www.fastly.com Open in urlscan Pro
2a04:4e42:600::313 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Submission Tags: falconsandbox
Submission: On February 02 via api (February 2nd 2024, 7:47:07 am UTC) from US — Scanned from DE

Summary HTTP 191 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 29 domains to perform 191 HTTP transactions. The main IP is 2a04:4e42:600::313, located in United States and belongs to FASTLY, US. The main domain is www.fastly.com. The Cisco Umbrella rank of the primary domain is 404810.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on October 6th 2023. Valid for: a year.

This is the only time www.fastly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	2a04:4e42:600... 2a04:4e42:600::313	54113 (FASTLY) (FASTLY)
2	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
4	18.66.192.93 18.66.192.93	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2.23.65.88 2.23.65.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
12	151.101.194.91 151.101.194.91	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:90e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
40	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::603	54113 (FASTLY) (FASTLY)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.26.91 199.232.26.91	54113 (FASTLY) (FASTLY)
1	151.101.130.91 151.101.130.91	54113 (FASTLY) (FASTLY)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	146.75.82.91 146.75.82.91	54113 (FASTLY) (FASTLY)
1	151.101.182.91 151.101.182.91	54113 (FASTLY) (FASTLY)
5	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.170.91 199.232.170.91	54113 (FASTLY) (FASTLY)
1	146.75.22.91 146.75.22.91	54113 (FASTLY) (FASTLY)
1	2600:9000:211... 2600:9000:211e:6a00:4:8491:f2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
3 4	107.22.39.74 107.22.39.74	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.220.151.51 54.220.151.51	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.79.91 3.122.79.91	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.105.129 52.50.105.129	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	54.84.115.237 54.84.115.237	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.67 151.101.194.67	54113 (FASTLY) (FASTLY)
1	146.75.118.91 146.75.118.91	54113 (FASTLY) (FASTLY)
1	151.101.234.91 151.101.234.91	54113 (FASTLY) (FASTLY)
6	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.66.91 151.101.66.91	54113 (FASTLY) (FASTLY)
1	18.173.187.100 18.173.187.100	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
191	43

68 2a04:4e42:600::313 (United States)

ASN54113 (FASTLY, US)

www.fastly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.91 (United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.192.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-93.muc50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1025883.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.65.88 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-65-88.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States) 1 redirects

ASN54113 (FASTLY, US)

fiddle.fastlydemo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

fiddle.fastly.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.91 (United States)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
astral-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:90e1 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

025-xko-469.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

rc-widget-frame.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::603 (United States)

ASN54113 (FASTLY, US)

fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.26.91 (Dublin, Ireland)

ASN54113 (FASTLY, US)

dub-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.91 (United States)

ASN54113 (FASTLY, US)

2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

lux.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.82.91 (United States)

ASN54113 (FASTLY, US)

klot-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.182.91 (Houston, United States)

ASN54113 (FASTLY, US)

iah-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.170.91 (Paris, France)

ASN54113 (FASTLY, US)

lfpg-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.22.91 (Manila, Philippines)

ASN54113 (FASTLY, US)

mnl-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6a00:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.22.39.74 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-39-74.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.151.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-151-51.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.79.91 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-79-91.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.105.129 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-105-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.115.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-115-237.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.67 (United States)

ASN54113 (FASTLY, US)

quic-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.234.91 (Wellington, New Zealand)

ASN54113 (FASTLY, US)

wlg-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.91 (United States)

ASN54113 (FASTLY, US)

any-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-100.muc50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	fastly.com www.fastly.com — Cisco Umbrella Rank: 404810	2 MB
44	driftt.com js.driftt.com — Cisco Umbrella Rank: 5691 rc-widget-frame.js.driftt.com — Cisco Umbrella Rank: 123444 Failed	560 KB
23	fastly-insights.com www.fastly-insights.com — Cisco Umbrella Rank: 8322 fastly-insights.com — Cisco Umbrella Rank: 7537 dub-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 84277 2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com klot-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 46396 iah-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 53699 astral-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 23431 lfpg-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 77398 mnl-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 88750 quic-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 34396 2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com wlg-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 95924 any-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 24018	48 KB
6	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6594 metrics.api.drift.com — Cisco Umbrella Rank: 6499 event.api.drift.com — Cisco Umbrella Rank: 7186	8 KB
6	clickagy.com 3 redirects tags.clickagy.com — Cisco Umbrella Rank: 24814 aorta.clickagy.com — Cisco Umbrella Rank: 1875 hemsync.clickagy.com — Cisco Umbrella Rank: 19604	15 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	126 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 14643 ws.zoominfo.com — Cisco Umbrella Rank: 4371	29 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 6591	26 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 8358	3 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 25260 ibc-flow.techtarget.com — Cisco Umbrella Rank: 22760	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	306 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 544 d.agkn.com — Cisco Umbrella Rank: 776	1 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
2	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 6426 lux.speedcurve.com — Cisco Umbrella Rank: 19769	9 KB
2	sentry.io o1025883.ingest.sentry.io	381 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3596 Failed	7 KB
2	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18666	33 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	254 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616	254 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 3815	965 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	mktoresp.com 025-xko-469.mktoresp.com	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 12037	306 B
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8429	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	312 B
1	fastly.dev fiddle.fastly.dev	3 KB
1	fastlydemo.net 1 redirects fiddle.fastlydemo.net	205 B
191	29

	Domain	Requested by
68	www.fastly.com	www.fastly.com
40	rc-widget-frame.js.driftt.com	js.driftt.com rc-widget-frame.js.driftt.com
11	www.fastly-insights.com	www.googletagmanager.com www.fastly-insights.com
6	cdn.cookielaw.org	www.fastly.com cdn.cookielaw.org
4	aorta.clickagy.com	3 redirects www.fastly.com
4	ws.zoominfo.com	www.fastly.com
4	cdn.bizible.com	www.googletagmanager.com www.fastly.com cdn.bizible.com
4	js.driftt.com	www.fastly.com rc-widget-frame.js.driftt.com
3	js.zi-scripts.com	www.fastly.com
3	www.googletagmanager.com	www.fastly.com www.googletagmanager.com
2	event.api.drift.com	rc-widget-frame.js.driftt.com
2	metrics.api.drift.com	rc-widget-frame.js.driftt.com
2	bootstrap.api.drift.com	rc-widget-frame.js.driftt.com
2	dpm.demdex.net	2 redirects
2	ibc-flow.techtarget.com	www.fastly.com
2	o1025883.ingest.sentry.io	www.fastly.com
2	munchkin.marketo.net	www.fastly.com munchkin.marketo.net
2	client-registry.mutinycdn.com	www.fastly.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	api.company-target.com	www.fastly.com
1	any-v4.pops.fastly-insights.com	www.fastly.com
1	wlg-v4.pops.fastly-insights.com	www.fastly.com
1	2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com	www.fastly.com
1	quic-v4.pops.fastly-insights.com	www.fastly.com
1	hemsync.clickagy.com	www.fastly.com
1	insight.adsrvr.org	js.adsrvr.org
1	pixel-sync.sitescout.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	js.adsrvr.org	www.fastly.com
1	tags.clickagy.com	www.fastly.com
1	mnl-v4.pops.fastly-insights.com	www.fastly.com
1	lfpg-v4.pops.fastly-insights.com	www.fastly.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	astral-v4.pops.fastly-insights.com	www.fastly.com
1	iah-v4.pops.fastly-insights.com	www.fastly.com
1	klot-v4.pops.fastly-insights.com	www.fastly.com
1	lux.speedcurve.com
1	2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com	www.fastly.com
1	dub-v4.pops.fastly-insights.com	www.fastly.com
1	fastly-insights.com	www.fastly.com
1	025-xko-469.mktoresp.com	munchkin.marketo.net
1	cdn.bizibly.com	www.fastly.com
1	trk.techtarget.com	www.fastly.com
1	tracking.g2crowd.com	www.fastly.com
1	geolocation.onetrust.com	www.fastly.com
1	cdn.speedcurve.com	www.fastly.com
1	fiddle.fastly.dev	www.fastly.com
1	fiddle.fastlydemo.net	1 redirects
191	51

This site contains links to these domains. Also see Links.

Domain
support.fastly.com
manage.fastly.com
nvd.nist.gov
logging.apache.org
twitter.com
en.wikipedia.org
help.aliyun.com
github.com
www.lunasec.io
docs.fastly.com
www.facebook.com
www.linkedin.com
developer.fastly.com
www.fastlystatus.com
investors.fastly.com
www.twitter.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.fastly.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-10-06` - `2024-11-06`	a year	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-21` - `2025-02-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
fastly-insights.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-20` - `2025-01-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.drift.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.clickagy.com Amazon ECDSA 256 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Frame ID: AA69BFCF2ED7B8D0FE4258451D53B286
Requests: 141 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019439&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Frame ID: 25B5126663F5E8EF53CD7F7CC205FEB1
Requests: 1 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Frame ID: 320722E876CA7A2DBB72CFB99E756F2A
Requests: 47 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&upid=srcqgs0&upv=1.1.0
Frame ID: C52A9AF4DBDBD456034925333E2F4C88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | FastlyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Page URL
https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

191
Requests

97 %
HTTPS

30 %
IPv6

29
Domains

51
Subdomains

43
IPs

7
Countries

2968 kB
Transfer

8482 kB
Size

25
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://support.fastly.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://manage.fastly.com/
Title: Einloggen

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Title: CVE-2021-44228

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/
Title: Apache Log4j library

Search URL Search Domain Scan URL

URL: https://twitter.com/GossiTheDog/status/1469322120840708100
Title: cryptominer reportedly deployed

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.2/manual/lookups.html
Title: lookups

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Java_Naming_and_Directory_Interface
Title: Java Naming and Directory Interface (JNDI)

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup
Title: to look up data and resources

Search URL Search Domain Scan URL

URL: https://help.aliyun.com/noticelist/articleid/1060971232.html
Title: notified

Search URL Search Domain Scan URL

URL: https://github.com/tangxiaofeng7/apache-log4j-poc
Title: proof of concept

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0
Title: patching

Search URL Search Domain Scan URL

URL: https://www.lunasec.io/docs/blog/log4j-zero-day/
Title: Another option

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/security.html
Title: mitigation

Search URL Search Domain Scan URL

URL: https://docs.fastly.com/signalsciences/using-signal-sciences/features/templated-rules/
Title: templated rule

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&text=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j&url=https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Search URL Search Domain Scan URL

URL: https://docs.fastly.com/
Title: Dokumentation

Search URL Search Domain Scan URL

URL: https://developer.fastly.com/
Title: Entwickler

Search URL Search Domain Scan URL

URL: https://www.fastlystatus.com/
Title: Netzwerkstatus

Search URL Search Domain Scan URL

URL: https://investors.fastly.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fastly
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fastly
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fastlyinc
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2Zx8R9llwwyNBB6thfIwxg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Page URL
https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://fiddle.fastlydemo.net/embed.js HTTP 301
https://fiddle.fastly.dev/embed.js

Request Chain 150

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:b716a88424dc0a5c193a721f9a167467&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1706860022250&ip=146.70.117.107&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D219773204780000577342 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=219773204780000577342 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:b716a88424dc0a5c193a721f9a167467&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:b716a88424dc0a5c193a721f9a167467&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=29189422613941644982782259858767507988 HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

191 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Show response
www.fastly.com/blog/ 617 KB
89 KB 185ms
163ms Document
text/html 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1b5938ce75bd82e23d8ecbf22be0fd26bca05029525cde40f8b1145b4cecd4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, must-revalidate
content-encoding: gzip
content-length: 90345
content-type: text/html
date: Fri, 02 Feb 2024 07:46:59 GMT
etag: "3e554c2d6301c02fe8bfb29f2bbe7a17"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 1, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-sjc10039-SJC, cache-sjc10079-SJC, cache-fra-eddf8230112-FRA
x-timer: S1706860019.272637,VS0,VE157
x-xss-protection: 1; mode=block

GET
H2 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
77 KB 9ms
9ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10068-SJC, cache-sjc10077-SJC, cache-fra-eddf8230112-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860019.440664,VS0,VE2
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-cache-hits: 0, 25, 1

GET
H2 200 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 51 KB
17 KB 43ms
7ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f0952af5f9b29470d1ed7c3629cc6fe434e0aed0f5f72a3840714e7903632f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: OQIZp_aym532D3aWYlcX8r9vhAYnAzY.
x-continent-code: EU
content-encoding: gzip
date: Fri, 02 Feb 2024 07:46:59 GMT
via: 1.1 varnish
x-edge-region: EU-East
x-amz-request-id: NH2WEC7GDYM3YVRM
age: 3382
x-amz-server-side-encryption: AES256
x-cache: HIT
x-edge-datacenter: FRA
content-length: 16573
x-amz-id-2: 6sWGjHoM+tL3HrCv6iPtbJ9xBlVfd133Bcm2DcK0SKphb6Gl82elKRibz2mkPUvPXHAaZ90NCpA=
x-served-by: cache-fra-eddf8230102-FRA
x-connection-speed: broadband
last-modified: Thu, 01 Feb 2024 20:38:09 GMT
server: AmazonS3
etag: "93257641f6c759d6a33cd7a335066ca2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=0
vary: X-Continent-Code, Accept-Encoding
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 1

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
670 B 8ms
8ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10055-SJC, cache-sjc1000085-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860019.479372,VS0,VE2
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-cache-hits: 0, 36, 1

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
1 KB 9ms
9ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000091-SJC, cache-sjc10069-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860019.479356,VS0,VE2
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-cache-hits: 0, 32, 1

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
735 B 8ms
8ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000099-SJC, cache-sjc1000099-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860019.490422,VS0,VE2
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-cache-hits: 0, 35, 1

GET
H3 200 app-a4cee3a9f5b344883e06.js Show response
www.fastly.com/ 436 KB
144 KB 10ms
10ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

594b8f1a9e57febeb4331aa7deeb3508d02b3ddcaf638d6c84d388fe777b92b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000102-SJC, cache-sjc10050-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860019.499505,VS0,VE2
etag: "44d7c1b333e27e99cda9e6242dbf9b98"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146816
x-cache-hits: 0, 1, 1

GET
H3 200 dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js Show response
www.fastly.com/ 97 KB
30 KB 11ms
11ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

f46cd01e86d738d8ec05f16ad58a4f02ac410ac631b98eef69755fd4b2483d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.522508,VS0,VE2
etag: "c914efb252c20291e242788f6b70606d"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30563
x-cache-hits: 0, 1, 1

GET
H3 200 f344f784-4fffcc916e1288ca5f66.js Show response
www.fastly.com/ 305 KB
89 KB 8ms
8ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-4fffcc916e1288ca5f66.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe7fc47915351de7cf866722e03e73e26211a421109e28934fd3e3504f66d218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000143-SJC, cache-sjc10077-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.522606,VS0,VE2
etag: "bc81a9fa9df32dbc9ef639cff78ad98a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90354
x-cache-hits: 0, 2, 1

GET
H3 200 2c56e427-06c3cd7d8a81f8c4f9db.js Show response
www.fastly.com/ 277 KB
85 KB 12ms
11ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-06c3cd7d8a81f8c4f9db.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5c677dac603d6dc3aa80f2022cbda63de290424fc7c5b4b28b10ceb88675f318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10074-SJC, cache-sjc1000140-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.525762,VS0,VE2
etag: "15f7b159fa532d6097e6e2f430536f9a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86599
x-cache-hits: 0, 2, 1

GET
H3 200 252f366e-a504413c9b8d5d58dfaa.js Show response
www.fastly.com/ 1 KB
781 B 10ms
9ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-a504413c9b8d5d58dfaa.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc1796b9d1184e999ca9295b98d5f749b4904aa80cb12f994d1ec29026e6a258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10049-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.526110,VS0,VE1
etag: "199be3999968d7070867bde748e9c5d4"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-cache-hits: 0, 2, 1

GET
H3 200 framework-79140523b99d02cdcef9.js Show response
www.fastly.com/ 128 KB
42 KB 169ms
168ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-79140523b99d02cdcef9.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

88a11903bf42ce4806c745fdcde3f5e094cdcf1a9cc5e8e4eb8a2aacf1c5b14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10027-SJC, cache-sjc10069-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.526090,VS0,VE161
etag: "4f1e197e63d25a9ec05cced907b6e801"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42652
x-cache-hits: 0, 1, 0

GET
H3 200 webpack-runtime-1775aad1d62a6daaf9e5.js Show response
www.fastly.com/ 20 KB
9 KB 11ms
10ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1043316119fa5601fb2ec8cf2ce3d9fc96fcb5fe0957e613b2348104d5aa0796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000121-SJC, cache-sjc1000133-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.526071,VS0,VE2
etag: "5ab8c39e378a9635d2fa40f4920c42e4"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8545
x-cache-hits: 0, 1, 1

GET munchkin.js
munchkin.marketo.net/ 0
0

GET
H2 200 x2ugb2nh7dxy.js Show response
js.driftt.com/include/1706860200000/ 212 KB
60 KB 116ms
16ms Script
application/javascript 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1706860200000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 38263cd2a79bbfbde38589f8589f28be.cloudfront.net (CloudFront), 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 07:46:53 GMT
content-encoding: gzip
x-amz-cf-pop: IAD66-C1, MUC50-P1
age: 8
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jMH4eyKFRTLsU0Eq35d5ONTX3k0dwJaRVxTs172oeuKEPFOuHp41MQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
108 KB 65ms
35ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d14575cf4967ee0c9086b94ae75220ce7a1a19c1cb0db8f46bb60c8b022bacbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109935
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 07:46:59 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
56 KB 15ms
13ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000104-SJC, cache-sjc1000121-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.538986,VS0,VE2
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-cache-hits: 0, 2, 1

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
59 KB 11ms
10ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10065-SJC, cache-sjc1000084-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.539236,VS0,VE2
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-cache-hits: 0, 2, 1

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
12 KB 10ms
9ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000114-SJC, cache-sjc1000113-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.539233,VS0,VE1
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-cache-hits: 0, 16, 1

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
57 KB 18ms
16ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000095-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.539236,VS0,VE3
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-cache-hits: 0, 2, 1

GET
H3 200 flow.png
www.fastly.com/cimages/6pk8mg3yh2ee/6ROIUWShnnGIkZRx4JjhQY/d422eb627eca1edac19fef63d2d6a075/ 54 KB
54 KB 159ms
158ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/6ROIUWShnnGIkZRx4JjhQY/d422eb627eca1edac19fef63d2d6a075/flow.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe3f5adc0b0e834c041ff3eff16cc338a796609d6847529141c3ecd0fc7fea94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: RefreshHit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=139391 idim=765x847 ifmt=png ofsz=54880 odim=765x847 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54880
x-served-by: cache-sjc1000101-SJC, cache-sjc1000101-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.560700,VS0,VE152
etag: "9Iu+yPkw0TY3023s6p2nY4df8dg1EdyM3QKkLE5qRqo"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H3 200 first_attempt.png
www.fastly.com/cimages/6pk8mg3yh2ee/3xzUNcII8zJw0Nj0uW8WmM/559eaf0bfb475e93ffae28dfeea84d08/ 14 KB
15 KB 167ms
166ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/3xzUNcII8zJw0Nj0uW8WmM/559eaf0bfb475e93ffae28dfeea84d08/first_attempt.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

ac6bdc5f37bb3d3a7a3db164f228cd0f805e8474df5765d46b9db71e14551244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: RefreshHit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=29696 idim=2018x196 ifmt=png ofsz=14746 odim=2018x196 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14746
x-served-by: cache-sjc1000100-SJC, cache-sjc10043-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.560921,VS0,VE160
etag: "w3F+xSHAC/E776Y3nbHOPtbJxLko/FTcqtsnPHB1gko"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H3 200 graph.png
www.fastly.com/cimages/6pk8mg3yh2ee/4BDRftDtht50OUtf87hxAy/b4036f1a29e59cbb3f116c8f28c3da30/ 17 KB
17 KB 162ms
161ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4BDRftDtht50OUtf87hxAy/b4036f1a29e59cbb3f116c8f28c3da30/graph.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

bd85ee55c66852286ef188a91f9517cb56a511a11cb9b464b617d03571491c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300712
x-cache: RefreshHit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=168749 idim=2210x1434 ifmt=png ofsz=16930 odim=2210x1434 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16930
x-served-by: cache-sjc10055-SJC, cache-sjc10080-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.561022,VS0,VE155
etag: "NXKTSfL/NTFwljhWAUzvSbiH5Iwt0XTcp72vIy+CkK0"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 0

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
1 KB 9ms
8ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300702
x-cache: Hit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc1000127-SJC, cache-sjc1000121-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.561163,VS0,VE2
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 3, 1

POST
H2 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
324 B 65ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
366 B 8ms
8ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

edc1ac14984c28dfb69b44d531f1502d818f2c8678f69cca0218296c7c30a933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000111-SJC, cache-sjc10080-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.750421,VS0,VE1
etag: "c3dc319442a13c9d69b6778737160790"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 0, 3, 1

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j/ 46 KB
12 KB 157ms
157ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

bbcfb3217d2001f978a038f35d0a6b5149f20346629cb717bc78bae9ac1e098e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc10063-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.750595,VS0,VE150
etag: "e5b7fbfb55e0cbf3046e63a3832209c6"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12227
x-cache-hits: 0, 1, 0

GET
H3 200 43a66a61-1865ab751e9716acdd36.js Show response
www.fastly.com/ 17 KB
5 KB 8ms
8ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-1865ab751e9716acdd36.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

6b96e43e1c1f2aa79a435aa6f9b9e9f3ddde013dedc2914291bef8fbb132c3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10076-SJC, cache-sjc1000090-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.910201,VS0,VE2
etag: "f9f5dd8ff8bdc041f662fde40d74a1fc"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4470
x-cache-hits: 0, 1, 1

GET
H3 200 commons-032389c2bb13eaaf4dcc.js Show response
www.fastly.com/ 14 KB
5 KB 19ms
18ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-032389c2bb13eaaf4dcc.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7fc4f277d625f2d88c55e6d1cbc1047e5f58685e96b76fd720bd90e3c65c897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000143-SJC, cache-sjc1000098-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.911453,VS0,VE3
etag: "74792b6746d446f3edba60866f519f7a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4877
x-cache-hits: 0, 3, 1

GET
H3 200 component---src-templates-blog-post-js-b019ca3a066dd50020ec.js Show response
www.fastly.com/ 10 KB
4 KB 14ms
13ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-b019ca3a066dd50020ec.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

09fbba9bf1604ae3264823871a639f92b4ba02c29e1c68ceb028c2ca2c6b01b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000115-SJC, cache-sjc1000114-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.911994,VS0,VE2
etag: "2990b15dd6dc0ffb4f2464f3da06f23f"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3876
x-cache-hits: 0, 0, 1

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
360 B 11ms
10ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10023-SJC, cache-sjc1000109-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.911970,VS0,VE2
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 0, 3, 1

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
532 B 10ms
9ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10067-SJC, cache-sjc10052-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.911990,VS0,VE1
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 0, 3, 1

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 31 KB
10 KB 12ms
11ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14e1758a680d218d9438c24ea5c123a4697d8c7200b8a976dbcc334c42db55a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000107-SJC, cache-sjc1000146-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.911977,VS0,VE2
etag: "8e19bd369fb2101474bc05c6a2d3fe0c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9654
x-cache-hits: 0, 3, 1

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
711 B 15ms
15ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10023-SJC, cache-sjc10038-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.912433,VS0,VE2
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 0, 3, 1

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
2 KB 13ms
12ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

251ae2637673472a67651c8f7d58f441d715a47d01c290d0509271572be4782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10056-SJC, cache-sjc10081-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.912238,VS0,VE2
etag: "08d543c89b10c2cddaee2f881f817d9c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1406
x-cache-hits: 0, 3, 1

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 339 B
536 B 16ms
15ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3a13b0732ceedf951e97ff22963487be716c05c8dd8a2b21869a18e77ca34bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10064-SJC, cache-sjc10047-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.912292,VS0,VE2
etag: "fc62d16cb1fdb52bcaf72a4ea357ac89"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 242
x-cache-hits: 0, 2, 1

GET
H3 200 668095159.json Show response
www.fastly.com/page-data/sq/d/ 495 B
605 B 14ms
14ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000119-SJC, cache-sjc10024-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.912323,VS0,VE2
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 0, 1, 1

GET core
rc-widget-frame.js.driftt.com/ Frame 25B5 0
0

GET
H3 200 Primary Request digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Show response
www.fastly.com/blog/ 617 KB
89 KB 8ms
8ms Document
text/html 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1b5938ce75bd82e23d8ecbf22be0fd26bca05029525cde40f8b1145b4cecd4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, must-revalidate
content-encoding: gzip
content-length: 90345
content-type: text/html
date: Fri, 02 Feb 2024 07:46:59 GMT
etag: "3e554c2d6301c02fe8bfb29f2bbe7a17"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 1, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-sjc10039-SJC, cache-sjc10079-SJC, cache-fra-eddf8230061-FRA
x-timer: S1706860020.944383,VS0,VE1
x-xss-protection: 1; mode=block

GET
H3 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
77 KB 8ms
8ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10068-SJC, cache-sjc10077-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.956112,VS0,VE1
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-cache-hits: 0, 25, 1

GET
H2 200 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 51 KB
16 KB 8ms
7ms Script
application/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f0952af5f9b29470d1ed7c3629cc6fe434e0aed0f5f72a3840714e7903632f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: OQIZp_aym532D3aWYlcX8r9vhAYnAzY.
x-continent-code: EU
content-encoding: gzip
date: Fri, 02 Feb 2024 07:46:59 GMT
via: 1.1 varnish
x-edge-region: EU-East
x-amz-request-id: NH2WEC7GDYM3YVRM
age: 3382
x-amz-server-side-encryption: AES256
x-cache: HIT
x-edge-datacenter: FRA
content-length: 16573
x-amz-id-2: 6sWGjHoM+tL3HrCv6iPtbJ9xBlVfd133Bcm2DcK0SKphb6Gl82elKRibz2mkPUvPXHAaZ90NCpA=
x-served-by: cache-fra-eddf8230102-FRA
x-connection-speed: broadband
last-modified: Thu, 01 Feb 2024 20:38:09 GMT
server: AmazonS3
etag: "93257641f6c759d6a33cd7a335066ca2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=0
vary: X-Continent-Code, Accept-Encoding
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 2

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
670 B 9ms
8ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10055-SJC, cache-sjc1000085-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.990779,VS0,VE1
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-cache-hits: 0, 36, 2

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
1 KB 8ms
7ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000091-SJC, cache-sjc10069-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:46:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.990875,VS0,VE1
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-cache-hits: 0, 32, 2

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
735 B 18ms
16ms Image
image/svg+xml 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000099-SJC, cache-sjc1000099-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.003134,VS0,VE1
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-cache-hits: 0, 35, 2

GET
H3 200 app-a4cee3a9f5b344883e06.js Show response
www.fastly.com/ 436 KB
144 KB 22ms
9ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

594b8f1a9e57febeb4331aa7deeb3508d02b3ddcaf638d6c84d388fe777b92b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000102-SJC, cache-sjc10050-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.014815,VS0,VE1
etag: "44d7c1b333e27e99cda9e6242dbf9b98"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146816
x-cache-hits: 0, 1, 2

GET
H3 200 dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js Show response
www.fastly.com/ 97 KB
30 KB 23ms
11ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

f46cd01e86d738d8ec05f16ad58a4f02ac410ac631b98eef69755fd4b2483d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.014792,VS0,VE1
etag: "c914efb252c20291e242788f6b70606d"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30563
x-cache-hits: 0, 1, 2

GET
H3 200 f344f784-4fffcc916e1288ca5f66.js Show response
www.fastly.com/ 305 KB
89 KB 26ms
13ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-4fffcc916e1288ca5f66.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe7fc47915351de7cf866722e03e73e26211a421109e28934fd3e3504f66d218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000143-SJC, cache-sjc10077-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.015821,VS0,VE1
etag: "bc81a9fa9df32dbc9ef639cff78ad98a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90354
x-cache-hits: 0, 2, 2

GET
H3 200 2c56e427-06c3cd7d8a81f8c4f9db.js Show response
www.fastly.com/ 277 KB
85 KB 35ms
22ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-06c3cd7d8a81f8c4f9db.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5c677dac603d6dc3aa80f2022cbda63de290424fc7c5b4b28b10ceb88675f318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10074-SJC, cache-sjc1000140-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.016035,VS0,VE1
etag: "15f7b159fa532d6097e6e2f430536f9a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86599
x-cache-hits: 0, 2, 2

GET
H3 200 252f366e-a504413c9b8d5d58dfaa.js Show response
www.fastly.com/ 1 KB
781 B 30ms
17ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-a504413c9b8d5d58dfaa.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc1796b9d1184e999ca9295b98d5f749b4904aa80cb12f994d1ec29026e6a258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10049-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.015767,VS0,VE1
etag: "199be3999968d7070867bde748e9c5d4"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-cache-hits: 0, 2, 2

GET
H3 200 framework-79140523b99d02cdcef9.js Show response
www.fastly.com/ 128 KB
42 KB 30ms
18ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-79140523b99d02cdcef9.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

88a11903bf42ce4806c745fdcde3f5e094cdcf1a9cc5e8e4eb8a2aacf1c5b14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10027-SJC, cache-sjc10069-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.015754,VS0,VE1
etag: "4f1e197e63d25a9ec05cced907b6e801"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42652
x-cache-hits: 0, 1, 1

GET
H3 200 webpack-runtime-1775aad1d62a6daaf9e5.js Show response
www.fastly.com/ 20 KB
9 KB 32ms
20ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1043316119fa5601fb2ec8cf2ce3d9fc96fcb5fe0957e613b2348104d5aa0796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000121-SJC, cache-sjc1000133-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.015786,VS0,VE1
etag: "5ab8c39e378a9635d2fa40f4920c42e4"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8545
x-cache-hits: 0, 1, 2

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 502ms
176ms Script
application/x-javascript 2.23.65.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.65.88 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-65-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 x2ugb2nh7dxy.js Show response
js.driftt.com/include/1706860200000/ 212 KB
60 KB 30ms
14ms Script
application/javascript 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1706860200000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 38263cd2a79bbfbde38589f8589f28be.cloudfront.net (CloudFront), 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront)
date: Fri, 02 Feb 2024 07:46:53 GMT
content-encoding: gzip
x-amz-cf-pop: IAD66-C1, MUC50-P1
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AwTILFc5Isiysu7xJCh-l5OATZTV0X7reKxuunLkMqaxUh9rww5loA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
108 KB 30ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d14575cf4967ee0c9086b94ae75220ce7a1a19c1cb0db8f46bb60c8b022bacbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109935
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 07:47:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
56 KB 24ms
19ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000104-SJC, cache-sjc1000121-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.021099,VS0,VE1
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-cache-hits: 0, 2, 2

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
59 KB 35ms
30ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10065-SJC, cache-sjc1000084-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.021414,VS0,VE1
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-cache-hits: 0, 2, 2

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
12 KB 32ms
28ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000114-SJC, cache-sjc1000113-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.021385,VS0,VE1
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-cache-hits: 0, 16, 2

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
57 KB 44ms
40ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000095-SJC, cache-sjc1000124-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.021380,VS0,VE1
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-cache-hits: 0, 2, 2

GET
H3 200 flow.png
www.fastly.com/cimages/6pk8mg3yh2ee/6ROIUWShnnGIkZRx4JjhQY/d422eb627eca1edac19fef63d2d6a075/ 54 KB
54 KB 26ms
23ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/6ROIUWShnnGIkZRx4JjhQY/d422eb627eca1edac19fef63d2d6a075/flow.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe3f5adc0b0e834c041ff3eff16cc338a796609d6847529141c3ecd0fc7fea94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=139391 idim=765x847 ifmt=png ofsz=54880 odim=765x847 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54880
x-served-by: cache-sjc1000101-SJC, cache-sjc1000101-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.029650,VS0,VE1
etag: "9Iu+yPkw0TY3023s6p2nY4df8dg1EdyM3QKkLE5qRqo"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H3 200 first_attempt.png
www.fastly.com/cimages/6pk8mg3yh2ee/3xzUNcII8zJw0Nj0uW8WmM/559eaf0bfb475e93ffae28dfeea84d08/ 14 KB
15 KB 30ms
27ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/3xzUNcII8zJw0Nj0uW8WmM/559eaf0bfb475e93ffae28dfeea84d08/first_attempt.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

ac6bdc5f37bb3d3a7a3db164f228cd0f805e8474df5765d46b9db71e14551244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=29696 idim=2018x196 ifmt=png ofsz=14746 odim=2018x196 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14746
x-served-by: cache-sjc1000100-SJC, cache-sjc10043-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.030017,VS0,VE1
etag: "w3F+xSHAC/E776Y3nbHOPtbJxLko/FTcqtsnPHB1gko"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H3 200 graph.png
www.fastly.com/cimages/6pk8mg3yh2ee/4BDRftDtht50OUtf87hxAy/b4036f1a29e59cbb3f116c8f28c3da30/ 17 KB
17 KB 30ms
28ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4BDRftDtht50OUtf87hxAy/b4036f1a29e59cbb3f116c8f28c3da30/graph.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

bd85ee55c66852286ef188a91f9517cb56a511a11cb9b464b617d03571491c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300712
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=168749 idim=2210x1434 ifmt=png ofsz=16930 odim=2210x1434 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16930
x-served-by: cache-sjc10055-SJC, cache-sjc10080-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.029979,VS0,VE1
etag: "NXKTSfL/NTFwljhWAUzvSbiH5Iwt0XTcp72vIy+CkK0"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
1 KB 41ms
38ms Image
image/avif 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300702
x-cache: Hit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc1000127-SJC, cache-sjc1000121-SJC, cache-fra-eddf8230061-FRA
server: Artisanal bits
x-timer: S1706860020.029965,VS0,VE1
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 3, 2

POST
H2 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
57 B 11ms
11ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
366 B 7ms
7ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

edc1ac14984c28dfb69b44d531f1502d818f2c8678f69cca0218296c7c30a933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000111-SJC, cache-sjc10080-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.166401,VS0,VE1
etag: "c3dc319442a13c9d69b6778737160790"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 0, 3, 2

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j/ 46 KB
12 KB 8ms
8ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

bbcfb3217d2001f978a038f35d0a6b5149f20346629cb717bc78bae9ac1e098e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc10063-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.166510,VS0,VE1
etag: "e5b7fbfb55e0cbf3046e63a3832209c6"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12227
x-cache-hits: 0, 1, 1

GET
H3 200 43a66a61-1865ab751e9716acdd36.js Show response
www.fastly.com/ 17 KB
5 KB 9ms
8ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-1865ab751e9716acdd36.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

6b96e43e1c1f2aa79a435aa6f9b9e9f3ddde013dedc2914291bef8fbb132c3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10076-SJC, cache-sjc1000090-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.190178,VS0,VE1
etag: "f9f5dd8ff8bdc041f662fde40d74a1fc"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4470
x-cache-hits: 0, 1, 2

GET
H3 200 commons-032389c2bb13eaaf4dcc.js Show response
www.fastly.com/ 14 KB
5 KB 15ms
14ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-032389c2bb13eaaf4dcc.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7fc4f277d625f2d88c55e6d1cbc1047e5f58685e96b76fd720bd90e3c65c897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000143-SJC, cache-sjc1000098-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191975,VS0,VE1
etag: "74792b6746d446f3edba60866f519f7a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4877
x-cache-hits: 0, 3, 2

GET
H3 200 component---src-templates-blog-post-js-b019ca3a066dd50020ec.js Show response
www.fastly.com/ 10 KB
4 KB 11ms
11ms Script
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-b019ca3a066dd50020ec.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-1775aad1d62a6daaf9e5.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

09fbba9bf1604ae3264823871a639f92b4ba02c29e1c68ceb028c2ca2c6b01b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000115-SJC, cache-sjc1000114-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191769,VS0,VE1
etag: "2990b15dd6dc0ffb4f2464f3da06f23f"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3876
x-cache-hits: 0, 0, 2

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
360 B 13ms
13ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10023-SJC, cache-sjc1000109-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191780,VS0,VE1
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 0, 3, 2

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
532 B 12ms
11ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10067-SJC, cache-sjc10052-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191770,VS0,VE1
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 0, 3, 2

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 31 KB
10 KB 10ms
9ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14e1758a680d218d9438c24ea5c123a4697d8c7200b8a976dbcc334c42db55a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000107-SJC, cache-sjc1000146-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191608,VS0,VE1
etag: "8e19bd369fb2101474bc05c6a2d3fe0c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9654
x-cache-hits: 0, 3, 2

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
711 B 12ms
12ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10023-SJC, cache-sjc10038-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191584,VS0,VE1
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 0, 3, 2

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
2 KB 9ms
8ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

251ae2637673472a67651c8f7d58f441d715a47d01c290d0509271572be4782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10056-SJC, cache-sjc10081-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191563,VS0,VE1
etag: "08d543c89b10c2cddaee2f881f817d9c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1406
x-cache-hits: 0, 3, 2

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 339 B
536 B 10ms
10ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3a13b0732ceedf951e97ff22963487be716c05c8dd8a2b21869a18e77ca34bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10064-SJC, cache-sjc10047-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191552,VS0,VE1
etag: "fc62d16cb1fdb52bcaf72a4ea357ac89"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 242
x-cache-hits: 0, 2, 2

GET
H3 200 668095159.json Show response
www.fastly.com/page-data/sq/d/ 495 B
605 B 14ms
13ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000119-SJC, cache-sjc10024-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.191547,VS0,VE1
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 0, 1, 2

GET
H2

200

embed.js Show response
fiddle.fastly.dev/
Redirect Chain

https://fiddle.fastlydemo.net/embed.js
https://fiddle.fastly.dev/embed.js

6 KB
3 KB

525ms
464ms

Script
application/javascript

2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fiddle.fastly.dev/embed.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: H2
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"19db-49773873e8"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate
access-control-allow-credentials: true
vary: Accept
access-control-allow-headers: Content-Type

Redirect headers

date: Fri, 02 Feb 2024 07:47:00 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
location: https://fiddle.fastly.dev/embed.js
access-control-allow-origin: *
vary: Accept
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
retry-after: 0

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 20 KB
9 KB 36ms
7ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4272646268
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-a4cee3a9f5b344883e06.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e70c13c470853523335215252805d93f706c977196b598e6691bc4c5ac35b4f

Request headers

Referer: https://www.fastly.com/
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 09 Feb 2024 06:51:50 GMT
date: Fri, 02 Feb 2024 07:47:00 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 3310
x-cache: HIT
content-length: 8108
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706856710&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=9dTf5Pt6KxfEdnYHBboZaf67Rn%2FUHtaYXZ8UYKbEMa8%3D
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Fri, 02 Feb 2024 06:51:50 GMT
server: Apache
x-timer: S1706860020.279359,VS0,VE1
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706856710&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=9dTf5Pt6KxfEdnYHBboZaf67Rn%2FUHtaYXZ8UYKbEMa8%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 47ms
23ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 10109
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Thu, 01 Feb 2024 20:33:09 GMT
server: cloudflare
etag: 0x8DC236500E5107B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e712dae4-801e-006c-3f84-55d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d6bb7d2be6-FRA

GET
H3 200 bundle.js Show response
www.fastly.com/g-static/fastly-swiftype/ 23 KB
9 KB 14ms
14ms Script
application/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fastly-swiftype/bundle.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10077-SJC, cache-sjc1000131-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860020.251100,VS0,VE2
etag: "a41be66ad83ae00d26b9bd8a3c9d4d0e"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9091
x-cache-hits: 0, 24, 1

GET
H2 200 d8606fe0-eb46-49e2-9118-e39304fc0f7b.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/ 4 KB
2 KB 48ms
33ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/d8606fe0-eb46-49e2-9118-e39304fc0f7b.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c5bcad630bd804130a6d05fecde90f20cbe12a8380a788aa3d32193ae7210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 71137
content-md5: qMf8qbwbWUALaZ1oPXjQqg==
content-length: 1686
x-ms-lease-status: unlocked
last-modified: Thu, 21 Dec 2023 19:28:04 GMT
server: cloudflare
etag: 0x8DC025AF3D17EF8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c8f67462-201e-005a-3e43-345f64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d6f83368eb-FRA
expires: Sat, 03 Feb 2024 07:47:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 51ms
33ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 84f0d2d748535d5d-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 22ms
20ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 13309
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80c4bb23-e01e-007a-496d-1424c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d78c912be6-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/c52762e4-4b9e-4500-a56a-c9066b6a4dff/ 72 KB
18 KB 32ms
31ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/c52762e4-4b9e-4500-a56a-c9066b6a4dff/en.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a290a1302fd23263da6af0fd54e97b901f2e7e70875182585292557cc156aea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3310
content-md5: 5w0HUpUi11vpn0suRrrKiQ==
content-length: 18324
x-ms-lease-status: unlocked
last-modified: Thu, 21 Dec 2023 19:28:11 GMT
server: cloudflare
etag: 0x8DC025AF803DD7F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3c6b808c-201e-0065-6843-3497c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d8092c68eb-FRA
expires: Sat, 03 Feb 2024 07:47:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 164ms
163ms Script
application/x-javascript 2.23.65.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.65.88 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-65-88.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 12 May 2024 07:47:00 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 68ms
19ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

ea5e372a51955899ac5090d7e74f8d5d30440544337039bf0831b1568a9fa54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 01 Feb 2024 04:39:45 GMT
server: ECS (amb/6BA7)
age: 38061
etag: "b6b78baec854da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H/1.1 200
OK scout.js Show response
www.fastly-insights.com/static/ 16 KB
8 KB 34ms
7ms Script
application/javascript 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bfc08994ce93776aae11e32a3509344efef5ee11e4fcf46e9d6e740b538a5030

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:00 GMT
Via: 1.1 varnish
content-encoding: br
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
Age: 27959
transfer-encoding: chunked
X-Cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Fastly-Restarts: 1
X-Served-By: cache-fra-eddf8230092-FRA
Last-Modified: Fri, 19 Nov 2021 13:24:35 GMT
X-Timer: S1706860021.547661,VS0,VE1
ETag: W/"47ef3d4b72e7b60840cf653fbe5101ea"
vary: accept-encoding
x-goog-generation: 1637328275714066
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
x-goog-stored-content-length: 16272
x-amz-checksum-crc32c: J5bR2A==
Accept-Ranges: none
X-Cache-Hits: 130900

GET
H2 200 3997.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 136ms
115ms Script
text/javascript 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3997.js?p=https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&e=

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 8e91c822-a2ae-46cf-868c-75dc08e04c45
x-runtime: 0.003278
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 84f0d2d86b65906a-FRA

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 59ms
39ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 18897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 84f0d2d8689f9060-FRA
expires: Fri, 02 Feb 2024 08:07:00 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 10 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFloatingFlat.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p9XkcRT860KFc2nbQOJsvw==
age: 51664
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:43 GMT
server: cloudflare
etag: 0x8D9411248A2F288
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61bd38e3-701e-0078-150a-159a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d8496b68eb-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/ 47 KB
11 KB 21ms
21ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/otPcCenter.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2vE4qrHr6kOuPbyrvQ8Ntg==
age: 71136
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11533
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:44 GMT
server: cloudflare
etag: 0x8D94112496CA8BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fe20d632-501e-007f-3580-22f618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84f0d2d8496d68eb-FRA

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
440 B 122ms
121ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1706860020576&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&version=2.4
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 4982510
Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPrBGHsCCR1_WiubAktvh-XHkG0BJYvc6iguI2M0-vtq_JcGoNH9mRat58aFlEafKLizq0E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Fri, 02 Feb 2024 08:47:01 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 385ms
105ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1706860020576&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 02 Feb 2024 07:47:00 GMT
expires: Fri, 02 Feb 2024 07:47:00 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPqsTW5Y7FLzJ4kkGbsmzwHYzZwzCUvBsuGoyMbISirmxB0YAfnqKYulk7ALuVhb-hutzw4

GET
H2 200 ipv
cdn.bizible.com/ 43 B
204 B 20ms
20ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_biz_h=-1906410348&_biz_u=b385cfde9730468891f2a05021505fae&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_biz_t=1706860020587&_biz_i=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j%20%7C%20Fastly&_biz_n=0&rnd=928862&cdn_o=a&_biz_z=1706860020588

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B77) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Tue, 30 Jan 2024 17:44:11 GMT
server: ECS (amb/6B77)
age: 223369
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
306 B 19ms
18ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=b385cfde9730468891f2a05021505fae&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_biz_t=1706860020591&_biz_i=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j%20%7C%20Fastly&rnd=985439&cdn_o=a&_biz_z=1706860020591

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B97) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:00 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Tue, 30 Jan 2024 17:44:21 GMT
server: ECS (amb/6B97)
age: 223359
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
326 B 319ms
318ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=b385cfde9730468891f2a05021505fae&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.01.25

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBB) /

Resource Hash

add5d9a3eaa5e640bafe3f832f74ca45a173f6ff545edbfd35b3030def5375cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (amb/6BBB)
etag: 6D30DE35
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 218

POST
H/1.1 200
OK visitWebPage
025-xko-469.mktoresp.com/webevents/ 2 B
318 B 962ms
155ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://025-xko-469.mktoresp.com/webevents/visitWebPage?_mchNc=1706860020669&_mchCn=&_mchId=025-XKO-469&_mchTk=_mch-fastly.com-1706860020669-65621&_mchHo=www.fastly.com&_mchPo=&_mchRu=%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 23a80bed-6bd1-4b0d-bd97-4ab44542f90d

GET
H2 200 core Show response
rc-widget-frame.js.driftt.com/ Frame 3207 2 KB
1 KB 322ms
307ms Document
text/html 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1706860200000/x2ugb2nh7dxy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 02 Feb 2024 07:47:01 GMT
etag: W/"6a5cea74d414ec151635bd2880abb1c3"
last-modified: Mon, 21 Aug 2023 14:57:03 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: chUzQOewkHQ-vr1LLWS64PlKlqWOGa2iYjbGQGenkBYkvueav-v3uA==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: hIxJdEPbt_45OV8bTT9Ad1M7VE.ABA8G
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H/1.1 200
OK a2560724-7682-4399-af18-96914684a88a Show response
fastly-insights.com/api/v1/config/ 18 KB
19 KB 53ms
14ms Fetch
application/json 2a04:4e42:400::603
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fastly-insights.com/api/v1/config/a2560724-7682-4399-af18-96914684a88a

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::603 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15288202612a9c56a57714bf4d2d9df1cdd14a3da720d3ba923611462cc0a044

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:00 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "include_subdomains": true, "success_fraction": 0.0099, "failure_fraction":0.99999}
X-Cache: MISS
Connection: keep-alive
server-timing: total;dur=4, fetch;dur=1, parse;dur=0, generate;dur=2
Content-Length: 18316
X-Served-By: cache-fra-eddf8230094-FRA, cache-fra-eddf8230107-FRA
X-Timer: S1706860021.980677,VS0,VE7
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}], "include_subdomains": true}
content-type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 59ms
35ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:00 GMT
x-amz-version-id: lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 11 Dec 2023 12:17:02 GMT
server: cloudflare
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"15c02cdee0df6c26ba3d8c62d912c66c"
age: 13874
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cf-ray: 84f0d2db0a891e0c-FRA
x-amz-cf-id: tFqinoq7NGbVhZ_RCLSzp5nbvBQwlXazBoNpR8Of2wUbUBUhMHk1RQ==

GET
H/1.1 200
OK o.svg Show response
dub-v4.pops.fastly-insights.com/ 378 B
1 KB 42ms
6ms Fetch
image/svg+xml 199.232.26.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dub-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.26.91 Dublin, Ireland, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=199.232.26.91,t;dur=1706860021,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230043-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860021.033049,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 192ms
173ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: Sf2eWj-fvHcEMqQ=
cf-cache-status: DYNAMIC
cf-ray: 84f0d2db694d2c01-FRA
date: Fri, 02 Feb 2024 07:47:01 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id: XjquBeOY3OYonfxxbNeqWVWWE3C6MM84ks_Z3_ONTHH0KfOQejUSpw==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
397 B 168ms
167ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d86689fa8b6be52410417ecbfc7edacb8f92ad07eaa4075f400abf6276ef561a

Request headers

visited_url: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer 9b339613e91679908663
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
etag: W/"cb-gQwYw8ojsy/4WZUmKRNTNonipi4"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 84f0d2dc7ac02c01-FRA
x-amz-cf-id: 56VU9xCz663QDAH0UG-KNndFkqqVMOJb41X9EhVCq86hu6DtBZCUGQ==
apigw-requestid: Sf2eXiEDPHcEM2A=

GET
BLOB 200
OK adfa0952-cc74-47e1-8fd9-dbbe71cab895
https://www.fastly.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.fastly.com/adfa0952-cc74-47e1-8fd9-dbbe71cab895
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK l Show response
2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com/ 616 B
1 KB 69ms
13ms Fetch
application/json 151.101.130.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com/l

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

4ad3d1bdcf7ea7da2f711cb8bf19eac0623abbd4c3ea005420dab64c6fdb237b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
X-Backend: lookup-eu
X-Cache: HIT
Connection: keep-alive
Content-Length: 616
X-Served-By: cache-fra-eddf8230105-FRA
Server: Varnish
X-Timer: S1706860021.147906,VS0,VE6
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 /
lux.speedcurve.com/lux/ 0
159 B 31ms
9ms Image
image/webp 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/lux/?v=312&id=4272646268&sid=170686002028366866&uid=170686002028366866&l=Blog%20subpage&HN=www.fastly.com&PN=%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&fl=512&NT=1706860019938as0fs0ds0de0cs0sc0ce0qs1bs9be15oi84os84oe84oc995ls999le1000sr91fc91lc91&LJS=d0t14f7c0n21e1r80x8108l54s345&PS=ns26bs1is26558ss0bc0ic647050ia5it16dd10nd637vh1200vw1600dh8209dw1600ds90345ct4G_er0nt1dm8&CPU=s|0,n|0,d|0,x|0,i|91&ET=main%20heading|91&CLS=0.002889&UT=scripts%20done%20blocking|57,onInitialClientRender|303,start%20widget_conductor:init|995,end%20widget_conductor:init|997,widget_conductor:init|995|2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706860021.167524,VS0,VE1
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 13ms
13ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/b?k=a2560724-7682-4399-af18-96914684a88a&s=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MDY4NjAwMjAsImV4cCI6MTcwNjg2MDA4MCwibmJmIjoxNzA2ODYwMDIwLCJzdWIiOiJhMjU2MDcyNC03NjgyLTQzOTktYWYxOC05NjkxNDY4NGE4OGEifQ.EYmxrCb3j0SMiHvkdX8BQhI1-33ae2EwNHnE2eOyEq4

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860021.163211,VS0,VE5
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
klot-v4.pops.fastly-insights.com/ 378 B
1 KB 43ms
6ms Fetch
image/svg+xml 146.75.82.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://klot-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.82.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.82.91,t;dur=1706860021,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230064-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860021.198343,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 10ms
10ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860021.255952,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
iah-v4.pops.fastly-insights.com/ 378 B
1 KB 47ms
6ms Fetch
image/svg+xml 151.101.182.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://iah-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.182.91 Houston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.182.91,t;dur=1706860021,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230038-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860021.296402,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 runtime~main.23dacaf3.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 6 KB
3 KB 123ms
123ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: pIvWjpmnkFEOPFn4Wb5jKsJCJYLlBZpR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"7bebf8444c728503329344c5817cc4e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iKJ0QDQklaUFcc7r5sEob6AYdjCTP_hSmdMYWrmm_kV1-1aZbzzdcQ==

GET
H2 200 9.4a3e9801.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 35 KB
13 KB 230ms
230ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 9pU_R_6A0pe5zwZS9qTdl853AJeE3UoE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N9TUg5f_Njm756LHMRJ-pJ8bqJLXLIYkqSL4eSVsk0r1kgbjPbI3tg==

GET
H2 200 main~493df0b3.91dc5a14.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 7 KB
3 KB 120ms
120ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/main~493df0b3.91dc5a14.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: aQ8O6UMWsN.2o5G5k1LSH1svCMcNLzIM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"c11c9776fa434757756e10e6ded61c75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -ejlnRHnri-c2k0yFdwafBbHuUNTfT1-n6HbdHHh3jUw9J2NklGx1A==

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 10ms
9ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860021.353910,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
astral-v4.pops.fastly-insights.com/ 378 B
1 KB 26ms
6ms Fetch
image/svg+xml 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://astral-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.194.91,t;dur=1706860021,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230137-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860021.373610,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 86 KB
27 KB 76ms
59ms Script
application/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 379
x-guploader-uploadid: ABPtcPqtljJ-k_olWuwM7DxNCucPXiVRsGmj1BsCy2maR3UIYPUNADv3kPOCWNq1R3A9eONl2FKy0xZLFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:05:05 GMT
server: cloudflare
etag: W/"bbabfd4493e8cf8aafea99a2f70825c0"
x-goog-hash: crc32c=4scEgA==, md5=u6v9RJPoz4qv6pmi9wglwA==
x-goog-generation: 1698923105172059
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 87554
cf-ray: 84f0d2dda85291cf-FRA
expires: Fri, 02 Feb 2024 08:40:42 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ 5 KB
2 KB 261ms
251ms Fetch
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a1fe71e2d9bfb90f25ee3cab3141fb1985cf6c0b6aa9d2099b9bdc52b1d3ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
_vtok: MTQ2LjcwLjExNy4xMDc=
_zitok: 8ca59ae04372f904d30e1706860021
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 84f0d2dea908906d-FRA

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ Frame 0
0 171ms
154ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.fastly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84f0d2ddaa4a5d9a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 07:47:01 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 10ms
10ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860021.431322,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
lfpg-v4.pops.fastly-insights.com/ 378 B
1 KB 32ms
6ms Fetch
image/svg+xml 199.232.170.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://lfpg-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.170.91 Paris, France, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=199.232.170.91,t;dur=1706860021,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230046-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860021.457077,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

OPTIONS
H2 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 152ms
151ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.fastly.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84f0d2de0ae75d9a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 07:47:01 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 323 B
649 B 169ms
169ms Fetch
application/json 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

41d1c9a0054aa054bf958a0ef504e8fa597d5b74580a730637ede0101ee89273

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
Authorization: bearer 0876aa5470a86ba07cc173e261b45c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"143-6YnU+TWhZHjeEnGW5WRstL/I27s"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 84f0d2def957906d-FRA

GET
H2 200 51.558be3c5.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 23 KB
8 KB 313ms
313ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: MiB6SJ_hQz3Pq6CwO3nBB9ur51MuDx66
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vjX_Lj7mNWsUycTttytVdoi6c_2KwIr_isSGxc5fDafCA4ajXwRMEw==

GET
H2 200 33.ae4de0a0.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 36 KB
10 KB 224ms
223ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: PUG2tPuHbg6UXU15H37d6Lifu.5b8Act
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _guirJQoh9X0GXeYgBeSKAi1N_IuRhQh4-E6GBAxTR9kVh4TMfd_6w==

GET
H2 200 22.6b9a301a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 32 KB
11 KB 225ms
223ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 5DpEqV64vjNf.xR4Ycu8ABwDTajSQu28
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KzP6I8w1ZVAAWdg7KQiDnjw0NpZmLcVwahHAvaRRR3my_gujac4d4Q==

GET
H2 200 19.6f85b843.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 17 KB
6 KB 125ms
123ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 6h.OknihAgkHqyiOazBjZgK8Eye38dcU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RYAtVyfJPMiQUq71831h48-AhfdKIRzwsqLbwR73zNzrjJfi-gXqtQ==

GET
H2 200 41.b4fc4de2.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 25 KB
8 KB 223ms
222ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: FagSZtMejGKtlakdF.TJtICZuNgX3erH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CbZLomMnIP8l0niWIJ5QnrwT5u1BFL8Um3L-O_SdCHZ9GBDUMx6lmA==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 74 KB
23 KB 123ms
122ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 6ZBrVw89SvGq2VureNcJmBbBxU6xpy.5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TcP6TfBoepcGOr2M5Nqeb_PlLlqGVTjxhWpbjolBmqjAW3SUZqHZgg==

GET
H2 200 27.3951aad8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 66 KB
20 KB 163ms
162ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: PLRwkxTy0W_1o8rwzVQG6XR9UyxAvjNh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Sat, 02 Sep 2023 21:37:07 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lDFPwxdgw1rhq4WteZY1b_-v3E3mDrM39WflX1YXKNIH_Lu-XAWaOg==

GET
H2 200 14.e24a6190.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 91 KB
28 KB 311ms
311ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: K3WFuCvgaR85bHejjlQovMKLy.aFwwpR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 01 Feb 2024 23:00:47 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s5QvlFULdRNOKxLGPL3bI-FdT0y2yxuYPXLLiajUJsBT0Q7wsjjEKw==

GET
H2 200 11.639238ba.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 23 KB
7 KB 125ms
124ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: b8DxaWwd7DelDXrUDvutiJht3MNKS0x9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 01 Feb 2024 23:00:47 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oiPqw0wysf09eR9uIQaaBaaDDNILpZ6ExbGfBecKwnKoxkoWDEpnAw==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 62 KB
20 KB 230ms
230ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 73t0DX7gtf8cYoJb7Yc3g4clVJLKoT_4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T312JlaVhobhiQ_9htJ-VnygseI8WIsRMTs4RAGOSDFJi8hUAtUE7A==

GET
H2 200 49.f7274268.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 105 KB
34 KB 224ms
224ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: UnQLDaxolgRZ0_0KEQ3FEqYuOmrvWhSp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -i6I3jfbmrxICwpuomgqA0UADwl9TEyjHYg2p8Yqw0uzQFhOj5TWsA==

GET
H2 200 40.31ef8dbf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 12 KB
4 KB 128ms
127ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: EbWmBmvqt4l4eqhPcrO3KKBcR5Y4Sxha
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oiJTD_zkNaguhiOvk5UuCuv8yRZxdvKoItLeXbLDAoctHTP8IsmRkQ==

GET
H2 200 29.31d09948.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 13 KB
6 KB 310ms
309ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: Dra0Dp1cM1HLOyYNpp6LdhLPgkFaGt2y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v0kiO9AaQ39iZvWUJdNLcyFyJ3XDgA0FDs-utvtUEBUQjMnKj9IUXw==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 17 KB
7 KB 126ms
125ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: txOTKrbjZe6O0W2BR7SKf8NrTANZQcoZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 01 Feb 2024 23:00:48 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PqKtXmhVJf7EhkKtWAhKOsDmScM2VxJLfG8ZX7ueL0WXSM1_bwtdqA==

GET
H2 200 8.98b34517.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 31 KB
5 KB 131ms
131ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: iNKtCZtb69S5Xg2ti_W3KaKTIlBxoqLp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"82429fd1682dcb60e14996ad58a35a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f99DYWUcXJqIxHveOkuMmXeKg61UfyjZkQ1Nkw_63swjsUgPCzNaFw==

GET
H2 200 8.5fdda827.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 81 KB
25 KB 459ms
459ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/8.5fdda827.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: s5Gs7OuwDj2F26kpSyydH_032jxZE3YX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Mon, 21 Aug 2023 14:57:26 GMT
server: istio-envoy
etag: W/"f78079aaffe016efb8ec35b9fbb9f42f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XgikGX7lmPKeYzuyE0FO1cj0_aK4cWrQ7RgOJBQXL_0QU3zJAaoH9w==

GET
H2 200 16.22abfce0.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 24 B
697 B 338ms
338ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: rVG2CZ.nBG2cILzPKbHYRCve7wbyYAw3
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 44
content-length: 24
last-modified: Thu, 01 Feb 2024 23:00:46 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: A0bVSAB5K8AodU8btHRCvofuEyOdjCds4gH4vErA-_UBiP9MLOjxgw==

GET
H2 200 16.890a0911.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 91 KB
24 KB 403ms
403ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/16.890a0911.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: 2cJi_0AtsucvWstmkbj3mO1t8SiuDMru
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"52b055a08e59141b8f7b7947c7d7ab69"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UBkS-AllEc6e8L4ZMPXvIRFu6naydCD9dT079WqQ5o4PugYLHGVnGw==

GET
H2 200 24.24e43c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 50 KB
14 KB 133ms
132ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/24.24e43c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: J3Ynz_VL_Xe.kEj4VqPxsio5dIqXBI10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"390d4b78f4c738295b7974aca941d031"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HVreuOjlYtc-La-cz1D2w3h8tmYPgEtZQAnJQE_o6TWUJwMTgR77Zw==

GET
H2 200 17.413337a8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 40 KB
13 KB 230ms
230ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/17.413337a8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:01 GMT
x-amz-version-id: Ud1ylpzTdwt3qfnkRXUYob2T_ovQMI1N
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"4aea30e551ee7f04a564c0408c291306"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _potimfGa7imtxcD90V3_-OS6klCTRdMjasrH2-idprq6pRyCyoKTA==

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 10ms
10ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:01 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860022.514972,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
mnl-v4.pops.fastly-insights.com/ 378 B
1 KB 878ms
283ms Fetch
image/svg+xml 146.75.22.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mnl-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.22.91 Manila, Philippines, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.22.91,t;dur=1706860022,req;dur=1
Content-Length: 378
X-Served-By: cache-mnl9726-MNL
Server: Varnish
X-Datacenter: MNL
X-Timer: S1706860022.290427,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 u
cdn.bizible.com/ 43 B
109 B 13ms
13ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A025-XKO-469%26token%3A_mch-fastly.com-1706860020669-65621&_biz_u=b385cfde9730468891f2a05021505fae&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&_biz_t=1706860021592&_biz_i=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j%20%7C%20Fastly&_biz_n=1&rnd=576301&cdn_o=a&_biz_z=1706860021592

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B97) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:01 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Tue, 30 Jan 2024 17:44:21 GMT
server: ECS (amb/6B97)
age: 223360
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 data.js Show response
tags.clickagy.com/ 36 KB
13 KB 43ms
7ms Script
application/javascript 2600:9000:211e:6a00:4:8491:f2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:6a00:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1125930801bca103956f0a40293836c345f8fc4e38c6aefbacf02e3ad22d24b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: UDHDPQdnaQ_PEfPfRD1SDUqHwu7jzLTT
content-encoding: br
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
date: Thu, 01 Feb 2024 10:56:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
age: 75049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Jan 2024 16:56:20 GMT
server: AmazonS3
etag: W/"2d8cdceff761c419467c2573c15d08bd"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 7BPQJc9MqhUFSIcuR1qhpAATOFltC7Y2CXJVya_th7sPQfKZsOY5UQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 49ms
6ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 10:35:02 GMT
Content-Encoding: gzip
Via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 76320
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 10VffiR8BStxt1vYg-4DHs7cG_UhHq9Fk0irH99ZBqDiHhkDyRIFjA==

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
506 B 296ms
100ms XHR
application/json 107.22.39.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.39.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-39-74.compute-1.amazonaws.com
Software: Aorta/20240201.63b3dc185 /
Resource Hash: 0d456f1ad7500134c1ac4efb7275f70ab761c26286fdf2f7c7c190d011e7d68b

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
content-encoding: gzip
server: Aorta/20240201.63b3dc185
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: f0eebb683adf
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/clickagy/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:b716a88424dc0a5c193a721f9a167467&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1706860022250&ip=146.70.117.107&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D219773204780000577342
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=219773204780000577342
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:b716a88424dc0a5c193a721f9a167467&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:b716a88424dc0a5c193a721f9a167467&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U...
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=29189422613941644982782259858767507988
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D

0
187 B

53ms
13ms

Image
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 02 Feb 2024 07:47:02 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

date: Fri, 02 Feb 2024 07:47:02 GMT
server: Aorta/20240201.63b3dc185
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 080423d4b01e
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C52A 0
60 B 114ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&upid=srcqgs0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Fri, 02 Feb 2024 07:47:01 GMT
server: Kestrel

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
326 B 346ms
98ms XHR
text/plain 54.84.115.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.84.115.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-115-237.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 9 KB
3 KB 128ms
126ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: ImQsTpKBliwQo67XdyBh62ueo1U1.E8y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 01 Feb 2024 23:00:47 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Dv9C337-cl9nlW_hd7df1diNV8qzceKS4g7_rRg5aNrHAcyqh8uRHQ==

GET
H2 200 4.07aa08a5.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 7 KB
2 KB 121ms
120ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/4.07aa08a5.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: wzblrhR8VgaZ91O5gq0aMSI2PU89S5cp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lMAzXRWp0h0FQMOm3aoIHbqfaS9eDMi3Poma79Wuj0wjUp0a57VU2w==

GET
H2 200 4.36582b8b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 54 KB
15 KB 401ms
400ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/4.36582b8b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: aXK3nhxEmGQGmcWeEUpmTanxIifnp1mO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"eb4f4fdfa625f5036ae2538950af438e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: km0np1O9ZhpdjLe8hIXd3xJCbKnFCNn_-pXt1EVME8Cu_guyjD-2OQ==

GET
H2 200 34.4924e4bf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 27 KB
8 KB 409ms
408ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/34.4924e4bf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: T7ywXmlgZ2pn_NjEp3YMDrKgM16OYgwy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"2a9499a40949c70c9c00081b06639cb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P-YlC0mOON7KNPfDtAUaDqmRxNpmIhIriPlM7v-ol-sNHSFsbeUUCg==

GET
H2 200 1.12ba17b6.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 44 KB
7 KB 126ms
125ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: LMPLba9ExDv9DrilAC.SlIcGfeBrCNaK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 01 Feb 2024 23:00:46 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IPw1rHIJCMy0wswx2P0qlYbZIt9Rslgc1ZTbj9_Qq8R7LXvMoI-ArQ==

GET
H2 200 1.9d9c8c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 54 KB
17 KB 124ms
123ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/1.9d9c8c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: TN5uaySIype7BWdOQeU5pFJLqRV.3qiK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:24 GMT
server: istio-envoy
etag: W/"bc8dde7d353b792cb424661adcff29fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zkIdEUYCnYPnzjDgxjv6TaKvl7KaiMOD0e4mSuJXPWkrOFSP6JerAA==

GET
H2 200 3.bbe0e1fa.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 24 KB
10 KB 125ms
124ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/3.bbe0e1fa.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: pHxDHN0IINa0RNuxMPvQ8pBn4Eg1GWSc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"b394f9cf6fe473cdb6852b332234aa52"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zLk7pRq9FWHFyB8Xt5Mj3VexGWGwROg2vWtmp3rn4kDXkDxie6bIUg==

GET
H2 200 26.5208cc6b.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 11 KB
3 KB 320ms
319ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/26.5208cc6b.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: SrCjVsE3413g5wEL9F8CX8IFIQaqzFVz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"0842e637a23acc114afbb6195c984564"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LLjfJ7OtDc3AOtByUF-JWgOgMoWt-I_EOYAvzk_x00S9VSWHwUqL0w==

GET
H2 200 26.69219246.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 16 KB
6 KB 146ms
146ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/26.69219246.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: xHgUeRJlJNXFuOCOFJ6VHVB_xDcgAWBV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"c41c7243f45ea540e99a3256f4942432"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 74zOgr7F5ItNTCiXp4X4KIMpSqQ0Kr-XjnxMmx0fb3WvR0HJ2h7inA==

GET
H2 200 25.7addeee7.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 9 KB
2 KB 133ms
132ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/25.7addeee7.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: EFJHE_lMh.tvaT0GqPW.1ROLceWNBRoz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"b9011653b355d04d18b2ff93e45e1ecd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XZsiRnkVA90QXB8oqZqxDWxceulFdfKX2WisPP_jNqpTOFlSgraZcw==

GET
H2 200 25.915ff314.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 47 KB
15 KB 222ms
222ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/25.915ff314.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: qod1m4nnLfUgaMaxljkZuFfY2SywXHfx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"12bceaba2da6c30ab2a0aacbde681b0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qAQh1PjbodS7kX6-4umnfS8aiEXTxI4yLH_z98PxpthudPa4-sQzOA==

GET
H2 200 28.e29661b2.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 561 B
1 KB 321ms
321ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/28.e29661b2.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: yOY99EI9PDEu6PYQSPkvCce7eoR8ev5W
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
content-length: 561
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: "5847d5731c3141aa511411d6c66a193c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U-WZYewmiHqXjOng5DtN5ezzw4mR-nP4MsqDSJi0zVJ3JjuH2jsjUQ==

GET
H2 200 28.7257241a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 49 KB
14 KB 183ms
183ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/28.7257241a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: Aw7E9DaiC.0zygWe8D.HQj28dALSaXA6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 73
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"e737f53b0791dac4c523770b4992131c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c8c2mEwfJaXurUA2fJI2STagHewzbMd4ApNCZJVeWj1gWcnIl6s_oQ==

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 11ms
11ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860022.444364,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H2 200 o.svg Show response
quic-v4.pops.fastly-insights.com/ 378 B
1 KB 35ms
7ms Fetch
image/svg+xml 151.101.194.67
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://quic-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.67 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 02 Feb 2024 07:47:02 GMT
via: 1.1 varnish
strict-transport-security: max-age=86400; includeSubDomains
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
x-cache: HIT
server-timing: sip;desc=151.101.194.67,t;dur=1706860022,req;dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 378
x-served-by: cache-fra-eddf8230110-FRA
server: Varnish
x-datacenter: EDDF
x-timer: S1706860022.472586,VS0,VE0
report-to: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: X-Datacenter, X-Ip-Version, Server-Timing
cache-control: private, no-cache, max-age=0, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
retry-after: 0
x-ip-version: 4

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 11ms
11ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860023.531593,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com/ 378 B
1 KB 29ms
6ms Fetch
image/svg+xml 146.75.118.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.118.91,t;dur=1706860023,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230045-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860023.553021,VS0,VE0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 10ms
10ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860023.611208,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
wlg-v4.pops.fastly-insights.com/ 378 B
1 KB 43ms
7ms Fetch
image/svg+xml 151.101.234.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wlg-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.234.91 Wellington, New Zealand, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.234.91,t;dur=1706860023,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230096-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860023.647736,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 35.3cdf48ae.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3207 16 KB
3 KB 127ms
126ms Stylesheet
text/css 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/35.3cdf48ae.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: V1yopT2bXZUj.CNczvGqS7_vfWAIiP2A
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"ac16e52f547ce8f3de32d9d7d591c2c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G9hbklzzVZfRM5nWETR_wqBlmPGoz3YZAel7ZPfR4WZ3yjBkyGa1HQ==

GET
H2 200 35.3969a3d7.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 11 KB
5 KB 128ms
128ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/35.3969a3d7.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
x-amz-version-id: _L8fRFK5jC3YnnGaFitzP.KBJ4MXVS_2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"dcd622adceee29d53432ca3f6e9eb777"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eClj9LIWM-MwC1Pj5RniHSsY8XTFQDPyiN-u5DBAgiC4Y8GP-akqrg==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 3207 245 B
687 B 308ms
107ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

bae7efa69b1b12a4990ba129e2c60e511a6280c838e751cfd8ef0cc8704f4be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 07:47:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: e4ff1b74a5cbbcbe
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 245

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 11ms
10ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860023.706170,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
any-v4.pops.fastly-insights.com/ 378 B
1 KB 35ms
6ms Fetch
image/svg+xml 151.101.66.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://any-v4.pops.fastly-insights.com/o.svg?u=2f3e6c14-e498-4a80-b10e-e51dd90a27ea

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Ip-Version: 4
Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.66.91,t;dur=1706860023,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230065-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1706860023.734514,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 11ms
11ms Ping
application/json 151.101.194.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.fastly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 02 Feb 2024 07:47:02 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-eddf8230102-FRA, cache-fra-eddf8230092-FRA
X-Timer: S1706860023.792671,VS0,VE4
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 460 B
965 B 102ms
67ms Fetch
application/json 18.173.187.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=qoeMC7SDKL4xjEnvU1wA5OqhPHghHKmcXtCYge6F&page=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&page_title=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j%20%7C%20Fastly&referrer=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-100.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 1c7557b0d09af9abfd270c802e1cbb231b586b4521a02f0239a2a0d37508746e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:03 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
request-id: 2f64945a-d1fb-4c7d-a697-a418b14b37f8
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Lj3MT7IA6QqJTy1p8IPFP_R1n9pgHCrKht5YM-AwOIt0StsDU5wtTw==
expires: Thu, 01 Feb 2024 07:47:03 GMT

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3207 25 B
112 B 109ms
107ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 07:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 566f8770cfeb7eae
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 3207 18 KB
6 KB 1006ms
1004ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

562748581c3f482f051f4b753620c1dddb8448702102546fc00a0dfeb7ebc694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 07:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: a05b734b41345e88
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 911
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
91 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

020bbab9ebf7f0c05e99f670ec7cf81b748f0c514622001b5009a2720432814d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 07:47:03 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ETDRC9QJ6S&gtm=45je41v0v872918845z8810839359za200&_p=1706860019996&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1931606660.1706860023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dp=%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&sid=1706860023&sct=1&seg=0&dl=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&dr=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&dt=Digging%20deeper%20into%20Log4Shell%20-%200Day%20RCE%20exploit%20found%20in%20Log4j%20%7C%20Fastly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-W9FKFHD&ep.gtm_container_version=306&ep.data_link_id=&ep.data_link_id_lookup=unbucketed_link&up.db_sid=(Non-Company%20Visitor)&up.db_company_name=(Non-Company%20Visitor)&up.db_website=(Non-Company%20Visitor)&up.db_industry=(Non-Company%20Visitor)&up.db_sub_industry=(Non-Company%20Visitor)&up.db_employee_range=(Non-Company%20Visitor)&up.db_revenue_range=(Non-Company%20Visitor)&up.db_audience=no%20data%20available&up.db_audience_segment=no%20data%20available&up.db_city=(Non-Company%20Visitor)&up.db_state=(Non-Company%20Visitor)&up.db_country_name=(Non-Company%20Visitor)&up.db_priority_account=(Non-Company%20Visitor)&tfd=3329
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ETDRC9QJ6S&cid=1931606660.1706860023&gtm=45je41v0v872918845z8810839359za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 53ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ETDRC9QJ6S&cid=1931606660.1706860023&gtm=45je41v0v872918845z8810839359za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1253243393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 07:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/fastly-security-research-team/ 0
9 KB 9ms
9ms Other
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Origin: https://www.fastly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10026-SJC, cache-sjc10037-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860023.286174,VS0,VE2
etag: "0d48c8f78524073ec034138257190068"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9166
x-cache-hits: 0, 0, 1

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/fastly-security-research-team/ 31 KB
9 KB 7ms
7ms XHR
application/json 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/dc6a8720040df98778fe970bf6c000a41750d3ae-db284d710acf18123cbf.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

158e1afc011716ac4e1a9a10c42926a6803f5e5c0ba96d70d5376815f665bd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc10026-SJC, cache-sjc10037-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860023.296803,VS0,VE1
etag: "0d48c8f78524073ec034138257190068"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9166
x-cache-hits: 0, 0, 2

GET
H3 200 component---src-templates-blog-authors-js-475b9ef3efcf91f74556.js
www.fastly.com/ 0
3 KB 8ms
8ms Other
text/javascript 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-authors-js-475b9ef3efcf91f74556.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-a4cee3a9f5b344883e06.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sjc1000119-SJC, cache-sjc10033-SJC, cache-fra-eddf8230061-FRA
date: Fri, 02 Feb 2024 07:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1706860023.306047,VS0,VE2
etag: "8a9f871eb60d0632047c2afe2cc80cf8"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3083
x-cache-hits: 0, 0, 1

POST
H2 200 track Show response
event.api.drift.com/ Frame 3207 756 B
819 B 96ms
96ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

bc64a3cfc1a828368bdf6a01d16a62ba3fde383da05a1aeb4f44c94f788347ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDg4NDMyMTUzNSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEwODk4NDYiLCJleHAiOjE3Mzg0ODI0MjMsImlhdCI6MTcwNjg2MDAyM30.fBsIWVgZB-asBNBtWPa_8a1hKYNOI9wp95b2F3sVEcFIA-FufaUh_N2zuWsoIovBZStNetvo6W3ZE_8ADeBkIw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Feb 2024 07:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 84659daa712b0030
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 756

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 96ms
95ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-widget-frame.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 02 Feb 2024 07:47:04 GMT
requestid: driftebf870040c98374dddbf7e5276c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 57.28dde8ce.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3207 19 KB
7 KB 307ms
307ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019953&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 07:47:04 GMT
x-amz-version-id: Zxo_g5bCWN5ThGUMi3U0U588J4K9cfWW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Thu, 01 Feb 2024 23:00:49 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XjsMGyVaqr-vhJqE1X1cU-84LJ1bx2dECawICR88PwIL3pqeH-gE0A==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3207 14 KB
14 KB 42ms
15ms Font
font/woff2 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:55:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 19659084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 46
content-length: 13976
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "e7e52c955aa33e618baf437a16539524"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h6lRtVFZd9X-andmXojx8w7rMdhBuiZRl5uaUu348zppJDdnb6tGeQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3207 14 KB
14 KB 44ms
17ms Font
font/woff2 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 17 May 2023 00:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 22575007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
content-length: 14148
last-modified: Fri, 03 Mar 2023 14:35:52 GMT
server: istio-envoy
etag: "69b28056044be6438ce7e5214c66ba82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5f9QvEcHfI8rWm26AlToyLhqMaRakpCkKDbdKIWIwdigYrsMq6kUbA==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 3207 25 B
111 B 111ms
110ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 07:47:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 2069c1b0abee310b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js

Domain: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=b690fae4-78cb-4466-96fb-f934d531c8b7&sessionStarted=1706860019.934&campaignRefreshToken=6648e7fd-35f8-48da-8e29-0e0e87179161&pageLoadStartTime=1706860019439&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fastly.com/blog	1969-12-31 23:59:59	Name: DriftPlaybook Value: B
www.fastly.com/	1970-01-20 18:07:41	Name: drift_campaign_refresh Value: 6648e7fd-35f8-48da-8e29-0e0e87179161
www.fastly.com/	1970-01-20 18:07:41	Name: lux_uid Value: 170686002028366866
.fastly.com/	1970-01-21 02:53:16	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Feb+02+2024+08%3A47%3A00+GMT%2B0100+(Central+European+Standard+Time)&version=6.20.0&isIABGlobal=false&hosts=&consentId=fb241dd9-a37e-4b14-8d9f-f10997b97a54&interactionCount=0&landingPath=https%3A%2F%2Fwww.fastly.com%2Fblog%2Fdigging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j&groups=req%3A1%2Cfuncs%3A1%2Cadv%3A0
.techtarget.com/	1970-01-20 18:07:41	Name: __cf_bm Value: uyIjfMG3m5MYbSfZHn75B4GV9RoJ3e_oL26MoUTwLs8-1706860020-1-AVGfEK802+2wnEGB88t9SOpSPn0+m1MlUxPrJNjgWFxlw+y76R087Ls3bGV13sE0c9TBT0AW16E104V9A3kKtJo=
.fastly.com/	1970-01-21 02:53:16	Name: _biz_uid Value: b385cfde9730468891f2a05021505fae
.bizibly.com/	1970-01-21 02:53:16	Name: _BUID Value: 9cd646f5fabf5e6434c263d8085ec41e
.bizible.com/	1970-01-21 02:53:16	Name: _BUID Value: b385cfde9730468891f2a05021505fae
tracking.g2crowd.com/	1970-01-20 18:27:49	Name: _session_id Value: 07d58e9bfba8b3627f895eadd4150d52
.g2crowd.com/	1970-01-20 18:07:41	Name: __cf_bm Value: t3op14dc26yRXGveU.ZTafGG6gJ_3_GbGQCnmnUWL0A-1706860020-1-ATvNf8cJd4XGCif/yZTsW1sxIHofetXKWRquBvEymAMax0FvB8JKzIAcG/Kq9zxyrjBicVX1b9e+8CorQFqbrUY=
.fastly.com/	1970-01-21 03:43:40	Name: _mkto_trk Value: id:025-XKO-469&token:_mch-fastly.com-1706860020669-65621
.www.fastly.com/	1970-01-21 02:53:16	Name: _zitok Value: 8ca59ae04372f904d30e1706860021
.zoominfo.com/	1970-01-20 18:07:41	Name: __cf_bm Value: skKIkPWy7US.2p5rvsvefmvPJ4GxSvsojU16OTw1llo-1706860021-1-ASxOD28DgU7ckblaYTFZuhyO1obClYejGrCkhmjhVsj7N7vcRcrqzYSJ4Wr45Sz/p1yhncUDu0mGxOG0yR6K2aI=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Mn64d2AVweIjrPLofVIBuYihyCMydNXTRioX0CyXtXc-1706860021431-0-604800000
.fastly.com/	1970-01-21 02:53:16	Name: _biz_nA Value: 2
.fastly.com/	1970-01-21 02:53:16	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.fastly.com/	1970-01-21 02:53:16	Name: _biz_pendingA Value: %5B%5D
.agkn.com/	1970-01-21 02:53:16	Name: ab Value: 0001%3AxyazTqRAT%2F19XtynkEnL7tyQBgYFulqy
.agkn.com/	1970-01-21 02:53:16	Name: u Value: C\|0AAAAAAAALU9adgAAAAAA
.demdex.net/	1970-01-20 22:26:52	Name: demdex Value: 29189422613941644982782259858767507988
.dpm.demdex.net/	1970-01-20 22:26:52	Name: dpm Value: 29189422613941644982782259858767507988
www.fastly.com/	1970-01-21 03:43:40	Name: drift_aid Value: d7ea28fc-b7b5-48ae-8f11-ab00dc1a444f
www.fastly.com/	1970-01-21 03:43:40	Name: driftt_aid Value: d7ea28fc-b7b5-48ae-8f11-ab00dc1a444f
.fastly.com/	1970-01-21 03:43:40	Name: _ga Value: GA1.1.1931606660.1706860023
.fastly.com/	1970-01-21 03:43:40	Name: _ga_ETDRC9QJ6S Value: GS1.1.1706860023.1.0.1706860023.60.0.0

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

025-xko-469.mktoresp.com
2f3e6c14-e498-4a80-b10e-e51dd90a27ea-pdata-v4.unique.k.fastly-insights.com
2f3e6c14-e498-4a80-b10e-e51dd90a27ea.eu.u.fastly-insights.com
aa.agkn.com
any-v4.pops.fastly-insights.com
aorta.clickagy.com
api.company-target.com
astral-v4.pops.fastly-insights.com
bootstrap.api.drift.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.speedcurve.com
client-registry.mutinycdn.com
d.agkn.com
dpm.demdex.net
dub-v4.pops.fastly-insights.com
event.api.drift.com
fastly-insights.com
fiddle.fastly.dev
fiddle.fastlydemo.net
geolocation.onetrust.com
hemsync.clickagy.com
iah-v4.pops.fastly-insights.com
ibc-flow.techtarget.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
js.zi-scripts.com
klot-v4.pops.fastly-insights.com
lfpg-v4.pops.fastly-insights.com
lux.speedcurve.com
metrics.api.drift.com
mnl-v4.pops.fastly-insights.com
munchkin.marketo.net
o1025883.ingest.sentry.io
pixel-sync.sitescout.com
quic-v4.pops.fastly-insights.com
rc-widget-frame.js.driftt.com
region1.analytics.google.com
stats.g.doubleclick.net
tags.clickagy.com
tracking.g2crowd.com
trk.techtarget.com
wlg-v4.pops.fastly-insights.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.fastly-insights.com
www.fastly.com
www.google.de
www.googletagmanager.com
munchkin.marketo.net
rc-widget-frame.js.driftt.com
107.22.39.74
108.138.15.119
146.75.118.91
146.75.22.91
146.75.82.91
151.101.129.91
151.101.130.217
151.101.130.91
151.101.182.91
151.101.194.67
151.101.194.91
151.101.2.217
151.101.234.91
151.101.66.91
152.195.15.58
172.64.150.44
18.173.187.100
18.66.147.49
18.66.192.93
192.28.147.68
199.232.170.91
199.232.26.91
2.23.65.88
2001:4860:4802:34::36
2600:9000:211e:6a00:4:8491:f2c0:93a1
2606:4700:4400::6812:24c4
2606:4700:4400::ac40:90e1
2606:4700:4400::ac40:9b77
2606:4700::6810:880f
2606:4700::6812:82ec
2a00:1450:4001:800::2008
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9d
2a04:4e42:400::603
2a04:4e42:600::313
2a04:4e42:600::729
2a04:4e42::729
3.122.79.91
34.111.208.231
34.120.195.249
50.16.7.188
52.223.40.198
52.50.105.129
54.220.151.51
54.84.115.237
98.98.134.241
020bbab9ebf7f0c05e99f670ec7cf81b748f0c514622001b5009a2720432814d
0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
09fbba9bf1604ae3264823871a639f92b4ba02c29e1c68ceb028c2ca2c6b01b9
0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0d456f1ad7500134c1ac4efb7275f70ab761c26286fdf2f7c7c190d011e7d68b
1043316119fa5601fb2ec8cf2ce3d9fc96fcb5fe0957e613b2348104d5aa0796
10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4
10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d
10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508
1125930801bca103956f0a40293836c345f8fc4e38c6aefbacf02e3ad22d24b1
14e1758a680d218d9438c24ea5c123a4697d8c7200b8a976dbcc334c42db55a5
14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2
15288202612a9c56a57714bf4d2d9df1cdd14a3da720d3ba923611462cc0a044
15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65
158e1afc011716ac4e1a9a10c42926a6803f5e5c0ba96d70d5376815f665bd12
1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1b5938ce75bd82e23d8ecbf22be0fd26bca05029525cde40f8b1145b4cecd4a5
1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9
1c7557b0d09af9abfd270c802e1cbb231b586b4521a02f0239a2a0d37508746e
1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938
2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d
251ae2637673472a67651c8f7d58f441d715a47d01c290d0509271572be4782b
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03
37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7
37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83
3a13b0732ceedf951e97ff22963487be716c05c8dd8a2b21869a18e77ca34bbb
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1
41d1c9a0054aa054bf958a0ef504e8fa597d5b74580a730637ede0101ee89273
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ad3d1bdcf7ea7da2f711cb8bf19eac0623abbd4c3ea005420dab64c6fdb237b
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4e70c13c470853523335215252805d93f706c977196b598e6691bc4c5ac35b4f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02
562748581c3f482f051f4b753620c1dddb8448702102546fc00a0dfeb7ebc694
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594b8f1a9e57febeb4331aa7deeb3508d02b3ddcaf638d6c84d388fe777b92b6
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207
5c677dac603d6dc3aa80f2022cbda63de290424fc7c5b4b28b10ceb88675f318
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387
6b96e43e1c1f2aa79a435aa6f9b9e9f3ddde013dedc2914291bef8fbb132c3a9
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910
82c5bcad630bd804130a6d05fecde90f20cbe12a8380a788aa3d32193ae7210c
860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
88a11903bf42ce4806c745fdcde3f5e094cdcf1a9cc5e8e4eb8a2aacf1c5b14b
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2
9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69
9f0952af5f9b29470d1ed7c3629cc6fe434e0aed0f5f72a3840714e7903632f1
a1fe71e2d9bfb90f25ee3cab3141fb1985cf6c0b6aa9d2099b9bdc52b1d3ea49
a290a1302fd23263da6af0fd54e97b901f2e7e70875182585292557cc156aea5
a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10
a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff
a7fc4f277d625f2d88c55e6d1cbc1047e5f58685e96b76fd720bd90e3c65c897
ac6bdc5f37bb3d3a7a3db164f228cd0f805e8474df5765d46b9db71e14551244
add5d9a3eaa5e640bafe3f832f74ca45a173f6ff545edbfd35b3030def5375cd
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0
bae7efa69b1b12a4990ba129e2c60e511a6280c838e751cfd8ef0cc8704f4be5
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bbcfb3217d2001f978a038f35d0a6b5149f20346629cb717bc78bae9ac1e098e
bc64a3cfc1a828368bdf6a01d16a62ba3fde383da05a1aeb4f44c94f788347ef
bd85ee55c66852286ef188a91f9517cb56a511a11cb9b464b617d03571491c0b
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
bfc08994ce93776aae11e32a3509344efef5ee11e4fcf46e9d6e740b538a5030
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503
cc1796b9d1184e999ca9295b98d5f749b4904aa80cb12f994d1ec29026e6a258
d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39
d14575cf4967ee0c9086b94ae75220ce7a1a19c1cb0db8f46bb60c8b022bacbb
d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44
d86689fa8b6be52410417ecbfc7edacb8f92ad07eaa4075f400abf6276ef561a
d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb
e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab
e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c
e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a
e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde
ea5e372a51955899ac5090d7e74f8d5d30440544337039bf0831b1568a9fa54c
eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367
ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798
edc1ac14984c28dfb69b44d531f1502d818f2c8678f69cca0218296c7c30a933
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46cd01e86d738d8ec05f16ad58a4f02ac410ac631b98eef69755fd4b2483d92
f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fe3f5adc0b0e834c041ff3eff16cc338a796609d6847529141c3ecd0fc7fea94
fe7fc47915351de7cf866722e03e73e26211a421109e28934fd3e3504f66d218
fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1

www.fastly.com Open in urlscan Pro 2a04:4e42:600::313 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

97 %HTTPS

30 %IPv6

29 Domains

51 Subdomains

43 IPs

7 Countries

2968 kBTransfer

8482 kBSize

25 Cookies

26 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fastly.com Open in urlscan Pro
2a04:4e42:600::313 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

97 %
HTTPS

30 %
IPv6

29
Domains

51
Subdomains

43
IPs

7
Countries

2968 kB
Transfer

8482 kB
Size

25
Cookies

191 HTTP transactions
4 data transactions