB 19ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f2721a2bc893ea5d1278d59e42d8134aa3c1d678df0cfeeb43bd672a2f4ed51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:56:23 GMT
content-encoding: gzip
age: 154221
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:43 GMT
server: nginx
etag: W/"784f6a397a3210964e5fd039a9b71df3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 17zwXueTT_bCs75WUn3az_KZCIJ2PSnS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S2TY80HjUluTatBKBarYdeUSl9sErE1liIB78ikzv7IytvM7vlLYZA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 58 KB
20 KB 20ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K-sgkmWW2jAIsajgj5fuhIomYw6leNy4N-lvwhCzFU9V6CuO1npMHA==

GET
H2 200 main~493df0b3.1e5e8324.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 6 KB
3 KB 20ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.1e5e8324.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:09 GMT
server: nginx
etag: W/"820cfe69f4aac5422f87e3cb224a2121"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3cwKs.ecumrplOWKAtclmrytpqY5MXQF
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u9htTQENS2W_xSlBD3m1IXvRp7ofXfPgBnWTJ9sM-HsukLB8474IXA==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 44 KB
13 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:41 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X53tJE1P7zZzrNKCH9K5IMXWpKSN9iKX
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vpd1ObF9xnGLnAnd5TVc3XHSlb4pw4q5YmauQWNyN7qlB3J4gUm8QQ==

GET
H2 200 17.8ed91048.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 44 KB
13 KB 21ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"41277b8635c4131e3274bdd89ab78687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1ptguM3hmWHC1W5wedfPZ7zpkq1CTOcu
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cK0N3KY9NdOdllfEOnxSdcpkvT2193QboCdUaAzlKV6pi3pAfe0XLg==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 25 KB
8 KB 21ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:51:37 GMT
content-encoding: gzip
age: 150907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:41 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dfUTflf1oG_KL3hSczNauVLdp0E4NBiS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PvmQcgI7ZMeraxyOphZaVx6K7fFw_Rn35u_hDfeqrWRapviSRcuK0A==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 16 KB
5 KB 21ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mY-YukBGrwW4bw2DY8BUNnuftXy_zlrjyJFBnIN4HyWUNJmvEkosUw==

GET
H2 200 18.a763e229.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 68 KB
21 KB 22ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.a763e229.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"afa0a2316bb36ab3f1d512fbcf4230a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cUJ338yvQkNktcoy7FlfmNTzqhitVL04
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K7o4G5Py33z3GHb33hBFmS1gJOypB0cNMuqnN6_3CyS-jsOLGop3ew==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 16 KB
6 KB 23ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6lrJY1kA9Twq1hVkMeTSm9mAiHQhPHg4rwEz0iNG2dD50lzoImWbQQ==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 59 KB
19 KB 24ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fpaExQEM1IWDtr5WbYqzCRbf339JnnXEaoaQQvT42dHZBP5s-MJKCg==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 91 KB
28 KB 25ms
24ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fYj8ha_1fOJ2_UjN-E6neO-3F6w0NzMu-AlDSdGfBwIqR0hlokuR-g==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 23 KB
7 KB 27ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WC_9hrT1rI1jvCc31i6kaRWwP9OrqjXTcNis7Ff42HD-8KBToPVRNg==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 62 KB
19 KB 28ms
26ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PvIYBRGeI7Ise6lPBt95VpsR2-pSeg9aTIXTEdg0vx72QiLEHVGPzA==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 105 KB
34 KB 30ms
29ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wBiA7mipuDnmFKgt51-_ggW-Kv2nY1HwLNxuUbwWnalZ0OI2GNEt7Q==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 12 KB
4 KB 31ms
30ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DUYnIGoXbIfLNPsie72W_wnorjoSNAlgdYiiHLzzvB440rImHhs-2g==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 12 KB
5 KB 32ms
31ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: foQ-GxZ8KzEtvGXIh8roaPi_Bbw5I1G8-iss4ogqbA4G7XIlQB82Ig==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 17 KB
7 KB 32ms
31ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7fQ4l8D3JrALsEWE5cAPwFwGeNknsxUO2IRP7zc4-8v8vdJPwVkrHA==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame D711 12 KB
3 KB 32ms
31ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:38 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jqPtLkwubvG1TvxnyxOtoiSavx3CPUUL
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iWtFeXWIulD8XwB3Vd4ldUZF8_SdBKvRoi4TiKzFDx2Jj35_Tz71Rw==

GET
H2 200 7.5f15c86b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 70 KB
21 KB 33ms
32ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.5f15c86b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 413439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:03 GMT
server: nginx
etag: W/"5abc47dd682454e7eaa8a9697861ba70"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sRtow.05xocY2vUhSt2D1jM26g4zZODt
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oo5rEcZ94EPoNv1maRB_uu1pOfPzgr8fJxhDU88qSA_xQ8FVqsXuUA==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D711 24 B
667 B 32ms
31ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TfmgQv_drpWDpDFQ40YoCam2AoLRRF-WQEQM7kbYqDJHGNmAfXP_CA==

GET
H2 200 14.b4ccdf18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 71 KB
18 KB 35ms
34ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b4ccdf18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"424156efc8454352aa8b7daf6bc6ca05"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sGHlTmngusT7LOeN3EpKReX1CqmbKC3O
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ivJf4AoaO5pFKTDEmLE9v6Z7XW9v9UVs7KkJzrti7w6EQ-LK0iaAmA==

GET
H2 200 21.5f138501.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 44 KB
12 KB 36ms
35ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.5f138501.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"58960a5a7cc2dd275821cbade59c2642"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mHy4AJ1q2Jt6ogEPCK7CSfxlNrjqSNCn
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kvz58VAIcDXSYFfjFFEeg74NaZjQHGKHkoR-WKEQt1JeMJrhypiipQ==

GET
H2 200 13.a84fc7f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 37 KB
12 KB 36ms
36ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a84fc7f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1311ed7e11d4c624d91116f745a1e6bbcfa2c4cc31e8097d9ef548e10d5430a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:56:24 GMT
content-encoding: gzip
age: 154220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:40 GMT
server: nginx
etag: W/"1617984d46095712face18a9235b0690"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _BqYgcaQaBwGQ6b5ll6eJJ385bWoplG4
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E67DFWW5I6P2uokGSn3UbpPBgXREYQb1E0cJFWlynUsDHQIOhmM_7w==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame D711 2 B
403 B 475ms
113ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 01 Sep 2021 12:46:45 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 44 KB
13 KB 38ms
37ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:40 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UWuEfdEpnxTvOwgvlAMh_1.ilydHh9yx
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HGKnoSpuY0LwwD2u2tXrVCfKTAbM10RZrlHq7Vx0aOybdsLhS2wXyw==

GET
H2 200 19.4751f621.chunk.css
js.driftt.com/core/assets/css/ Frame D711 8 KB
2 KB 38ms
37ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.4751f621.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 2407783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:58 GMT
server: nginx
etag: W/"029a883905ad20930f71f89ac0560a17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N8v6pXkvkC2.KU.VFYkzepuu6NKNvxQ0
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PM4xiImpGGQ7AY86fKyoxNshZPwbbTiq8DddigUhk9m9rpR1mzxYqA==

GET
H2 200 19.bf02f73a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 15 KB
6 KB 38ms
37ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bf02f73a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a66097ab1b0a08627fb4c25b39785a44a7622539a4932e59c2b6dd4863c4195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 413439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:01 GMT
server: nginx
etag: W/"16130d365bf1313e1b55e8c473320c2a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kxd.bV6p5iQ2.ElwcZTXLyqiyDk8nGqJ
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mvtw2qcPNXvknAFG4aCUnM9pTLr4oFtS0iBwjCKlwEck5a7GOYRojA==

GET
H2 200 26.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame D711 365 B
1010 B 38ms
38ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 30 Aug 2021 17:38:38 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YvipIftkmY0BkTpAfTWVjukDHWzPPkq1
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: egKpcKJCyiIkxPyAgCuJd4pJQX-eypjdNaRj02luBNxpHUhXUOIPtQ==

GET
H2 200 26.ec719ba7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 77 KB
21 KB 39ms
38ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.ec719ba7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b0085f0451431dc24f53f1b6d318c8130ca17b39879631afedd0fcf7e10a142f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:38:26 GMT
content-encoding: gzip
age: 155298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:07:36 GMT
server: nginx
etag: W/"9dea6480edb52074c2869822a4d8284f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SWOJ9QCOqp4ZNB3qsU73ps1G94BQ2F9e
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 260LART7xgaSZ3D8UdAQe3U58sPWfvHMn90Wqm-LeMpEIOfREGtfLA==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 209ms
209ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=c8996340-21ce-481a-8d99-d2982f7bcedc&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A43%20GMT%22%2C%22timeSpent%22%3A%221048%22%2C%22totalTimeSpent%22%3A%227060%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:45 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.08a27f38.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 6 KB
3 KB 20ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f2721a2bc893ea5d1278d59e42d8134aa3c1d678df0cfeeb43bd672a2f4ed51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:56:23 GMT
content-encoding: gzip
age: 154221
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:43 GMT
server: nginx
etag: W/"784f6a397a3210964e5fd039a9b71df3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 17zwXueTT_bCs75WUn3az_KZCIJ2PSnS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gFygEItZ7YMyE_EdBWCxFRZAUGqz8aChxz9W4aIG8nQgsEdryG6Qcw==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 58 KB
20 KB 21ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1kF-OTXpMUoDR7YmxrRZzQFb33_XAumK3aJ-IXjWGsZCMc_gX518_w==

GET
H2 200 main~493df0b3.1e5e8324.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 6 KB
3 KB 21ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.1e5e8324.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:09 GMT
server: nginx
etag: W/"820cfe69f4aac5422f87e3cb224a2121"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3cwKs.ecumrplOWKAtclmrytpqY5MXQF
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iaUCZj2p90AxcoAKlvXkTvfRaLZXgge1OyTdD44oRPPcubnsuo3gIg==

GET
H2 200 42.84f5886d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 44 KB
13 KB 19ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:41 GMT
server: nginx
etag: W/"3dff2faf78d282147690e292eb6987fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: X53tJE1P7zZzrNKCH9K5IMXWpKSN9iKX
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gv_K0VP8ipzGJLiKmcHYjtZjtW_tQxFOJXO-06_eF_1-esO1g-HE1w==

GET
H2 200 17.8ed91048.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 44 KB
13 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"41277b8635c4131e3274bdd89ab78687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1ptguM3hmWHC1W5wedfPZ7zpkq1CTOcu
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UybATEbFxNEKgMG3-1Jia5aSqihoX0xE_BW2ahM6j9SDadraIxdAZA==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 25 KB
8 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:51:37 GMT
content-encoding: gzip
age: 150907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:41 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dfUTflf1oG_KL3hSczNauVLdp0E4NBiS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gZL_9RlRhGFhvucrW20Zn-lUqQ0uFKngVDO5G7A5y9f8I24mTFU2Mw==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 16 KB
5 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WR7fQYZw3aO939NQ-Mw35JWwnBHHelVn3SJC4fb3G3-nac_7ypvhbQ==

GET
H2 200 18.a763e229.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 68 KB
21 KB 21ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.a763e229.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"afa0a2316bb36ab3f1d512fbcf4230a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cUJ338yvQkNktcoy7FlfmNTzqhitVL04
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PiFofAb4oNk1QLCwR1nptJu023JHPIRx1fjIU4XqlKgegCXhZDohQw==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 16 KB
6 KB 21ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IxQRYzzYBqls4QMbR-bQtpvEGdjD0GNcfmbVQANS_NgSE-h0ySgpqQ==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 59 KB
19 KB 21ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K3pTBZFsdSV8cyBwMJIWc1kGlFv4E_ASIlEaR1GbvcJdqkKmHWue4g==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 91 KB
28 KB 23ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YgD9hwOvJTsBJd7_Qnyg3eWiCgjU2KRnUh-M11IaDHijW7DTpy_-rA==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 23 KB
7 KB 24ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PAvcAYl-hy_gosiB8QI30vRK2OITcuzzlXPa0qCqA0KBOmttPQfzMA==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 62 KB
19 KB 24ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s8Alszec1OaS9WannqXUYeMpvDyujP82JEXaTIY_7rqsCB3XY5sRdA==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 105 KB
34 KB 25ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Qp7XO8z6NL4LZJMyQcskABek7Opi604w10zFF3gT0LnvZ9OJkrKmg==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 12 KB
4 KB 26ms
24ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4wYLg4fbOATb1iN1Js19voilZESq_-uY_yHhCEotjXE7tZ5SO6JCbg==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 12 KB
5 KB 26ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: orYwAPM3Sc6VJGPcz7oJR0v-5N7fgy8CIA2DMnHkQowwad0FuJhC3Q==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 17 KB
7 KB 27ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yM5SOOhu_r2i7raPGJMlkNaVo0uIJPAdFs8n9NJ5u5lhmoRrwht3zQ==

GET
H2 200 7.e7855ffa.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 12 KB
3 KB 26ms
25ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.e7855ffa.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:38 GMT
server: nginx
etag: W/"7d15d8ca77c5224990008b95f855f068"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jqPtLkwubvG1TvxnyxOtoiSavx3CPUUL
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KOTyZwmBGMEbCZaLkVbB0PJ2okJKNS0b8HAun523O1a8MIU0XcmFKA==

GET
H2 200 7.5f15c86b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 70 KB
21 KB 28ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.5f15c86b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 413439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:03 GMT
server: nginx
etag: W/"5abc47dd682454e7eaa8a9697861ba70"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sRtow.05xocY2vUhSt2D1jM26g4zZODt
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dYdktS__EZ-6-tScnpIqkP1w7VGhXaCqWQfi8Mn14tOeEs1HFdqgtw==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 24 B
666 B 26ms
25ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
age: 2222066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eFIJsGCnb4ZqeUetUjswo4Cdz5vVQMwKgD-qYVOe6WT9VSXredld-A==

GET
H2 200 14.b4ccdf18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 71 KB
18 KB 28ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b4ccdf18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"424156efc8454352aa8b7daf6bc6ca05"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sGHlTmngusT7LOeN3EpKReX1CqmbKC3O
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DDxrHZQBWP1NvIuMvwJ06JDp1oPTRrtdtfTdGqSZ_qdxS0CmUnhBog==

GET
H2 200 21.5f138501.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 44 KB
12 KB 30ms
29ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.5f138501.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"58960a5a7cc2dd275821cbade59c2642"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mHy4AJ1q2Jt6ogEPCK7CSfxlNrjqSNCn
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wwXnK0fiMtdjDSMwL9I_IZXrFGa671GeAwmAUvx7wFSlcHztO6aIoQ==

GET
H2 200 13.a84fc7f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 37 KB
12 KB 30ms
29ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.a84fc7f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1311ed7e11d4c624d91116f745a1e6bbcfa2c4cc31e8097d9ef548e10d5430a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:56:24 GMT
content-encoding: gzip
age: 154220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:40 GMT
server: nginx
etag: W/"1617984d46095712face18a9235b0690"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _BqYgcaQaBwGQ6b5ll6eJJ385bWoplG4
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hshKSJdrgwTcJYq18wuHKiFKBKznyJqMyRGGsvLxwcCnS67-s8VYkg==

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame 9F6A 2 B
403 B 446ms
112ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 01 Sep 2021 12:46:45 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 6 KB
1 KB 20ms
20ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 5519817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Se716ztBpdZtPafeQq__gsgArHDoQw5FigWTuF7-U3OLEJ_NcBug4A==

GET
H2 200 30.894b0c48.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 2 KB
2 KB 20ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.894b0c48.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:41 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kiACusExlKI9MYjQiXCzBSCO_NPTCLE3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aFoYSMJg7djSJl6OI6Klw6RFaYf7cUF3K-WbFy1m4QuhleTnqSK7Tw==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 7 KB
2 KB 19ms
19ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 18:53:34 GMT
content-encoding: gzip
age: 150790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:38 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 25H3HlnTFBOQj.amjwdFdQ5a27XN5xAy
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j-MBsOpEAVDxeIcAmJ378JZWbaklDLVzccASBkMsEZexJQhk--uZQw==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 54 KB
16 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 2407783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I8q1pXxGkIR7quVHfsHEmnBZSiIaSjBLHsc9H71s8qkaF72P88ZvtQ==

GET
H2 200 0.74cb0a00.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 40 KB
7 KB 20ms
19ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.74cb0a00.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:36:35 GMT
content-encoding: gzip
age: 1102209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 17:56:35 GMT
server: nginx
etag: W/"1f6bbf72b2bba8102c81383a03c695a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Lf8x9tVb3mMVaREwOaIaliehk9zjSTkv
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E7O8CUFPBfWbQHTR3y0jfqpEUeitxohi6J6cM0H9oyMx6bzxUmLyYw==

GET
H2 200 0.2e209a87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 63 KB
21 KB 20ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.2e209a87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0babdb6b17f6eb191680384bfb85a4ee45fb470216a336ed04ab73c9eec30ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 17:56:24 GMT
content-encoding: gzip
age: 154220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 30 Aug 2021 17:38:39 GMT
server: nginx
etag: W/"c44b80756ebeac02a0a73eedb1813ddb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9FN3R_FBGGCFVMtdaHB0axJw.mM7FZSD
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: abUxjWJIkdAIAtssKHPiY-wDtXSqsv3iQS-K6kUIdyotvXpHEGoy-w==

GET
H2 200 28.a35d8593.chunk.css
js.driftt.com/core/assets/css/ Frame 9F6A 11 KB
3 KB 21ms
21ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.a35d8593.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 413439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:20:59 GMT
server: nginx
etag: W/"4e87789253b9d2feb20461043b23122f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: J1sEuldtMhnAnjgvjFcK0h4LMaWYJ2d9
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P1Ud2rSFC-ICd0vprzO_IJb4L-HTp7kJGZs3wJjO94sI5qdvb0ATQA==

GET
H2 200 28.d0089933.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 11 KB
5 KB 21ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.d0089933.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac1c8225921a5d51ebf3d57cdf0449ab5b1f71039a37f7ecdad91468898cf3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:56:05 GMT
content-encoding: gzip
age: 413439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 16:21:01 GMT
server: nginx
etag: W/"d9e851b50127b10b204b0f79d15533f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XjjgSKGQEYhM5JqvRcX5_IaTyN3lOYKH
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Jj_RyDeW1PeZobtFMZtmPSijPA16orrCBa-0zelVW7WCzKAeFl-rqQ==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame D711 25 B
123 B 116ms
116ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
server: istio-envoy
requestid: f4b9f04db4563703
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 329ms
107ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftb52b2cc403f8ef3dabac5e8e98d
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame D711 103 B
199 B 101ms
101ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

57bb638c7217136826798783215e0ee96440e75413e7b76e6b991629409d8d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
server: istio-envoy
requestid: be18969cbaaa3efe
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 302ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift31ecaf74a26822c30ca9da0d469
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame D711 4 KB
752 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.a84fc7f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 10:55:44 GMT
server: ESF
date: Wed, 01 Sep 2021 12:46:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Sep 2021 12:46:45 GMT

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 157ms
143ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.splunk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
date: Wed, 01 Sep 2021 12:46:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
113 B 155ms
155ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: www.splunk.com
URL: https://www.splunk.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://www.splunk.com/
Bugsnag-Sent-At: 2021-09-01T12:46:45.099Z
Bugsnag-Api-Key: e3b353492c8c0826f48cbc3c2ec3c0a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 12:46:45 GMT
via: 1.1 google
bugsnag-event-id: 612f7635007f90ee85270000
alt-svc: clear
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 2h26u57uzx7i.json Show response
embeds.driftcdn.com/embeds/ Frame D711 40 KB
10 KB 88ms
26ms XHR
application/json 18.66.97.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/2h26u57uzx7i.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f0cce61297bf5b173ace0390ddb1593cee0b7e957b17ed2769e038f98f04b32

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:46:36 GMT
content-encoding: gzip
age: 10
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 31 Aug 2021 17:38:26 GMT
server: AmazonS3
etag: W/"813f8d30b794d71dfe4def2e6e13f5fa"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Szzb4tKmlkHD-g5SZMjBsF-6TwVuf420hf5Wv6qR60MGANobs9z5-A==

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame D711 3 KB
2 KB 294ms
294ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

35b93b360369983ebce0e5e831969832d3511d96c1489feb15c54b092fdf8151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
content-encoding: gzip
server: istio-envoy
requestid: 1663c517cda169fc
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 194
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1545
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 201ms
200ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=6e61bfa7-db08-4a7e-82a3-2f5f613b6ebb&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A44%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%228061%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:46 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 2h26u57uzx7i Show response
targeting.api.drift.com/hours/availability/combined/ Frame D711 40 B
127 B 120ms
119ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/2h26u57uzx7i

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTE3NDQ0NTU1NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNDY5ODUiLCJleHAiOjE2NjIwMzY0MDUsImlhdCI6MTYzMDUwMDQwNX0._fGMfYNPTImlWlS9oAzAm6xbPd44yL39tNtClv7gtybCEfN-Vl1EoB1AmqheC6EQ0z4CHcSiOtyxAr_xxmPSLg

Response headers

date: Wed, 01 Sep 2021 12:46:46 GMT
server: istio-envoy
requestid: ba53bc28afed05cb
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 40
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 2h26u57uzx7i
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 101ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/2h26u57uzx7i

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:45 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: driftf2be6804fa285d6cc2af043aa33
content-length: 18
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame D711 653 B
1 KB 104ms
104ms XHR
application/json 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

9839c22946a5e20fb41425280c1becc158d2b3e7bf387b6253fb7ac5ce14e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTE3NDQ0NTU1NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNDY5ODUiLCJleHAiOjE2NjIwMzY0MDUsImlhdCI6MTYzMDUwMDQwNX0._fGMfYNPTImlWlS9oAzAm6xbPd44yL39tNtClv7gtybCEfN-Vl1EoB1AmqheC6EQ0z4CHcSiOtyxAr_xxmPSLg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:46 GMT
requestid: b1cf3478a13edc52
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 653

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 319ms
104ms Preflight
text/plain 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:46 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift2d83f3048149d6648c7de6c3e11

GET
H2 200 47.493f75a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D711 17 KB
6 KB 19ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.493f75a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=2h26u57uzx7i&region=US&forceShow=false&skipCampaigns=false&sessionId=0873115f-edd5-4a0b-ab4a-779fa55efcbf&sessionStarted=1630500404.547&campaignRefreshToken=1bdeeb36-20b7-4f7d-97d0-106a9040eba8&hideController=false&pageLoadStartTime=1630500395864&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:18 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"a5cb3268e41c0f3a5553cd123f8e0254"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ae2nFEWqvwri2dPh_vbT.sH73JIri897
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p1wHNKZcXTLFGQ2qFmJ_BbWPLQcwPtMlf4mjXiI1gmZT6viXdduN4A==

GET
H2 200 47.493f75a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 9F6A 17 KB
6 KB 20ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.493f75a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.08a27f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1630500395864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:18 GMT
content-encoding: gzip
age: 758307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"a5cb3268e41c0f3a5553cd123f8e0254"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ae2nFEWqvwri2dPh_vbT.sH73JIri897
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: egstFDpoi4HR2CcE-GU_40uphx-i9-PQp6VUBuywG9pp5WNHE13snw==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 197ms
197ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=6e61bfa7-db08-4a7e-82a3-2f5f613b6ebb&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A45%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%229063%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:47 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame D711 25 B
89 B 123ms
122ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTE3NDQ0NTU1NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNDY5ODUiLCJleHAiOjE2NjIwMzY0MDUsImlhdCI6MTYzMDUwMDQwNX0._fGMfYNPTImlWlS9oAzAm6xbPd44yL39tNtClv7gtybCEfN-Vl1EoB1AmqheC6EQ0z4CHcSiOtyxAr_xxmPSLg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:47 GMT
server: istio-envoy
requestid: 441655d83f2dea96
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 106ms
106ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:47 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift563d5614279af10bd5cf0e97794
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
196ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=6e61bfa7-db08-4a7e-82a3-2f5f613b6ebb&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A46%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%2210063%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:48 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame D711 25 B
84 B 105ms
105ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.84f5886d.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTE3NDQ0NTU1NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNDY5ODUiLCJleHAiOjE2NjIwMzY0MDUsImlhdCI6MTYzMDUwMDQwNX0._fGMfYNPTImlWlS9oAzAm6xbPd44yL39tNtClv7gtybCEfN-Vl1EoB1AmqheC6EQ0z4CHcSiOtyxAr_xxmPSLg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Sep 2021 12:46:50 GMT
server: istio-envoy
requestid: cd648d97d4a1f413
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 105ms
105ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 01 Sep 2021 12:46:50 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftb06b0b8444b8a334ca0767789d9
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 207ms
207ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&session=1adbff28-3057-493b-8340-185b1fb016e2&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2001%20Sep%202021%2012%3A46%3A47%20GMT%22%2C%22timeSpent%22%3A%223001%22%2C%22totalTimeSpent%22%3A%2213064%22%7D&isIframe=false&m=%7B%22description%22%3A%22SeriousSAM%20or%20CVE-2021-36934%20is%20a%20Privilege%20Escalation%20Vulnerability.%20The%20Splunk%20Threat%20Research%20team%20recommends%20performing%20an%20assessment%20to%20better%20understand%20the%20impact%20of%20this%20vulnerability%20in%20corporate%20environments.%20%22%2C%22keywords%22%3A%22SeriousSAM%2C%20CVE-2021-36934%2C%20Privilege%20Escalation%20Vulnerability%22%2C%22title%22%3A%22Detecting%20SeriousSAM%20CVE-2021-36934%20With%20Splunk%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&pageViewId=1536325f-77e7-41da-890c-3934bfe542fe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 12:46:51 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Mon, 07 Jun 2021 21:53:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60be9562-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.disqus.com/	1970-01-20 05:40:36	Name: disqus_unique Value: dfe6o5m7bnnd
account.splunk.com/sign-up/html	1970-01-19 20:55:10	Name: pa-l Value: pa-l=sid%3Ds2z2wk29%26sst%3D1630500399%26sis%3D1%26rv%3D0
.splunk.com/	1970-01-25 08:19:00	Name: trackAffiliate Value:
www.splunk.com/	1970-01-19 20:55:14	Name: _gd_session Value: b83cfc37-11b7-4ca1-8b1c-4fb191f5532f
.splunk.com/	1970-01-19 20:56:26	Name: _gid Value: GA1.2.1141743495.1630500399
www.splunk.com/	1970-01-19 20:55:00	Name: outbrain_cid_fetch Value: true
www.splunk.com/	1970-01-20 14:26:12	Name: _gd_svisitor Value: 64bb10028a7d00002d762f61d602000032640f00
www.splunk.com/	1970-01-20 05:40:36	Name: vaid Value: 475947354414314
.splunk.com/	1970-01-19 23:04:36	Name: _fbp Value: fb.1.1630500397898.2089612755
.splunk.com/	1970-01-19 20:55:02	Name: _biz_sid Value: 670680
.splunk.com/	1970-01-20 05:40:36	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Sep+01+2021+14%3A46%3A37+GMT%2B0200+(Central+European+Summer+Time)&version=6.18.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.splunk.com%2Fen_us%2Fblog%2Fsecurity%2Fdetecting-serioussam-cve-2021-36934-with-splunk.html&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
.splunk.com/	1970-01-19 23:04:36	Name: _gcl_au Value: 1.1.375349214.1630500398
.splunk.com/	1970-01-20 14:26:12	Name: _ga Value: GA1.2.1853934231.1630500399
.splunk.com/	1970-01-20 06:16:36	Name: _uetvid Value: a5a7c6000b2211eca5cf9fe4d63d56bc
disqus.com/	1970-01-19 20:55:02	Name: __jid Value: dfe6lqvbpgk2
.splunk.com/	1970-01-20 05:40:36	Name: _biz_pendingA Value: %5B%5D
.splunk.com/	1970-01-19 20:56:26	Name: _uetsid Value: a5a7d8400b2211ecb1f765f8b6e5e32d
www.splunk.com/	1970-01-19 20:55:03	Name: acCode Value: null
account.splunk.com/	1970-01-19 20:56:26	Name: sails.sid Value: s%3AK5UB69kTVqxWHHJl5F0De8kb-Ch503yt.WoIwIAMfu08gYdMCgFiM0aCGBqsazGyzq7XzfwsPeRE
.splunk.com/	1970-01-20 05:40:36	Name: _biz_nA Value: 1
www.splunk.com/	1970-01-19 21:05:05	Name: _an_uid Value: 0
www.splunk.com/en_us/blog/security	1970-01-19 20:55:10	Name: pa-l Value: pa-l=sid%3D1i4sxoy5%26sst%3D1630500399%26sis%3D1%26rv%3D0
.splunk.com/	1970-01-20 05:40:36	Name: _biz_uid Value: 9e4d88c2ae0f48efd04ee5a921075128
.splunk.com/	1970-01-19 20:55:03	Name: AKA_A2 Value: A
www.splunk.com/	1970-01-20 14:26:12	Name: _gd_visitor Value: e9988d0d-06d4-42b5-8a1b-947b564dc7a5
.splunk.com/	1970-01-20 05:40:36	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
www.splunk.com/	1970-01-20 05:40:36	Name: vlmref Value: 475947354413112

148 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_construct_parent [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_render_iframe [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_open_iframe [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_resize [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_load_url [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: ping
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"settings":{"should_obtain_cookie_consent":true,"features":{"tfw_experiments_cookie_expiration":{"bucket":1209600,"version":null},"tfw_horizon_tweet_embed_9555":{"bucket":"hte","version":null},"tfw_space_card":{"bucket":"off","version":null}}},"namespace":"twttr.settings","sessionId":"43a3df2c357fdd6e9ac5ac620cd00ab93b4d04bf"}
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1642523699107798.
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"ready","data":[]}
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"posts.count","data":[]}
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"resize","data":{"height":494}}
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"rendered","data":{"height":394}}
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"resize","data":{"height":395}}
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"fakeScroll","data":[]}
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_construct_child [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_init_child [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_send_to_parent_xcomponent_init [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 1) Message: [post-robot] iframe :: account.splunk.com/sign-up/html/ #send request :: xcomponent_init :: https://www.splunk.com [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: { "__postRobot__": { "hash": "postrobot_ready_59e7962740", "type": "postrobot_message_request", "name": "postrobot_ready", "data": {}, "domain": "*", "sourceDomain": "https://account.splunk.com", "id": "e099205c74", "windowType": "iframe" } }
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 1) Message: [post-robot] fullpage :: www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html #receive request :: xcomponent_init :: https://account.splunk.com [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 2) Message: xc_signup_xcomponent_listener_init [object Object]
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 1) Message: [post-robot] fullpage :: www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html #send response :: xcomponent_init :: https://account.splunk.com [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: { "__postRobot__": { "hash": "xcomponent_init_1c52c61fcd", "type": "postrobot_message_request", "name": "xcomponent_init", "data": { "exports": { "updateProps": { "__type__": "postrobot_method", "__id__": "80b8fb64bb", "__name__": "updateProps" }, "close": { "__type__": "postrobot_method", "__id__": "839f4dcd4c", "__name__": "close" } } }, "domain": "https://www.splunk.com", "sourceDomain": "https://account.splunk.com", "id": "e0cbd5b582", "windowType": "iframe" } }
console-api	info	URL: https://account.splunk.com/sign-up/js/xcomponent.min.js(Line 1) Message: [post-robot] iframe :: account.splunk.com/sign-up/html/ #receive response :: xcomponent_init :: https://www.splunk.com [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: [object Object]
console-api	log	URL: https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html(Line 691) Message: {"scope":"host","sender":"dsq-app2276","name":"tracking:init","data":{"shouldTrack":false,"isMobile":false,"hostIdentityActive":true}}
console-api	debug	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: [bugsnag] Loaded!
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"86316c26fb_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"postrobot_hello_cb78bac0f2_mti6ndy6ndq","name":"postrobot_hello","data":{"instanceID":"fa12295ad3_mti6ndy6ndq"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"1bcd3623b4_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"create-event_9693a8a941_mti6ndy6ndq","name":"create-event","data":{"_meta":{"id":"036ff944-9eff-4260-90d6-1ee63c412573","source":"drift_widget"},"name":"drift::controllerReady","meta":{}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"84fa868432_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"create-event_652074a333_mti6ndy6ndq","name":"create-event","data":{"_meta":{"id":"d710cc18-7b87-48d3-8d57-b4897817595a","source":"drift_widget"},"name":"drift::apiReady","meta":{}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"43b32c320d_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"postrobot_hello_593167d215_mti6ndy6ndq","name":"postrobot_hello","data":{"instanceID":"8cc77006e5_mti6ndy6ndq"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"6294826274_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"create-event_2d20565a32_mti6ndy6ndq","name":"create-event","data":{"_meta":{"id":"4087a06b-e37a-43c4-835a-e890867631d6","source":"drift_widget"},"name":"drift::chatReady","meta":{}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"a1110824ef_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"init-ready_654b6e05d5_mti6ndy6ndq","name":"init-ready"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"d3fb3a1ff6_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_b869fcc4ce_mti6ndy6ndq","name":"controller:action-dispatch","data":{"_meta":{"id":"db4125a0-0e57-4c1f-96bc-daba776c6b05","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_INIT_TIMESTAMP","payload":1630500404983}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"d0ec9f1f13_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_e8b6d14dad_mti6ndy6ndq","name":"controller:action-dispatch","data":{"_meta":{"id":"19931875-8da3-43a9-968e-5878df919584","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SESSION","payload":{"session":{"sessionId":"0873115f-edd5-4a0b-ab4a-779fa55efcbf","sessionStarted":"1630500404.547","campaignRefreshToken":"1bdeeb36-20b7-4f7d-97d0-106a9040eba8","instanceId":"4bac3168-e5e3-46ea-897f-fd711002095d"}}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"de711a9363_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-window-context_17730d1f94_mti6ndy6ndq","name":"get-window-context","data":{"_meta":{"id":"5e4948c4-5b92-4d47-8bd2-2fa57afd6ce1","source":"drift_widget"}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"1543960dec_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"init-ready_654b6e05d5_mti6ndy6ndq","name":"init-ready"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"694d12238b_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_c8f0a5ffd3_mti6ndy6ndq","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"879081d09e_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_c8f0a5ffd3_mti6ndy6ndq","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"2c9df497e5_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_89163678e1_mti6ndy6ndq","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"7c4bd95c41_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_89163678e1_mti6ndy6ndq","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"8e06c9f4be_mti6ndy6ndq","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_2dc0e3c170_mti6ndy6ndq","name":"controller:action-dispatch","data":{"_meta":{"id":"2ee052eb-39a4-43a7-892b-07aae50f5c10","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_CONTEXT","payload":{"page":{"hostname":"www.splunk.com","referrer":"","search":"","path":"/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html","title":"Detecting SeriousSAM CVE-2021-36934 With Splunk \| Splunk","url":"splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html","href":"https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36","locale":"en-US","timezone":"Europe/Berlin","currentSessionStartedAt":1630500404.547,"currentPageViewStartedAt":1630500404.547,"activeSessionStartedAt":1630500404.547,"innerWidth":1600,"innerHeight":1200}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"4e8485b4e5_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_54016c2fbb_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"686250cb43_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_54016c2fbb_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"846e02eaf3_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_a65dcce4ba_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"6cddca7f-7b7c-44ae-b2be-7a31adcad944","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SERVER_RESPONSE_SIZE","payload":{"size":48}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"2c8d900619_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_169687821f_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"01b24d8a28_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_169687821f_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"951a2b458c_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_0bb8976d3e_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"939fe11c-1189-4220-a549-29eb17339940","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SERVER_RESPONSE_SIZE","payload":{"size":33630}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"aaddf9b471_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_cf12356840_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"97eb1931-510c-4b0a-9ad3-ebf38d302f1b","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_EMBED_CONFIGURATION","payload":{"id":"2h26u57uzx7i","url":"https://js.driftt.com/embeds/2h26u57uzx7i.json","snippet":null,"orgId":1146985,"verified":false,"includeUrl":"https://js.driftt.com/include/54347716/2h26u57uzx7i.js","configuration":{"inboxId":248987,"refreshRate":300000,"layerAppId":null,"inboxEmailAddress":"bfaxhzsfkww5@fwd.drifttmail.com","authClientId":"6mx25hy22pgpbc","redirectUri":"https://app.drift.com","organizationName":"Splunk","organizationAddress":null,"organizationUrl":"www.splunk.com","organizationTwitterLink":null,"organizationLinkedinLink":null,"organizationFacebookLink":null,"theme":{"backgroundColor":"363c44","foregroundColor":"FFFFFF","textColor":"FFFFFF","activeColor":"e20082","widgetBackgroundColor":"FFFFFF","logoUrl":null,"iconUrl":"https://driftt.imgix.net/https%3A%2F%2Fs3.amazonaws.com%2Fdrift-public-prod%2F1146985%2Fb075166f4ff61f16e3c12d6da1821837dv3gdirdzpyr?fit=max&h=168&w=168&s=93e003ed80defa841c1cb310863760cd","userListMode":"CUSTOM","userList":[null],"welcomeMessage":"How can we help? We're here for you!","awayMessage":null,"awayMessageSenderId":0,"emailCaptureMessage":null,"awayImageUrl":null,"confirmationMessage":null,"confirmationImageUrl":null,"audience":"PREVIOUS","timezone":"America/Denver","showWelcomeMessage":true,"targetId":1442781,"conditions":[[{"field":"url","operator":"notIncludesAnyOf","value":["splunk.com"],"providerName":null}]],"phoneCollectedWhenAway":false,"openHours":[{"opens":"00:00:00","closes":"23:59:59","dayOfWeek":"EVERYDAY"}],"userListIds":[],"iconStyle":"SOLID2","alignment":"right","fontFamily":"Arial","soundNotificationEnabled":false,"titleNotificationEnabled":false,"unreadBadgeEnabled":false,"teamDirectoryHeading":null,"teamDirectoryDescription":null,"captureEmail":false,"availabilityBasedOnline":false,"allowEndUserFileUpload":true,"allowEndUserToSendGif":true,"allowAgentFileUpload":true,"showUnfurl":false,"disableNewConversations":true,"cookieGeneration":null,"externalIdBlacklist":[],"widgetHalfHeight":true,"enableChatIfConversationHistory":true,"externalIdWhitelistPattern":null,"urlWhitelist":["splunk.com"],"signedIdentityRequiredStatus":"DISABLED","cookieDomains":[],"widgetIconShape":null,"widgetIconBorderEnabled":false,"conversationHistoryEnabled":false,"widgetIconPosition":{"desktop":{"type":"DEFAULT","spacing":{"bottom":"10"}},"mobile":{"type":"DEFAULT","spacing":{"bottom":"75"}}}},"dataProtection":{"consentId":"has_consent","default":"en","policies":{"en":{"id":"en","message":"Hi there! We would love to talk with you. Under the EU General Data Protection Regulation, we need your approval for our use of personal information (e.g. your name and email address) you may provide as we communicate:\n\n(1) We'll store your personal information so that we can pick up the conversation if we talk later.\n\n(2) We may send you emails to follow up on our discussion here.\n\n(3) We may send you emails about our upcoming services and promotions.\n\nIs this okay with you?","giveConsentLabel":"Yes, I Accept","declineConsentLabel":"No, Not Now","consentDeclinedMessage":"That's okay. You can view the policy any time and consent to continue.","lastUpdated":1554220486505}},"targeting":"EU"},"chatEnabled":true,"leadChatEnabled":true,"enabled":true,"widgetStatus":"ON","widgetMode":null,"showBranding":false,"campaigns":[{"id":1280608,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1565215036048,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"urlPath","operator":"includesAnyOf","value":["/pricing/","/resources/","/software/","/it/","/cyber-security/","/iot/","/solutions/","/about-us/why-splunk.html","/industries/","/value-calculator","/form/critical-it-incident-calculator","/download/","/customers/","/resources/","/devops/"],"providerName":null},{"field":"demandbase","operator":"demandbase","value":"AGGrlcKKPZgBWUhKin4Gg7Mp2y7fzo5FlmVCZLB-vL5P54zhJIgxMjS_j6m0TJQZ6uv4-MTe3V9r-fxNb3b3mrSCFfBy4E4xfInYsiXDYihTfUaDIdmadyy8MhXYYH6gG0jpdYHtzcEdRBQvELhtgk5L1fzOcIDd5hsWpt6BHZjlC8_Jd3xrqiYHRjbZlhvedjdMEeSIlkzti34E8S9exj42lsBlhtDxFQ","providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[941353],"providerName":null}],[{"field":"demandbase","operator":"demandbase","value":"AGGrlcLqk8-xhu5oDtg8QJw2c3z2FBUeSXafUrGbph6Sn-330jlUElm2H5oSk4F_It4errB1mOl7HxhM_Kgoo8EC9rxtGBOwnytSME5iSxOjgJ2C2Fdb_4-uYn4qiBncIUUZIDEbwWvjt_0Ow2fjt6_f6vPgLa0p4RAR9twRUlt3EuNTkVHilu27BoF8WDm4Z66Jd1KreRiRZO8m7jmH5GqsSLDF-tyZIA","providerName":null},{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"isAnyOf","value":["www.splunk.com"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[941353],"providerName":null}],[{"field":"url","operator":"isAnyOf","value":["www.splunk.com"],"providerName":null},{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[941353],"providerName":null},{"field":"clearbit","operator":"clearbit","value":"AGGrlcKvQQbARlmNB47GmfN3faxbTsbkhDZ5TBCP8D32bSnJqmODm1TYdVd5upl749u03Iv-X0z11UdzDme3J99lv4WvGcJZdfhZjjle0s2vG1Nu2S3QA_zPq6FS8Vv5iiR4Bv_FkYkvrQyS7ZtmHB1NzX6hHz5D7ZdPHXAdi9_NVLQIKfU6i_4xo_BPlYAbtuyz9FDcg3SJsuNRdfQcjkXEwZKt916RtdefboiF6wIryd-xDomzIWjNKJRqQjuPkd-DW05lOfItWS2_X8DkJsCampLh4s9_66mdbp3jMiW57dAsYZy43ZOZyhxTJ1qAy2uwpsQHDeVG","providerName":null}],[{"field":"teamAvailability","operator":"isAvailable","value":[941353],"providerName":null},{"field":"accountSegment","operator":"notIntersectionEmpty","value":["3f358299zxf4fczx48c7zxb351zxd3c47a514b02"],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":99498,"priority":2,"playbookId":1204697,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1618508088797,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2410462,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1624973113700,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"includesAnyOf","value":["/en_us/software/pricing"],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":281751,"priority":3,"playbookId":2315249,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ALWAYS","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1627472264890,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":1679502,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1577985675591,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"includesAnyOf","value":["https://www.splunk.com/en_us/software/splunk-enterprise.html","https://www.splunk.com/en_us/software/splunk-cloud.html","https://www.splunk.com/en_us/software/stream-processing.html","https://www.splunk.com/en_us/software/it-service-intelligence.html","https://www.splunk.com/en_us/software/victorops.html","https://www.splunk.com/en_us/software/splunk-enterprise/aws-cloud-monitoring-insights.html","https://www.splunk.com/en_us/software/splunk-enterprise/server-and-infrastructure-monitoring-and-troubleshooting.html","https://www.splunk.com/en_us/software/enterprise-security.html","https://www.splunk.com/en_us/software/splunk-security-orchestration-and-automation.html","https://www.splunk.com/en_us/software/user-behavior-analytics.html","https://www.splunk.com/en_us/software/infrastructure-monitoring.html","https://www.splunk.com/en_us/software/microservices-apm.html","https://www.splunk.com/en_us/software/","/platform/"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[943311],"providerName":null},{"field":"demandbase","operator":"demandbase","value":"AGGrlcLhYIUfBxevlfjMuFyD0-_3DtDisxiA4F5SxSIDuqselma52fFHbhtIqoMLbyG_mBoAGLm3F58ODyKl5padOnSdpj_0RkySYHwiyn1CPtwfdtRSM3QwB7CE0-t08vsIJB0OEI95wEDpRk3me-ggcwKTzUDjEPAlVXwkSj4hN6OpFGwj_2QLBnAxin9wJMbUILqOVPmomfn0QMvjjfcK68r3a2gjzw","providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":122325,"priority":6,"playbookId":1590935,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ALWAYS","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1619725830424,"isExperiment":true,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":1123887,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1561068362935,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"urlPath","operator":"includesAnyOf","value":["https://www.splunk.com/software/splunk-enterprise.html","https://www.splunk.com/en_us/software/splunk-cloud.html","https://www.splunk.com/en_us/software/stream-processing.html","https://www.splunk.com/en_us/software/it-service-intelligence.html","https://www.splunk.com/en_us/software/victorops.html","https://www.splunk.com/en_us/software/splunk-enterprise/aws-cloud-monitoring-insights.html","https://www.splunk.com/en_us/software/splunk-enterprise/server-and-infrastructure-monitoring-and-troubleshooting.html","https://www.splunk.com/en_us/software/enterprise-security.html","https://www.splunk.com/en_us/software/splunk-security-orchestration-and-automation.html","https://www.splunk.com/en_us/software/user-behavior-analytics.html","https://www.splunk.com/en_us/software/infrastructure-monitoring.html","https://www.splunk.com/en_us/software/microservices-apm.html","https://www.splunk.com/en_us/software/","/platform/"],"providerName":null},{"field":"teamAvailability","operator":"isNotAvailable","value":[943311],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":91399,"priority":7,"playbookId":1053518,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ALWAYS","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1619725824953,"isExperiment":true,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2311294,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1614087786850,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"urlPath","operator":"includesAnyOf","value":["/en_us/cloud-transformation.html"],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":257616,"priority":8,"playbookId":2215521,"rolloutPercent":100,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1617389825034,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2293757,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1612386949378,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"urlPath","operator":"isAnyOf","value":["/"],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":253722,"priority":9,"playbookId":2197812,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1628080526398,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":1663404,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1576183095513,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"includesAnyOf","value":["https://www.splunk.com/en_us/download.html","https://www.splunk.com/en_us/about-us/why-splunk.html","https://www.splunk.com/en_us/it","https://www.splunk.com/en_us/cyber-security","https://www.splunk.com/en_us/devops"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[943311],"providerName":null},{"field":"demandbase","operator":"demandbase","value":"AGGrlcLV3667CN-_JuwahsGq-D7znXAeKWR6uRfBL4CIaAB_ct_9pxdJXeSDxWdH8VxO8qeDj6n53-I0WagmJHJpBatAfpYDELzo-eOd4N0OpGcM6-7gR_xtH__3KS7ZHKLgGqF_8N884kBlxFJestcrmNoHr8YKv-Sl8OjesohEyekmP8W7omQRTNZ_fvyrJExB_bHqicjg_bUS6LoNTTG_4Ukd7aMsNA","providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":120380,"priority":10,"playbookId":1575678,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1618508835848,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":922590,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1554230749174,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"urlPath","operator":"includesAnyOf","value":["https://www.splunk.com/en_us/download.html","https://www.splunk.com/en_us/about-us/why-splunk.html","https://www.splunk.com/en_us/it","https://www.splunk.com/en_us/devops/","https://www.splunk.com/en_us/cyber-security"],"providerName":null},{"field":"teamAvailability","operator":"isNotAvailable","value":[943311],"providerName":null}]],"attributes":{"message":"Hey there!","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":76377,"priority":11,"playbookId":862638,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1618509146858,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2051365,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1592399064814,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"isAnyOf","value":["https://www.staging.splunk.com/en_us/download.html"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[943311],"providerName":null},{"field":"demandbase","operator":"demandbase","value":"AGGrlcKZ1a2KW8gQ0HD33WsDEpXjZljdG_cYZNyHLp5qb9XnCP9IUN7kYr6BYXBMT98PUAWGQ50ZLh1ttqvJIF85HAs98zMmet6VM2Ne05Hj2Mz5uuz8ScHBIpAYErEPFwvM2coZaBDXhpdGdjkZP9Y9twykBjYNtPhmIc9npJYEkOpqBPJGclxC1DLdfX7smK4bZdhFa5rxRbruLkYvLjnFQknzS764wg","providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":203148,"priority":12,"playbookId":1956219,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE_PER_SESSION","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1617570317944,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2083377,"inboxId":248987,"type":"BOT","audience":"NONE","userListIds":[],"createdAt":1594652032202,"conditions":[],"attributes":{"message":"<div>Thanks for watching!</div>","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":209509,"priority":16,"playbookId":1987730,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ONCE","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1594652032572,"isExperiment":false,"hasFallback":false},"controlResponsibility":"SERVER"},{"id":2390484,"inboxId":248987,"type":"BOT","audience":"NONE","userListIds":[],"createdAt":1622553809750,"conditions":[],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":276456,"priority":27,"playbookId":2295276,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ALWAYS","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1623341659242,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"},{"id":2443397,"inboxId":248987,"type":"BOT","audience":"EVERYONE","userListIds":[],"createdAt":1629212585272,"conditions":[[{"field":"geoCountryCode","operator":"isAnyOf","value":["US"],"providerName":null},{"field":"url","operator":"includesAnyOf","value":["https://www.staging.splunk.com/en_us/talk-to-sales/pricing.html"],"providerName":null},{"field":"teamAvailability","operator":"isAvailable","value":[943311],"providerName":null}]],"attributes":{"message":"","senderId":1455036,"delivery":"FOREVER","messageType":"CHAT","messageDeliveryChannel":"CHAT","interactionId":289801,"priority":29,"playbookId":2347906,"rolloutPercent":100,"automaticSender":false,"isRepeatable":false,"outbound":false,"testSequence":false,"unenrollOnReply":false,"unenrollOnReplyByDomain":false,"excludedUserListIds":[],"roundRobinSenderList":[],"smartSending":false,"weekdaysOnly":false,"threadedWithPrevious":false,"campaignReenrollmentType":"ALWAYS","accountListIds":[],"excludedAccountListIds":[],"orderInPlaybook":null,"allowTeamAvailability":true,"isDriftVideoCampaign":false,"updatedAt":1630431503976,"isExperiment":false,"workspaceId":"default","hasFallback":false},"controlResponsibility":"SERVER"}],"interactionSlugMap":{"pricing-1-2-dbe2427c-c04417bc":289800,"pricing-1-2-dbe2427c":281751,"pricing-1-1":91399,"qualification-2-1-1-7d6fbe32":203148,"video-bot-template":209509,"qualification-2-46369ca5-8de2cb34":257616,"qualification":76377,"pricing-1-2-9864570c":276456,"qualification-2-1-1":120380,"pricing-1-1-1":122325,"qualification-1":77258,"qualification-2-1":99498,"qualification-2-8095849b":253722,"pricing-1-2-dbe2427c-4fd34eb1":289801},"interactionTestingSlugMap":{"bot_test-1146985-PlnrBh9G":238266,"bot_test-1146985-EJk1stdO":227177,"bot_test-1146985-NlG4uudV-experiment":91399,"bot_test-1146985-oxnwQnwB":77258,"bot_test-1146985-nmy7IKQC":122331,"bot_test-1146985-nV9HUNAR":281751,"bot_test-1146985-Km5M4PTX":289804,"bot_test-1146985-KJ0RFkiH":222832,"bot_test-1146985-uowjqbTz":257616,"bot_test-1146985-d6eEEusl":203148,"bot_test-1146985-gl8tx5oc":220793,"bot_test-1146985-zh1U6nNl":268332,"bot_test-1146985-z3E5QaKy":131357,"bot_test-1146985-Dc8ZI33Y":249282,"bot_test-1146985-qEFDhIsz":218540,"bot_test-1146985-Qkzr6fyy":223592,"bot_test-1146985-36rU0e9o":276456,"bot_test-1146985-YBlPwv9I":228643,"bot_test-1146985-bujAjKx3-experiment":253722,"bot_test-1146985-qZ06eokv":77729,"bot_test-1146985-Dc8ZI33Y-experiment":249282,"bot_test-1146985-fxj3MvtI":90594,"bot_test-1146985-nV9HUNAR-experiment":281751,"bot_test-1146985-NlG4uudV":91399,"bot_test-1146985-BkSN4NBu":76377,"bot_test-1146985-QtOZUdEq-experiment":122325,"bot_test-1146985-cd3kR3Ny":92642,"bot_test-1146985-heJOGvtn":229286,"bot_test-1146985-bujAjKx3":253722,"bot_test-1146985-lzbCfun8":203164,"bot_test-1146985-7eGNVUNx":284955,"bot_test-1146985-Tnzv0xrv":83710,"bot_test-1146985-5Pg7VzIM":92128,"bot_test-1146985-kvpV444a":99988,"bot_test-1146985-QtOZUdEq":122325,"bot_test-1146985-YMd4J30X":122329,"bot_test-1146985-7WQ7otqH":220803,"bot_test-1146985-z43ehpB4":99498,"bot_test-1146985-JYcr9IM7":120380,"bot_test-1146985-yLd3Brus":289801},"gates":{"calendar_integration":true,"has_org_meetings":true,"premium_drift":true,"has_following":true,"has_email_playbooks":true,"clearbit_reveal_settings":true,"conversation_access":true,"HELP_SKILL":true,"has_calendar_routing":true,"has_targeting_reveal":true,"sso":true,"ABM_routing_email_enriched":true,"has_crm_reveal_contact_enrichment":true,"BOT_BUILDER_BETA":true,"has_browser_to_phone":true,"has_cql":true,"ACCOUNTS_IMPORT":true,"enabledAttributes":true,"scheduling_skill_meeting_select":true,"DEFAULT_RESPONSES":true,"has_enterprise_reveal":true,"HAS_DRIP":true,"has_presence":true,"ACCOUNTS_SEGMENTATION":true,"has_drift_voice":true,"has_live_view":true,"HAS_BRANCHING_ROUTING_RULES":true,"HAS_MADKUDU":true,"revenue-dashboard":true,"has_playbook_variation_testing":true,"has_consolidated_welcome_msg":true,"has_bot_landing_pages":true,"ACCOUNTS_FOLLOW":true,"HAS_MARKETO_SYNC_LIST":true,"DISABLE_CLASSIFY_IN_BAND":true,"has_helpcenter":true,"HAS_LINKEDIN":true,"ENROLL_EMAIL_SKILL":true,"has_target_slice":true,"has_outbound_playbooks":true,"HAS_CLEARBIT_REVEAL":true,"has_meetings":true,"enterprise":true,"saved_replies":true,"HAS_MARKETO":true,"november_mm":true,"has_slack_step":true,"contact_property_cutover":true,"has_auto_sync":true,"has_sequences":true,"ABM":true,"HAS_LEANDATA":true,"has_multi_participant":true,"HUBSPOT_MAPPING":true,"has_insights":true,"has_saved_searches":true,"MATCH_WITH_LOOPS":true,"has_signature_playbooks":true,"hasRefererParsingEnabled":true,"turn_off_layer":true,"BETA_NEW_CRM":true,"has_sales_calendaring":true,"HAS_ADVANCED_ROUTING_OPT_IN":true,"CONVERSATION_STARTED_ANALYTICS":true,"has_session_timeouts":true,"HAS_PIESYNC":true,"has_chat_to_zoom":true,"SALESFORCE_MAPPING":true,"salesforce-email-activities":true,"has_more_meetings_playbook":true,"has_ping_pong_presence":true,"chat":true,"MARKETO_MAPPING":true,"BOT_INLINE_EDITING":true,"HAS_CLEARBIT_ENRICHMENT":true,"BLOCK_LRR_ACCOUNT_OWNER":true,"PLAYBOOKS":true,"routing_user_availability":true,"HAS_SMS_MFA":true,"kill_one_time_email_sends":true,"ROUTING_OPT_IN":true,"DASHBOARD_METRICS":true,"hard_contact_property_cutover":true,"has_lead_routing_reveal":true,"has_conversations_reveal":true,"has_multi_owner_routing":true,"HAS_SALESFORCE":true,"BOT_INLINE_ACTIONS":true,"has_visitor_presence":true,"has_outreach":true,"HAS_ELOQUA_REFRESH_WORKER":true,"enrichment_targeting_api":true,"KEYWORD_SUGGESTIONS":true,"enterprise_04_2018":true,"rules_routing":true,"CONVERSATION_RATINGS":true,"html_sdk_shim":true,"calendar_drop":true,"demandbase":true,"eloqua_mapped_cdos":true,"revenue_metrics":true,"BOT_DELAYS":true,"HUBSPOT_USER_MAPPING":true,"HAS_ZAPIER":true,"has_meeting_cta":true,"hubspot_settings":true,"HAS_DEMANDBASE":true,"marketo":true,"has_speed_vs_fairness":true,"has_reveal":true,"HAS_FULLSTORY":true,"premium_enterprise":true,"humane_notifications":true,"has_enterprise_demandbase":true,"has_live_view_visitor_presence":true,"has_beta_lead_routing":true,"ROUTING_SKILL":true,"has_signature_branding":true,"AUDIENCE":true,"clearbit_settings":true,"WAIT_BOT_GATE":true,"CENTRALIZED_ROUTING":true,"turn_off_layer_be":true,"EMAIL_CAPTURE_REDESIGN":true,"marketable_moment_may_2019":true,"round_robin_user_availability":true,"SUPPORT_FLOW_RESTRUCTURE":true,"has_onboarding_experience":true,"has_marketing_sequences":true,"HAS_PARDOT":true,"has_public_shipyard":true,"SUPPORT_SKILL":true,"salesforce_routing_settings_enabled":true,"HAS_HUBSPOT":true,"has_starter_playbooks":true,"SALESFORCE_ACCOUNT_MAPPING":true,"has_beta_team_view":true,"marketo_prompt_use":true,"has_conversation_rating_drop":true,"has_admin_roles":true,"SCHEDULING_SKILL":true,"SALESFORCE_USER_ROUTING":true,"has_account_activity":true,"has_ooo_setting":true,"has_new_conversation_reports":true,"has_live_reveal":true,"has_bot_playbooks":true,"use_tide_subnav":true,"FETCH_ARTICLES_ACTION":true,"BOT_PERMACLOSE":true,"HAS_ELOQUA":true,"premium_team":true,"HAS_SIX_SENSE":true,"has_inbound_playbooks":true,"has_crm_reveal":true,"HAS_VISUAL_ROUTING_BUILDER":true,"CREATE_TICKET_ACTION":true,"has_user_presence_channel":true,"has_12_2016_onlinehours":true},"team":[{"id":2237927,"name":"Andy Wittleder","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/andywittleder"},{"id":2250347,"name":"Brennan Beebe","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/bbeebe"},{"id":2123476,"name":"Blair B","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/blairb"},{"id":1455036,"name":"Splunk Digital Assistant","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1455036%252F319fd0d00dfe19b020b4d76716ed272dxamubkwpuvvb%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Daad02e897ab8bd7a60e573e3639025a9?fit=max&fm=png&h=200&w=200&s=10934c95a30f8c0a18f4c0324b7f6ceb","status":"ENABLED","bot":true,"title":null,"publicProfileUrl":null},{"id":5011909,"name":"Brooklyn Wilson","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F5011909%252F508fad3c7be47c749fe3047feb0e1d79cc4uep5uznts%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D4553859e192d1bc0f22094daada16791?fit=max&fm=png&h=200&w=200&s=0b06ff19c98126a4c8396f1f2c71a518","status":"ENABLED","bot":false,"title":"Sales Development Representative","publicProfileUrl":"https://drift.me/brooklynw1"},{"id":2187079,"name":"Charles E","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2187079%252F62611e9033746a4c7353fca9d42d3306b9n7ka5fu48w%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3De5e43b3c1f7c5030c73f9b2ae641095c?fit=max&fm=png&h=200&w=200&s=45a5fd85580f33e2bfabf6edee6d56cc","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/celliotte"},{"id":2305121,"name":"Chris Visaya","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F7849%252F784984cb31f2f8ea21cce8f3073d7099%2FScreen%2520Shot%25202021-03-09%2520at%25209.08.10%2520AM.png%3FmimeType%3Dimage%252Fpng?fit=max&fm=png&h=200&w=200&s=cabeb2c951a30b74040470029d632613","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/cvisaya"},{"id":5011910,"name":"Emerson Solano","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F5011910%252F108eb697dc348e8a6c8369ab26effabd6bmmv2axautw%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D28c75086d6b93f2b86e8c9fa3bea45c2?fit=max&fm=png&h=200&w=200&s=0c49c2a62dac170176ffe2467865b126","status":"ENABLED","bot":false,"title":"Sales Development Representative ","publicProfileUrl":null},{"id":2237928,"name":"Grant Gluhaich","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2237928%252F6f8694c3dd2930bf123f0671710ccc9eawzhws2fypaf%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D63c56fd740bf9fe456b59db752a7bc35?fit=max&fm=png&h=200&w=200&s=a27f16d79f2359d08f76c62ceac78150","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/grantgluhaich"},{"id":2187078,"name":"Haley Ferrario","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2187078%252F81c65c9b18ef33a234dd5b3beeb801adct8gme6s4i6i%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D05ab5bf3e23c98dd752e44e014e38584?fit=max&fm=png&h=200&w=200&s=f03110c8e07aeac446b8f1c5b1e36689","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/haleyferrario"},{"id":2218612,"name":"Joseph Gay","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/josephgay"},{"id":2250352,"name":"Katie Hollingsworth","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/khollingsworth"},{"id":5015125,"name":"Luke Cochran","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2Fc3ee%252Fc3ee037aeddc81aad181c548962c2a54%2FSmiley.jpeg%3FmimeType%3Dimage%252Fjpeg?fit=max&fm=png&h=200&w=200&s=9159f0f7a7d96496f2e32ae5a440812b","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/lcochran"},{"id":2010159,"name":"Michelle Ashley","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2010159%252F9ac40a110401277f464d366690354081kpzi2iwfzm7d%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Debd9e1ca78ee5902ef2693d5ca1fb050?fit=max&fm=png&h=200&w=200&s=8eaa8d79a20eea22e3bada80e9a6b353","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":null},{"id":2237929,"name":"Megan Harris","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2237929%252F2aa491632f9108dec6fe04caa3d3d673kp3hereynrf2%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D2aa657078844fec8c52f45e5f02f3e85?fit=max&fm=png&h=200&w=200&s=762188acd43d287e0f9b1ae4aa9979aa","status":"ENABLED","bot":false,"title":"Sales Development Representative","publicProfileUrl":"https://drift.me/meganh"},{"id":2314700,"name":"Min Kim","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F37a6%252F37a6259cc0c1dae299a7866489dff0bd%2Ffile-upload-1622654494082%3FmimeType%3Dtext%252Fplain?fit=max&fm=png&h=200&w=200&s=bbaa550f3ef345d739c8ac940720c3d2","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/mink"},{"id":2143483,"name":"Michael Marti","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/michaelmarti"},{"id":5015126,"name":"Maggie Rakowsky","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2Fa8a1%252Fa8a1ee14fb7cd9c68ab7fad071dc5fb8%2FIMG_0117.JPG%3FmimeType%3Dimage%252Fjpeg?fit=max&fm=png&h=200&w=200&s=c611c003b7b5e99c756e08a4f07d263d","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/mrakowsky"},{"id":2284964,"name":"Nicole Dal Cielo","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F37a6%252F37a6259cc0c1dae299a7866489dff0bd%2Ffile-upload-1617302097854%3FmimeType%3Dtext%252Fplain?fit=max&fm=png&h=200&w=200&s=5aff3c3e85edeef32430e3b7f061e68b","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/ndcielo"},{"id":2153003,"name":"Priscilla Aguirre","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2153003%252F2e218161506a42b5f868af0c169ac698mucizwig82mi%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D7c9413ae29184c67fd775d69d534daaf?fit=max&fm=png&h=200&w=200&s=11986b6a0b495e2c60de6c1b2a7a1377","status":"ENABLED","bot":false,"title":"Sales Development Representative","publicProfileUrl":"https://drift.me/paguirre"},{"id":2250354,"name":"Patrick Long","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2250354%252F41dd296a7bb3f2737be2af422afb243a44k9y5br5bdi%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D6cb96e1fcd0796221dc61794991a9f8e?fit=max&fm=png&h=200&w=200&s=5976897958a3e044ec5ab9c7260bb721","status":"ENABLED","bot":false,"title":"Business Development","publicProfileUrl":"https://drift.me/patricklong"},{"id":2250353,"name":"Seamus Kearns","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/seamusk"},{"id":2196653,"name":"Samantha Kelleher","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/skelleher"},{"id":2288171,"name":"smora@splunk.com","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2281197%252Fe0073f9e5a77630f8b7ec6ded3ceb74e739xrymtix2a%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D6dc3e7a60bee9c7aa10f0280f6ec944d?fit=max&fm=png&h=200&w=200&s=6df2aeaeb2d3e6ed5274226d5f0ac085","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/smora"},{"id":1500093,"name":null,"avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F37a6%252F37a6259cc0c1dae299a7866489dff0bd%2Ffile-upload-1559097658302%3FmimeType%3Dtext%252Fplain?fit=max&fm=png&h=200&w=200&s=d344f300b2df693b051224852607aaec","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/sshanmugasundaram"},{"id":2284965,"name":"Stella","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F37a6%252F37a6259cc0c1dae299a7866489dff0bd%2Ffile-upload-1617282739169%3FmimeType%3Dtext%252Fplain?fit=max&fm=png&h=200&w=200&s=d3d25486e6e979e503b48dbc579d66d1","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/stellas"},{"id":2218605,"name":"Tommy Kestermann","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2218605%252F5649253d09fe6266754fbd550dcf3824fiu3huievvmd%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3Dc31c975bc5fe79bccf79e72590eaa00d?fit=max&fm=png&h=200&w=200&s=4878f8c935f80fe5c701ad9f03837093","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/tkestermann"},{"id":5011908,"name":"Tess Veiga","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F84d7%252F84d7bfbb1a554215aa8646e7169dbccc%2FIMG_2430.jpg%3FmimeType%3Dimage%252Fjpeg?fit=max&fm=png&h=200&w=200&s=4939f9385a962a54718deedfb15a587d","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/tveiga"},{"id":2237930,"name":"Tyler Woods","avatarUrl":null,"status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/tylerwoods"},{"id":1965480,"name":"WebMkg-team","avatarUrl":"https://driftt.imgix.net/https%3A%2F%2Ffile2.api.drift.com%2Fdrift-prod-file-uploads%2F37a6%252F37a6259cc0c1dae299a7866489dff0bd%2Ffile-upload-1582133499943%3FmimeType%3Dtext%252Fplain?fit=max&fm=png&h=200&w=200&s=60d2129d9022812bb6cc69c2b1f37a4e","status":"ENABLED","bot":false,"title":null,"publicProfileUrl":"https://drift.me/webmkg-team"}],"locale":null,"onCallUsers":[2010159],"doNotDisturbUsers":[2237927,2187079,2305121,5011910,2187078,2218612,5015125,2010159,2237929,2143483,2153003,2288171,1500093,5011908,1965480],"atChatLimitUsers":[],"rules":[],"integrations":{"googleAnalyticsSettings":{"enabled":false,"trackingName":null,"individualEventsEnabled":false,"enabledEventMappings":{}},"connections":{"clearbit_enrichment":true,"facebookAnalytics":false,"wordpress":false,"leandata":false,"wordpressV2":false,"madkudu":false,"linkedin":false,"salesloft":false,"clearbit_reveal_v2":false,"vidyard":true,"helpjuice":false,"salesforce":false,"on24":false,"segmentEvent":false,"segment":false,"slack":false,"stripe":false,"drip":false,"helpdocsio":false,"helpScout":false,"mailchimp":false,"fullstory":false,"zoom_info":false,"slackBot":false,"outreach":false,"zoom_meetings":true,"demandbase":true,"sendgrid":false,"crunchbase":false,"zendesk":false,"googleAnalytics":false,"six_sense":false,"marketo":false,"zapier":false,"zendeskAnswerBot":false,"hubspot":false,"slack2":false,"clearbit_enrichment_v2":false},"integrationLookUp":{"marketo":false}},"teams":[{"id":941353,"members":[2196653,2218612,2314700,5015126],"autoOffline":true,"teamAvailabilityMode":"CUSTOM_HOURS","teamAvailabilityId":901792},{"id":943311,"members":[2010159,2123476,2153003,2237927,2237928,2237930,2288171,5011908,5011909,5011910],"autoOffline":true,"teamAvailabilityMode":"CUSTOM_HOURS","teamAvailabilityId":902892}],"teamAvailabilities":[{"id":901792,"timezone":"US/Pacific","openHours":[{"opens":"08:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":902892,"timezone":"America/Mexico_City","openHours":[{"opens":"08:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904793,"timezone":"America/Los_Angeles","openHours":[{"opens":"06:00:00","closes":"18:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904800,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904801,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904802,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904803,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904804,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904817,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":904945,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":906925,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":906926,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":906927,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]},{"id":906928,"timezone":"America/Los_Angeles","openHours":[{"opens":"09:00:00","closes":"17:00:00","dayOfWeek":"WEEKDAYS"}]}],"v2WidgetEnabled":false,"v2WidgetWhitelistedDomains":[],"v2WidgetWhitelistAllSites":false,"workspacesWithRootUrls":[]},"updatedAt":1630431505537}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"fd8db1c9c4_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-integration-cookies_c1e201b1d7_mti6ndy6ndu","name":"get-integration-cookies","data":{"_meta":{"id":"e76f6aa9-1776-4f94-b2b0-6b122ade1ef6","source":"drift_widget"}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"bb00b7e24f_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_187fbb3221_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"34115ab91a_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_187fbb3221_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"77b32336aa_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_043de5c510_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"c6ff7f802b_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_043de5c510_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"a1bca89c39_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_d0fc584368_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"a1696904-4a8f-4ab5-8306-02457f58f025","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_INTEGRATION_COOKIES","payload":{}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"14b04f8e1c_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"access-host-window_58e28742bd_mti6ndy6ndu","name":"access-host-window","data":{"_meta":{"id":"2aa1d777-3b76-4307-8153-ac79f896700d","source":"drift_widget"},"key":"location"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"52e02dc8ec_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_0483924d9e_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ec62695825_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_0483924d9e_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"8798b15208_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"storage_27a0381f6d_mti6ndy6ndu","name":"storage","data":{"_meta":{"id":"65c116be-6f78-4ed8-80fe-7dada94df33a","source":"drift_widget"},"type":"localStorage","method":"get","args":["visitCounts"]},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"9e750e3df6_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"storage_c0f81b1669_mti6ndy6ndu","name":"storage","data":{"_meta":{"id":"fe52ddf3-53f7-4560-b457-dc04a3e1dc24","source":"drift_widget"},"type":"sessionStorage","method":"get","args":["SESSION_ID"]},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ed2315f0b0_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"storage_24494aa5b2_mti6ndy6ndu","name":"storage","data":{"_meta":{"id":"cf6049bf-7b98-4ba5-b82c-72c45af45d10","source":"drift_widget"},"type":"localStorage","method":"removeItem","args":["SESSION_CAMPAIGNS"]},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ba4adb635f_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"storage_acc1665864_mti6ndy6ndu","name":"storage","data":{"_meta":{"id":"a6514f44-bab3-4b19-a55a-d4b202dea193","source":"drift_widget"},"type":"localStorage","method":"set","args":["visitCounts",{"total":1,"daysSinceLastVisit":0,"lastVisit":1630500405523,"firstVisit":1630500405523,"lastSessionId":"0873115f-edd5-4a0b-ab4a-779fa55efcbf","/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html":1,"currentSessionStartedAt":1630500405523}]},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"cc41a5b913_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_f8bc8f3ad4_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"e94b7f16-ac57-4b90-8da4-b266144131fa","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_VISIT_INFO","payload":{"total":1,"daysSinceLastVisit":0,"lastVisit":1630500405523,"firstVisit":1630500405523,"lastSessionId":"0873115f-edd5-4a0b-ab4a-779fa55efcbf","/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html":1,"currentSessionStartedAt":1630500405523}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"419d774ade_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-cookie-value_2c072eca17_mti6ndy6ndu","name":"get-cookie-value","data":{"_meta":{"id":"29ecd168-0b88-43d9-a584-365a662573c6","source":"drift_widget"},"name":"drift_aid"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"0c82b9c66c_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_17d2cba017_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"8cf3c323d3_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_17d2cba017_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"6557751430_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-cookie-value_af98e577da_mti6ndy6ndu","name":"get-cookie-value","data":{"_meta":{"id":"3dd35d42-402a-4509-94b8-f00d6cd737a9","source":"drift_widget"},"name":"driftt_aid"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"695d375463_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"set-cookie_5bd1e6ee5b_mti6ndy6ndu","name":"set-cookie","data":{"_meta":{"id":"2dc3b727-58cb-4823-9d26-1add16a869cb","source":"drift_widget"},"name":"drift_aid","value":"1735e137-5a7e-4440-aa6e-8a48dad5af71","options":{"expires":{"__type__":"date","__val__":"2023-09-01T12:46:45.533Z"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"726cc2d172_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"set-cookie_6479e927af_mti6ndy6ndu","name":"set-cookie","data":{"_meta":{"id":"8014a86d-dcd5-497f-9fcf-5a7d3335b076","source":"drift_widget"},"name":"driftt_aid","value":"1735e137-5a7e-4440-aa6e-8a48dad5af71","options":{"expires":{"__type__":"date","__val__":"2023-09-01T12:46:45.534Z"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"e03387d89d_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_a5e9865cdf_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"32ffd1f7-d945-4430-90f3-164bb64c65fa","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_END_USER","payload":{"endUser":{"leadId":"1735e137-5a7e-4440-aa6e-8a48dad5af71"}}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"3c00f17733_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-cookie-value_9f721b61b8_mti6ndy6ndu","name":"get-cookie-value","data":{"_meta":{"id":"e347239e-4fb0-4392-90a0-1589c455e710","source":"drift_widget"},"name":"drift_ujwt"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"dace31ded9_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_63d8353529_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"4887eaafab_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_63d8353529_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"290b3f59d7_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-cookie-value_16664f233c_mti6ndy6ndu","name":"get-cookie-value","data":{"_meta":{"id":"110d01c1-004f-4403-810d-a62ad2970597","source":"drift_widget"},"name":"driftt_eid"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"484a157069_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-cookie-value_025c5ad648_mti6ndy6ndu","name":"get-cookie-value","data":{"_meta":{"id":"ce5b65fd-343a-420e-b1ad-70bac457f498","source":"drift_widget"},"name":"drift_eid"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"c3d9330c8e_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_ba895609ab_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"59b4610a-557a-4f8b-86db-ab762e24c97d","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_IDENTITY_MAP","payload":{"lead_id":"1735e137-5a7e-4440-aa6e-8a48dad5af71","marketo_identity":false}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b41bb651e9_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_d34fb79e4f_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"4e325302cc_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_d34fb79e4f_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	info	URL: https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 297.0999984741211 ms
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b53cbffb06_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_46f671ceaa_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"46e44cd9-92e6-4135-8a96-9d21538192e0","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SERVER_RESPONSE_SIZE","payload":{"size":2360}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ae97b1b5c0_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_11e0be17ff_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"441d2ea7-803b-4b75-b578-0ddfeed3a6a6","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_GEO","payload":{"ip":"89.249.64.171","city":"Berlin","subdivision":"Land Berlin","country":"DE","countryName":"Germany","gdprApplicable":true,"metroCode":null,"postalCode":"10178","latitude":52.5196,"longitude":13.4069}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b3d65a3959_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_3ea7771bcc_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"c5e6acb1-e248-4024-9c4e-a70bc909f892","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_CHAT_SOCKET_AUTH","payload":{"org_id":"1146985","remote_ip":"52.205.21.197","session_token":"SFMyNTY.g2gDdAAAAAVkAAJpZG0AAAAVMTE0Njk4NS0xMTE3NDQ0NTU1Ny00ZAAGb3JnX2lkbQAAAAcxMTQ2OTg1ZAAJc2NvcGVfc2V0bQAAAARsZWFkZAAHdXNlcl9pZG0AAAALMTExNzQ0NDU1NTdkAAl1c2VyX3R5cGVkAARsZWFkbgYAJsJloXsBYgABUYA.MlWelfYcegSLDRNFGS-GgWnPV8sgml0eVp3FhJegtvE","user_id":"1146985-11174445557-4"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"0c79fdd0b6_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_7ddacc8926_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"59cdea83-c6b0-4500-b56b-be342af1fc01","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_PRESENCE_SOCKET_AUTH","payload":{"org_id":"1146985","remote_ip":"52.205.21.197","session_token":"SFMyNTY.g3QAAAACZAAEZGF0YXQAAAAFZAACaWRtAAAAFTExNDY5ODUtMTExNzQ0NDU1NTctNGQABm9yZ19pZG0AAAAHMTE0Njk4NWQACXNjb3BlX3NldG0AAAAEbGVhZGQAB3VzZXJfaWRtAAAACzExMTc0NDQ1NTU3ZAAJdXNlcl90eXBlZAAEbGVhZGQABnNpZ25lZG4GACrCZaF7AQ.7r8FlttWsXX2pbUyL3Zmi7rl7VO-8JPi4ua8uJaoPRA","user_id":"1146985-11174445557-4"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"e0eac56213_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_97a6beec1d_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"7a6f9443-b83c-4470-9a6e-f313fa220ac7","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SENTRY_CONFIG","payload":{"forceLog":false,"limit":1}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"42742991a2_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"set-value-on-host-window_a065d99c6d_mti6ndy6ndu","name":"set-value-on-host-window","data":{"_meta":{"id":"050bcf98-42d3-4953-8e47-456aaf63452b","source":"drift_widget"},"key":"drift_sentry_config","value":{"forceLog":false,"limit":1}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"78dd8fd7cd_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_4d03b07808_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"0da01f7b-13e9-4fe8-b561-e3159cadcc71","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_UNREAD_CAMPAIGNS","payload":[]}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"2bd517d8ab_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_a6c9c0358f_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"120ccebe-08d7-4cf7-840b-6f8a4b25b8ef","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_CAMPAIGN_CONVERSATIONS","payload":[]}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"e2f172c125_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_8136563c25_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"8e0fe670-61a9-4d2e-b9c7-029c61b0d94e","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_END_USER","payload":{"endUser":{"sessionToken":null,"id":11174445557,"orgId":1146985,"customerId":0,"status":"ENABLED","name":null,"alias":null,"email":null,"phone":null,"locale":null,"timeZone":null,"avatarUrl":null,"primaryIdentity":"1735e137-5a7e-4440-aa6e-8a48dad5af71","createdAt":1630500405620,"externalId":"1735e137-5a7e-4440-aa6e-8a48dad5af71","socialProfile":{},"attributes":{"_END_USER_VERSION":3,"_end_user_version":3,"_calculated_version":3,"start_date":1630500405620},"tags":[],"staticSegmentIds":[],"happiness":1,"type":"LEAD","raw":null,"account":null,"lastMessageByEmailAddressAt":null,"lastSalesSeqEmailReceivedAt":null,"emailIsEnrolledInSalesSeq":null,"lastMeetingByEmailAddressAt":null,"upcomingMeetingsForEmailAddress":[],"lastMeetingAttemptedByEmailAddressAt":null,"graphType":"User","leadId":"1735e137-5a7e-4440-aa6e-8a48dad5af71"},"assignedAgentId":null}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b976d743a2_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_bb5682b466_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"d4ccdd4c-7f6a-4baf-85c9-5e8aaf3e6ecf","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_ACCESS_TOKEN","payload":{"accessToken":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTE3NDQ0NTU1NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNDY5ODUiLCJleHAiOjE2NjIwMzY0MDUsImlhdCI6MTYzMDUwMDQwNX0._fGMfYNPTImlWlS9oAzAm6xbPd44yL39tNtClv7gtybCEfN-Vl1EoB1AmqheC6EQ0z4CHcSiOtyxAr_xxmPSLg"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"cc8b82d076_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_6ff8d29e50_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"fbceac71-fcf3-46d1-8c50-58edc8582ec8","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_GDPR","payload":{"hasConsent":false}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"12325df2bb_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-window-context_59cc0b3079_mti6ndy6ndu","name":"get-window-context","data":{"_meta":{"id":"823d7554-73ff-4099-a647-b84249e867fc","source":"drift_widget"}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"a898f838f0_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_a914589e40_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"56489817-b431-4946-a49d-4d3e483d4c9f","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_GDPR","payload":{"hasConsent":false,"needsConsent":true}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"750b7c7731_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"handle-host-integration_04266e55e3_mti6ndy6ndu","name":"handle-host-integration","data":{"_meta":{"id":"888ffcb2-a612-4990-a222-9c51c440f328","source":"drift_widget"},"config":{"enabled":false,"trackingName":null,"individualEventsEnabled":false,"enabledEventMappings":{}},"type":"googleAnalyticsSettings"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"6ff7a8a218_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-window-context_ad84be9849_mti6ndy6ndu","name":"get-window-context","data":{"_meta":{"id":"4aa355da-f88f-4e24-afa7-3da8b19faa9a","source":"drift_widget"}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"5e92f56d2e_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_229427a7e3_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"0851f702-d1a2-4f2d-bc39-5cc2a46e7890","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SOCKET","payload":{"cluster":"chat"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"926aee2a71_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_c83f01c43f_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"ef3558f9-45b8-4872-90b8-b4b9af4996a0","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_SOCKET","payload":{"cluster":"visitor_presence"}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b9b7f78998_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_28767c08f2_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"44bab80fc2_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_28767c08f2_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"e077b1217a_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_06fd96f25e_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"90bf3e95bd_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_06fd96f25e_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"c3fdf364d4_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_23fa62ac35_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"373f3c4c13_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_23fa62ac35_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"6d09522f67_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_409bbd6e4c_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"3253b04e66_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_409bbd6e4c_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b72485426e_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_fe2488282d_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"23d9ee17be_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"set-value-on-host-window_60a63adce3_mti6ndy6ndu","name":"set-value-on-host-window","data":{"_meta":{"id":"bcc8fe4c-3142-445b-9f3b-7c2a5419a0ef","source":"drift_widget"},"key":"drift_sentry_config","value":{"forceLog":false,"limit":1}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"3164602bf1_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_fe2488282d_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"76b91ecdb5_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_44f6ae4094_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"0a8bc86ed3_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_44f6ae4094_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"405ec13b8d_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_2b7f7ee3f3_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"5d45c20267_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_2b7f7ee3f3_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"728cf1e926_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_b2b5239a92_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"783164629f_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_b2b5239a92_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"f7beb8d5fc_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_4f2ee8cdc8_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"39ff472557_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_4f2ee8cdc8_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"20ea835831_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_1c3f9b95e1_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"6afd790c97_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_1c3f9b95e1_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"8017080124_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_35667c6b5e_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"1345a14f-3c60-4b44-a160-a05425a415da","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_RECEIVE_CONTEXT","payload":{"page":{"hostname":"www.splunk.com","referrer":"","search":"","path":"/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html","title":"Detecting SeriousSAM CVE-2021-36934 With Splunk \| Splunk","url":"splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html","href":"https://www.splunk.com/en_us/blog/security/detecting-serioussam-cve-2021-36934-with-splunk.html"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36","locale":"en-US","timezone":"Europe/Berlin","currentSessionStartedAt":1630500404.547,"currentPageViewStartedAt":1630500404.547,"activeSessionStartedAt":1630500404.547,"innerWidth":1600,"innerHeight":1200}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"d02c9e06ec_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_fbda0f2110_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"72198c8b11_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_fbda0f2110_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"be72631f51_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_78f2022a0a_mti6ndy6ndu","name":"controller:action-dispatch","data":{"_meta":{"id":"26cba1c4-9543-4913-9241-ea9ba431655e","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_INIT_COMPLETE","payload":{"initComplete":true}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ff3ac0046f_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_e1430a5d98_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"09c30a751b_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_e1430a5d98_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"ecdd264198_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_c56050d037_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"b5dbe723e0_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_c56050d037_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"73833d7909_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_31a1fa0370_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"9f0458f48e_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_31a1fa0370_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"def12cf04c_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_b94087ed22_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"88b6d4e2dd_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_b94087ed22_mti6ndy6ndu","name":"CONDUCTOR:action-from-controller"}}
console-api	warning	URL: https://js.driftt.com/core/assets/js/17.8ed91048.chunk.js(Line 1) Message: react-i18next:: i18n.languages were undefined or empty undefined
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"8ef72eb919_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"toggle-widget-controller_c1988db5d3_mti6ndy6ndu","name":"toggle-widget-controller","data":{"_meta":{"id":"a4bf40ac-b38e-4785-b0ae-703f50f793c8","source":"drift_widget"},"isChatTakeover":false,"open":false,"hasActiveConversation":false},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"fa17fd6611_mti6ndy6ndu","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"create-event_c9dd727aa7_mti6ndy6ndu","name":"create-event","data":{"_meta":{"id":"4a150902-559e-4889-a8f3-a0669a606958","source":"drift_widget"},"name":"drift::gdprRequested","meta":{}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"d83d5ecbec_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_7f116afc37_mti6ndy6ndy","name":"controller:action-dispatch","data":{"_meta":{"id":"de21db62-7b7c-4d95-8aee-db23ad877562","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_UPDATE_ONLINE_STATUS","payload":true}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"01d515358f_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_651df47f29_mti6ndy6ndy","name":"controller:action-dispatch","data":{"_meta":{"id":"c1c2c0bd-33f5-4348-a6d7-8698dde62dff","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_TOGGLE_WIDGET_TARGETING_MATCHED","payload":{"matchedTargeting":false,"matchedHours":true}}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"a5bc6c852f_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"get-frame-height_e26817e17a_mti6ndy6ndy","name":"get-frame-height","data":{"_meta":{"id":"bcc1676c-c463-412a-b774-e8a29af9bdb7","source":"drift_widget"},"name":"controller"},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"f0d6522500_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"controller:action-dispatch_35a6b96f6e_mti6ndy6ndy","name":"controller:action-dispatch","data":{"_meta":{"id":"14f979ab-67a8-474e-b1c5-b2dcba14e1e3","source":"drift_widget"},"action":{"type":"__DRIFT_WIDGET_UPDATE_ONLINE_STATUS","payload":true}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"4c3d380723_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"create-event_7bd66c8b84_mti6ndy6ndy","name":"create-event","data":{"_meta":{"id":"db22439d-9812-4a67-b8c4-69e024c1e33f","source":"drift_widget"},"name":"drift::ready","meta":{"data":{"widgetVisible":false,"teamAvailability":{"941353":{"isOnline":false},"943311":{"isOnline":false}},"isOnline":true,"chatOpen":false,"sidebarOpen":false},"widgetVisible":false,"teamAvailability":{"941353":{"isOnline":false},"943311":{"isOnline":false}},"isOnline":true,"chatOpen":false,"sidebarOpen":false}},"fireAndForget":false}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"eb6716b023_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_1fc0fba63a_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"cf85c06e0b_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_1fc0fba63a_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"9e10044364_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_410556ba51_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"0ab098976a_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_410556ba51_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"d74343329c_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_ack","hash":"CONDUCTOR:action-from-controller_522627fc6d_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"7a189eba20_mti6ndy6ndy","origin":"https://js.driftt.com","type":"postrobot_message_response","ack":"success","hash":"CONDUCTOR:action-from-controller_522627fc6d_mti6ndy6ndy","name":"CONDUCTOR:action-from-controller"}}
console-api	log	URL: https://v2.listenloop.com/analytics.bundle.js(Line 1) Message: {"__post_robot_10_0_16__":{"id":"490037e5ff_mti6ndy6ndc","origin":"https://js.driftt.com","type":"postrobot_message_request","hash":"storage_d89bdcb442_mti6ndy6ndc","name":"storage","data":{"_meta":{"id":"46173c41-e9eb-448d-9248-52daf003f00f","source":"drift_widget"},"type":"sessionStorage","method":"get","args":["SESSION_ID"]},"fireAndForget":false}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Security-Policy	frame-ancestors .splunk.com .touchcast.com .salesforce.com, frame-ancestors .splunk.com *.touchcast.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6852bd05.akstat.io
a.disquscdn.com
account.splunk.com
amp.splunk.com
amplify.outbrain.com
analytics.vendemore.com
api.company-target.com
apis.google.com
b.6sc.co
bat.bing.com
bit.ly
bootstrap.api.drift.com
c.6sc.co
c.amazon-adsystem.com
c.disquscdn.com
c.go-mpulse.net
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.taboola.com
connect.facebook.net
d2hya7iqhf5w3h.cloudfront.net
d6tizftlrpuof.cloudfront.net
disqus.com
dy.si
embeds.driftcdn.com
event.api.drift.com
fiaqj6absjkbikqce3ygyaaaabqs65rp-p5v9nn-5b2ab80c0-clienttons-s.akamaihd.net
fonts.googleapis.com
geolocation.onetrust.com
ib.adnxs.com
id.rlcdn.com
insight.adsrvr.org
j.6sc.co
js.adsrvr.org
js.driftt.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh4ubkyccc5cqyjpoyxq-p5v9nn-1b71301b6-clientnsv4-s.akamaihd.net
lh5.googleusercontent.com
lh6.googleusercontent.com
match.prod.bidr.io
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
metrics.api.drift.com
notify.bugsnag.com
platform.instagram.com
platform.twitter.com
play.vidyard.com
pt37ad6f6a.execute-api.us-east-1.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
referrer.disqus.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.amazon-adsystem.com
s.go-mpulse.net
script.hotjar.com
scripts.demandbase.com
secure.adnxs.com
secure.eloqua.com
secure.p01.eloqua.com
segments.company-target.com
sentry.io
snap.licdn.com
splunk-blogs.disqus.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.contentsquare.net
targeting.api.drift.com
tm.vendemore.com
tr.outbrain.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
v2.listenloop.com
vars.hotjar.com
w.usabilla.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.instagram.com
www.linkedin.com
www.splunk.com
104.111.233.140
104.244.42.8
108.174.10.14
13.32.121.62
142.0.173.130
151.101.0.134
151.101.13.44
151.101.14.49
151.101.193.181
152.195.15.58
154.50.198.10
18.66.107.126
18.66.107.187
18.66.109.174
18.66.112.104
18.66.112.122
18.66.112.128
18.66.112.39
18.66.112.6
18.66.112.63
18.66.96.113
18.66.97.100
18.66.97.46
18.66.97.49
199.232.196.134
2.16.186.152
2.16.186.24
2.16.186.40
2.18.234.190
205.185.216.10
209.167.231.15
209.54.176.128
2600:1901:0:a5e4::
2600:9000:2240:5a00:6:8656:f5c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:15ef
2606:4700:10::6814:b844
2606:4700:3036::ac43:dfcf
2606:4700::6810:9540
2606:4700::6810:a852
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00::210:ba19
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f22d:1e6:face:b00c:0:4420
3.121.48.255
34.234.150.139
34.254.140.182
35.188.42.15
35.244.174.68
37.252.172.37
50.16.7.188
52.215.67.80
52.31.175.99
52.32.91.113
64.13.171.10
64.202.112.95
67.199.248.11
99.80.169.12
000e439e8f79b03ddd5167adc0d2e4b80be8909bde10ab18cff49a75b097609f
0142e63bdd6ef309a2f3986fb7e841264b9a2d76ebfb1644a6e1ad315f931891
016a2616d4f26aac16ee9bf5429f4eb175d7c63a22a8f30973d5a13b1b964178
01b4835815468d5da7bf430298723952fbff756b43e3c9fbef6e9ff4cef417e3
031b647213e760a66f8632e236f8e5449e4ffe32193461a3eeeb04a0ff83ceeb
0467b2df5f294f99b0789980c4b793e310074506845aa274d86def91d459161f
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0aafdec2ebeadf702d6546e3dc26749bca1503f228b7f1a327850e0bd819e1a1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0babdb6b17f6eb191680384bfb85a4ee45fb470216a336ed04ab73c9eec30ed3
0bafcf2cd2fdbbfd190ef2f1251adfe4be70407c906ab9b2c85ce93ee54ab377
0c092ee6cd5306cfd6dc560b374001fe6ffe15072bd8645f9ebe7e6ed7c211ff
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
1023d4044fb43e5eca4b3f7276d300b31b09ffd2d106fd96e78534ab3c6f886e
10c81ca05b483baa1b8be1082e01f8ea15573302c25e3e6f6737a09b4067715e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
1311ed7e11d4c624d91116f745a1e6bbcfa2c4cc31e8097d9ef548e10d5430a6
13af0b05403aedeb55f66c108c35903e370da8a769a8cb685ecc21b6409e14ee
1514407cddcffb22e626d44e54c991867fd7b0ef049f6bbb351b5aa63baf32de
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
17b1f3642cf0928845fdf667a418bd124dc9d673be46d8e11cb4be5186f0e8d6
196cc7f451249dc346920e5c8ed64e1afbb6e1bb39e71f0d9917c90307ea6e64
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e361165a97015b0425a3cece58eb5e8a56f073d0c0932ad36fe7c81a828d307
1e712e8649388c67feb0ee14fb1aab8cb8650c73c1e623bb87f310be53f1c18a
1fd9a028ac776cc238827cc6833a1e8bc5a6cdb91ecc0af1eed5bd6c1303588f
20b11d2c0012e286c38350d6c9b2ba03341667d9bc7226bf526fb47e89668fd9
2393d47c2471e2f71d306c694448ba98809c993297f6174bb801fd713e6e5a8a
23a38506dda87396bc5e047c17a17d94ced462d21aa561593f5a08e28646036b
23f76cc288901a345dca71d537a84aac6a2c41b2db111349945e355eeb7ff9a3
2cfbaf00389c46d0932a468d40fb396ef3be12ae61fc25e9704166dffed05b02
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
2dfcf694584572c4821314335932799b57ecbd8cfe2da750d1da364048a9b49b
30528b40f9dae32fc1eccf7d9dc797846727f46fc594b0cf2d7858b163a7754f
30a04395c8f97783c2d8db643d70d27b604a05fb0b3f335f4360d90a6d085a19
30da4c48d022cae31aecd5ed03eb37be68f9cf0ace03efc80eb2e1497cc55612
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31ee11fe7b4620a4be9ed27586ffbbf4d6d070ea2a529c98a57d2813f06854a6
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33c518b871fbdc327562d453591557db4630e5d88a53e55550251f60c7b8c47d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35b93b360369983ebce0e5e831969832d3511d96c1489feb15c54b092fdf8151
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3882de692094cbe01949b2074932fc8140bdedc0463ccaba28ac716dc879a2db
394cb779c742349df967ca316c20f4dc78d5d1150535dba5b377624b8a891073
3a2e0a88a65a0528e31ed06c23a9750ee001f4a3b8018c126a0ff2302d6d03ee
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cb56a22123a4976f5608b01c25515298f8cfdf15ef15415ea44ea6bda11f805
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
434c4f6f549d386b8172952c473bade098cf1780715b93de3a1c4c43fb970fa0
43a231bcfdb6728631a2e91c7729966338effd9b2dbca6b02478e8eac43190cb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
446cb2c77c2807618caf4de745e133e0893780c448f2ce8b1b0266f08f9dfc83
466be68639e937dbf5be69a5d87308accb475de7ed3da6aeeb2a1a08f6f69703
475cea02c3f3978917f6ef7dfd022040aa3c012aed8853b16d936d3ff162f9bf
48446b85e4eee5af77a5c4729bb80a6cedcc177c2a9e9e422a4a22bee3b2c799
4a2de4125e63c0db3ebac9e9ec44092ac3a1fda1942dc370637a234775a374c1
4b12c119c64ad2d3cf0efbec75d691b2c557c8508bc080237b905d5f765a4a98
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
50cc4b9463710100e2323f72d43a57cc7a7bd100e09906adf085b760cf1967b0
5125bdba8016b0d15c5475407905b4123d68c10f9fe0c6b2ffe8ea8ef5e667b0
53896c1f267bc82d9e9cf0073123b5c91fdf4ea7c249d8dd2292d95a66e2f9fa
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
561b202ea8a3cd9cf4878e88b0607b78016f428087923cc32472d578218d5e3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57bb638c7217136826798783215e0ee96440e75413e7b76e6b991629409d8d82
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5915f2999f00c10915bb1832eac4b1028abe6ac7dbcf93081c470c1623fc73ab
5a66097ab1b0a08627fb4c25b39785a44a7622539a4932e59c2b6dd4863c4195
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
603c53f10afd0de7ef64dbe5b38f5d6be3001429d1f29fefb02c1e7e6a47b2de
603c6b75fcd3544415eb3e8b070d59daf4a69bd42f47d14a550c725fc4e1d025
60db1a4206175e1067d82b3a28e8fcd7a79e63baf32519c99eaadc7fbecd43de
641b2a6b40a8e3033eee3dfec5d2c12560f3427b32c1d595b536e38645a86391
6607d39e43283ed0bb6e98c94d643344392be4086426e171c96df8a3ac1f40b9
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6798de40afe480118095723fd5f271bdb3f0f68c016f2577d07b31eb5fdcabd9
68ecfbc7d97755b216c866e5f212c8e279618387ca200d72f043c1d397fb1e96
6bd6f89b1e7f7eef3650d12eb6b8b0b9a839034f1917cccfafb5d22f549d5529
6c52cd0d71d316cb4d0da745f64f44f002cd05ae6abfa7b5467fe2a84e5e7927
6eb49924917abab026f80173e564b79d6e1b49b33b88052523ea8d1c6572f6a9
6f0111b458474d46469ecec2c20475f08edca8e0854a26bdbbcbe389653fd281
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
734f5195412674e394bbdc5499cf0f2b0d1227d58fa25e814dff2e4ee2e062bc
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
762229dfc2f72c6a5f25f134a2be95a7ff63c16e609a74c9a22ee0d04c6508bf
772d9a3001192e2906154e4624e6debd1639e4f12568623e5e9a9edce238d06a
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
7970f31907d91bf0f19efe8aefee74d6f0a2d8c72b2f8f20a5e297d3c414a78f
79a5d0c6cdd5c1aeb1305c08deeaeb6c5bb5415f6d76440103b9027ba6d0da6d
79f0578ae714ea9184cbdddaeb391f7e52929f98c8c2d6bc86607e2449851de8
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7f0cce61297bf5b173ace0390ddb1593cee0b7e957b17ed2769e038f98f04b32
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836f7b8791541974441252d89ec1fa601076601238c06a14e47837fd520732bc
8470410d86aeb687b8a27ecf99ea5ce7db33779120a7cd9a4c5134a4815df720
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856480dfbd572e8e51fd582b4744916dc6708b2cf12eb311d749f0dc16250410
88e7deb2dcbccbe8fa97dfc6973ea174f0b3db01ace23c0d72a8228452171a5e
89137fca3117c82a3cd1196c2cb365c6ad82aa01e019e2d4c9c6fc8f0216e50c
893b13fb1b9b31bca8710eb40f15eb8fad0a8d6e4b2c32d7614af819fa1da9c6
8946e8ab0408c419e21f26f0da2b8cf9c984eb9b29400d3289750398cb23e3ea
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e4e8ad8f9d914b473729264a87d08887e057378e485817f8629b4a691cb6432
8ec77a1853805bdfbb8cacabd892a59b3c1058a234b1d16a03453067e2c038e5
8ed1e4d7cf32603c39371895cb056cddbd14762d7fe10d074506ae87758574cb
8f265a16998021312f86c0a652635438e8091bcf0f9bdc5921926938315365ec
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109
97f36feba7ded66fc58d4d937531bceb544849852d17c4a371872bb314288281
9839c22946a5e20fb41425280c1becc158d2b3e7bf387b6253fb7ac5ce14e4d2
9a6976fd57cb54a3969c8796df725cf8d1ada3f4c694a5fb20b464e550bb562c
9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3
9c3bf3a782bb18da5d472ddbe4836c8b8255b868a8e917dd5cb19f925bf408be
9d714a88c8d592dd8f9eda439440ae797d312f55d075cd705b5c5acb0115e461
9e3566cd6b093f5f0dcd67091cd970bbadf1d3f74d9c4ad376de912ca6401586
9ec1002988b30be58344be55afcc9b1075519b3e2a96380b35ad343922e0d7ec
9f2721a2bc893ea5d1278d59e42d8134aa3c1d678df0cfeeb43bd672a2f4ed51
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a2aea7a6c61af6af8289262b11a012e8e819c6fcdd1fabc0c58c8b7ef5c612ce
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a3668e3372ee4ad547bdc03cde4d898c4c1d697c34cd202fdf31ecf0a0a34b75
a488a8e0262a5148cd08ed509f8081e1f1eb88897d3cc9b2c591dfea3aea13c0
a52bb6e8d120c194fb3c184f9af610501526c368c6fc4224916eae858f12bc77
a5e9883c541bdeb985bf00620ac3831b3e07a649012dae4980269d1c2eb73a5a
a9d985131b944f20b82382b91099a6b5c8924f57d8934dfa38039571d628b58a
ac1c8225921a5d51ebf3d57cdf0449ab5b1f71039a37f7ecdad91468898cf3f1
ad6eef3d02365c280ac560f85b72f4b754e0d13938398f447d289374102ae526
ae59f7fe573dd254192e6801613e7eaf87dd39a14ceb6248812bcb405b948557
aecdb7a35542d5211989ef71161407bec15dc50581ba58c26340fd63abbb5986
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0085f0451431dc24f53f1b6d318c8130ca17b39879631afedd0fcf7e10a142f
b1bb91151130d620bb916cf8f4b0ac0aa27ed9ab91da8aa3ecc1f845b317170d
b22166ae6d29eb08e7eeef4d0469251c54e25bd3f854bc5b181e118e1f6c4cae
b3010625e3b25f2167e854834fe0db706d0c426e251f1a85cb4541cf4d40491d
b391f1665ed150f1427bec6627419bea073839413221a688cf537478642facd2
b580df40c699ad6dab76b1cb016768fc00a127373ac9798c4c3ccc45da5747d9
b62aa147dc874a3f75e86f0447a5d57ac504014b2cd0082559d786391e4fd1c7
b6757c564305ac26f444cf3b00f5bfdce1e0684ae40b80706e5d9cffb2d81176
b6d5804ae4c5bbe1997166b62df22c1e5a8aff88b378fcdbed4ccd22ff26f030
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b9dbadd3ad7be81da266234eceb5b7b15f6bdce4a19d9a33663f4ba119ac2180
ba8269d9a47f982451ae9904fa15d92b98be5afa2a1dcc138534cbcc4178fb4a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc4363ab77f5401d867bbda24e0f04c5f573a1f8252cc2510e46170536a4edf
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
c16ce74d43d81247b04ccb24090e7830484688d38e808839049e7d5b288dbd7b
c177c3583ed4eaaa84d4df2c0e6e49fefe4ab5e8b0a67f1d5fba9f2465c546af
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c2e00bf1249c5ec8a5f8a7412de74b1f4a9abc5b02f2cb59209f5fc6341debd6
c3b8af75d42666f38b4eafc7c7e8bf46f8eb7f1dd252894a35233de576c8e706
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c71b0d1355ffa5efb6aff3b44f79210e14a04129b946efa39c9f1e3cd546325c
cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa
cc8e908b992c11ea81310e961a481035531a575bdb41c7916649ec8fa55179fa
cd567d559140ef12751fc613cabdc8f54330ed637d48db3ec0614fffd2f6881e
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc2b70491edecec6ec0a08628a22f772d1a759f7bf4326bdbe44a1ad3b0420
d16940d9061536573db2fdf2692f6d0883234c0aeb28b01f27926582812eecf2
d22337394156ababc7cbdad71a90029966d63ee212816cbe0b0ee6bea09f119e
d3e9ec00b8df1382b0d2fdd5b39126114483316950dc986be4ededab943fc205
d6bb0b70d8e655372c426bb4bd262f9b15d47c376c4d0289306b7f6bd1366a05
d6c1212ce55b2e9e68717790229cd7198efa5896eb02d2a4e20c2a7b1bcb2138
d778a8f13fd634ace9e797e6650c898993f3e23de06589de349e7d4de4e7b4c1
d79a13a262f87836ea99d4a5c4d26cda6e6729e1719009d8fbad922773cd488d
d8293bddc96964fff1b7f49dc8c07ee9c895a0b8ca9ef60c6e0a6d26743b30f8
d9678daf3c200dd554d7b42dac6d8f90c13ae7b37769a5b15df4cdaced860bab
da114fc6c5ecd812a911b41148a8cba3ebfad53e1c05dcd9b70e8f135fa68551
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc3afb1e0dd017bf660627f1c1ff44b8f32d65cb8105c2e883cd10e980e8d4cd
dc4f3b74407a50a874b33ae79c4055c5f646737cfb44c2fb46ea28f827c17a53
dc6dc98cca0dd4df6b20f3813bb9f7da0b6bf8e0abb42653c0ee673880caecfd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3
ddbff1fdf55f5fcc80d6eca42f3a2efb36b38f4ddd1eea47ce8a0ba437ac8247
de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988
dec656fe8a91816e68abf1cc12a1b73763d7080ab0c734a52dc795e4cc59f21f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c897c83c8dbcb7bfccabf79d0e1e8a6ce04b45d06a39b0357cc0de55402b6a
e42532e83267013b5acc8ab673387497d38f40000458df33974517f4fc621627
e51f6b700a23285bdb36e03eed90138983a82fb2e6a352b18a78231a2400afef
e68397409b6b008cdef8f3599dfb8ade0dd313d7224e01f7fb275e5f2ee02ee3
e6f237d757cba8f53fb2b91b9a57f2584afe694f3a7448da1bf479e24291fe71
e8be42019425fc26bcf13b4b96de105ae4317667ae197a353b3b4e55081ebd72
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb5cd4f9742af985b98ea8c49a08bb6169b218426326014fcd34c63b6d25cb37
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eed8464673a9058cfc7c31d37b305cf88f4e4f699c08122df808b385a0aaefb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe9852922c1295b9c3ad24e666b3482d94977612778548c122cee8945c35c01
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f33912a551aa9f08f0ad3ab92ff6aee8d51ba0b5f23a2c23d9dcc6ac268405cc
f4e9fc9cb715061a768c38a333706476e1ca9fceb27e01dfcfdf8b188f66c6b5
f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd
f58162bf3734c1a14fe6dd096b9398fe00ce1d8b9d89490ac562c7200f1da44c
f6c71dcab097a5d46f4d0e3b805a011f23096054395ce542ab65e3d70ea34773
f7b1469431f25e4b25a093871206e5556b46cbc861bf06f68c74576e47687712
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fad978fe258d74543c5d3800b056227b79aa47be68ebc3e7e7de88b815b1efac
fca82066732cdbc824418519f58582389718120dd1a9c86fcdfb7dbd0e7337f0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fd94c6489822657181e738c160b805a7bc583ef588cb34f85bc7f570d461be88
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.splunk.com Open in urlscan Pro 2.16.186.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

315 Requests

100 %HTTPS

43 %IPv6

54 Domains

87 Subdomains

74 IPs

4 Countries

5368 kBTransfer

12533 kBSize

27 Cookies

50 Outgoing links

Page URL History

Redirected requests

315 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.splunk.com Open in urlscan Pro
2.16.186.152 Public Scan

Screenshot
Live screenshot

Full Image

315
Requests

100 %
HTTPS

43 %
IPv6

54
Domains

87
Subdomains

74
IPs

4
Countries

5368 kB
Transfer

12533 kB
Size

27
Cookies

315 HTTP transactions
2 data transactions