www.huntress.com Open in urlscan Pro
2606:2c40::c73c:671c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Submission: On December 05 via api (December 5th 2023, 11:58:19 am UTC) from IN — Scanned from DE

Summary HTTP 189 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 65 IPs in 4 countries across 48 domains to perform 189 HTTP transactions. The main IP is 2606:2c40::c73c:671c, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.huntress.com. The Cisco Umbrella rank of the primary domain is 403475.
TLS certificate: Issued by E1 on October 29th 2023. Valid for: 3 months.

This is the only time www.huntress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:2c40::c7... 2606:2c40::c73c:671c	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:6cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.45.238.53 23.45.238.53	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c060	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:44da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6811:129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.157.4.88 108.157.4.88	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	34.159.227.151 34.159.227.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:5200:9:d7d4:1380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
6	35.157.222.108 35.157.222.108	16509 (AMAZON-02) (AMAZON-02)
10	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.6.216.199 52.6.216.199	14618 (AMAZON-AES) (AMAZON-AES)
4	54.196.175.244 54.196.175.244	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.205.109.127 54.205.109.127	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6811:589a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	44.225.227.138 44.225.227.138	16509 (AMAZON-02) (AMAZON-02)
1	44.228.105.44 44.228.105.44	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	46.51.146.14 46.51.146.14	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
40	18.66.147.59 18.66.147.59	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
189	65

24 2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.huntress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:6cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c060 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44da (United States)

ASN13335 (CLOUDFLARENET, US)

huntresscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:129 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-88.dus51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

3911692.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.159.227.151 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.227.159.34.bc.googleusercontent.com

webhooks.fivetran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5200:9:d7d4:1380:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2b1f (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.222.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.17.100.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.216.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-216-199.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.196.175.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-175-244.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.109.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-109-127.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:589a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.225.227.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-227-138.us-west-2.compute.amazonaws.com

api-gw.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.228.105.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-105-44.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.146.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-146-14.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 18.66.147.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-59.fra60.r.cloudfront.net

rc-widget-frame.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	driftt.com js.driftt.com — Cisco Umbrella Rank: 5827 rc-widget-frame.js.driftt.com — Cisco Umbrella Rank: 129294	494 KB
24	huntress.com www.huntress.com — Cisco Umbrella Rank: 403475	1 MB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 5657 c.6sc.co — Cisco Umbrella Rank: 8715 ipv6.6sc.co — Cisco Umbrella Rank: 5852 b.6sc.co — Cisco Umbrella Rank: 3994	22 KB
7	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6652 customer.api.drift.com — Cisco Umbrella Rank: 7172 metrics.api.drift.com — Cisco Umbrella Rank: 6556 event.api.drift.com — Cisco Umbrella Rank: 7169	6 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 i.clarity.ms — Cisco Umbrella Rank: 18363 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
6	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618	11 KB
6	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 9979 scout.salesloft.com — Cisco Umbrella Rank: 11992	7 KB
5	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5546 js.hubspot.com — Cisco Umbrella Rank: 5191 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4978 track.hubspot.com — Cisco Umbrella Rank: 2246	27 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4435 forms-na1.hsforms.com — Cisco Umbrella Rank: 7062 perf-na1.hsforms.com — Cisco Umbrella Rank: 5595	4 KB
4	metadata.io cdn.metadata.io — Cisco Umbrella Rank: 23286 api-gw.metadata.io — Cisco Umbrella Rank: 23247	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	16 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 analytics.twitter.com — Cisco Umbrella Rank: 713 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	179 KB
4	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 664	719 KB
4	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3771 px.ads.linkedin.com — Cisco Umbrella Rank: 327 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	162 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	16 KB
3	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8744	2 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26115 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23835	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	281 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580 content.hotjar.io — Cisco Umbrella Rank: 6459	420 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4726 forms.hscollectedforms.net — Cisco Umbrella Rank: 4810	26 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 4913 q.quora.com — Cisco Umbrella Rank: 3720	15 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	fivetran.com webhooks.fivetran.com — Cisco Umbrella Rank: 30398	325 B
2	hubspotusercontent-na1.net 3911692.fs1.hubspotusercontent-na1.net	61 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	35 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 478	571 B
1	usbrowserspeed.com a.usbrowserspeed.com — Cisco Umbrella Rank: 5716
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1387	637 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	t.co t.co — Cisco Umbrella Rank: 589	376 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4727	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3131	4 KB
1	xad.com bidagent.xad.com — Cisco Umbrella Rank: 18659	341 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1266	8 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4490	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	455 B
1	huntresscdn.com huntresscdn.com — Cisco Umbrella Rank: 6361	112 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5536	6 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3351	361 B
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8411	2 KB
189	48

	Domain	Requested by
40	rc-widget-frame.js.driftt.com	js.driftt.com rc-widget-frame.js.driftt.com
24	www.huntress.com	www.huntress.com
7	b.6sc.co	www.huntress.com
6	tags.srv.stackadapt.com	www.huntress.com tags.srv.stackadapt.com
4	scout.salesloft.com	scout-cdn.salesloft.com
4	connect.facebook.net	www.huntress.com connect.facebook.net
4	lh7-us.googleusercontent.com	www.huntress.com
3	i.clarity.ms	www.clarity.ms
3	js.hs-banner.com	www.huntress.com js.hs-banner.com
3	tracking.g2crowd.com	www.huntress.com tracking.g2crowd.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.huntress.com
3	js.driftt.com	www.huntress.com rc-widget-frame.js.driftt.com
3	cdnjs.cloudflare.com	www.huntress.com
3	www.googletagmanager.com	www.huntress.com www.googletagmanager.com
2	event.api.drift.com	rc-widget-frame.js.driftt.com
2	customer.api.drift.com	rc-widget-frame.js.driftt.com
2	bootstrap.api.drift.com	rc-widget-frame.js.driftt.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	forms.hsforms.com	www.huntress.com
2	api-gw.metadata.io	cdn.metadata.io
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	ibc-flow.techtarget.com	trk.techtarget.com
2	px.ads.linkedin.com	1 redirects snap.licdn.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	cdn.metadata.io	www.huntress.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.huntress.com
2	platform.twitter.com	www.huntress.com platform.twitter.com
2	webhooks.fivetran.com	huntresscdn.com
2	3911692.fs1.hubspotusercontent-na1.net	www.huntress.com
2	scout-cdn.salesloft.com	www.huntress.com
2	dev.visualwebsiteoptimizer.com	www.huntress.com
2	code.jquery.com	www.huntress.com
1	metrics.api.drift.com	rc-widget-frame.js.driftt.com
1	c.bing.com	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	perf-na1.hsforms.com	www.huntress.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	forms-na1.hsforms.com	www.huntress.com
1	a.usbrowserspeed.com	cdn.metadata.io
1	alb.reddit.com	www.huntress.com
1	px4.ads.linkedin.com	www.huntress.com
1	www.facebook.com	www.huntress.com
1	syndication.twitter.com	platform.twitter.com
1	analytics.twitter.com	www.huntress.com
1	t.co	www.huntress.com
1	script.hotjar.com	static.hotjar.com
1	js.hsleadflows.net	www.huntress.com
1	js.hs-analytics.net	www.huntress.com
1	js.hubspot.com	www.huntress.com
1	js.hsadspixel.net	www.huntress.com
1	js.hscollectedforms.net	www.huntress.com
1	bidagent.xad.com	www.huntress.com
1	app.hubspot.com	www.huntress.com
1	q.quora.com	www.huntress.com
1	www.redditstatic.com	www.huntress.com
1	trk.techtarget.com	www.huntress.com
1	ws.zoominfo.com	www.huntress.com
1	a.quora.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.huntress.com
1	huntresscdn.com	www.huntress.com
1	cdn.jsdelivr.net	www.huntress.com
1	static.hsappstatic.net	www.huntress.com
1	s7.addthis.com	www.huntress.com
1	cdn2.hubspot.net	www.huntress.com
1	platform.linkedin.com	www.huntress.com
189	75

This site contains links to these domains. Also see Links.

Domain
huntress.io
support.huntress.io
www.rapid7.com
activemq.apache.org
lh7-us.googleusercontent.com
github.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
www.bizratings.com

Subject Issuer	Validity	Valid
www.huntress.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
huntresscdn.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-09-30` - `2024-09-29`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
webhooks.fivetran.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quora.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.metadata.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-18` - `2024-01-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
bidagent.xad.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-11-17` - `2024-02-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.drift.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Frame ID: B6CC94A1B44745102B9BEF7DF87FA86F
Requests: 134 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com
Frame ID: 59907F400E4931310FF9C6CE2B7EA2F6
Requests: 2 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Frame ID: E91C47A7EDEA69D208CD3DBCA7105D0C
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Critical Vulnerability: Exploitation of Apache ActiveMQ CVE-2023-46604

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

189
Requests

98 %
HTTPS

56 %
IPv6

48
Domains

75
Subdomains

65
IPs

4
Countries

3663 kB
Transfer

8472 kB
Size

63
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://huntress.io/
Title: Partner Login Access Your Huntress Dashboard

Search URL Search Domain Scan URL

URL: https://support.huntress.io/
Title: Support Documentation Technical Product Support, FAQs & More

Search URL Search Domain Scan URL

URL: https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/
Title: Suspected Exploitation of Apache ActiveMQ CVE-2023-46604

Search URL Search Domain Scan URL

URL: https://activemq.apache.org/activemq-command-line-tools-reference.html
Title: command line tool

Search URL Search Domain Scan URL

URL: https://activemq.apache.org/components/classic/download/
Title: https://activemq.apache.org/components/classic/download/

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/3HUtyDCAietS-TRisGdXcIU4Syi7sgvDwfTYg83GBm5mJr5k2Q-dQUS0cE4EG32j2vCbMJqFootvbomsPBup2Mha0yL5BzYT4fm6qQ2Ce-6iX9XQwE1W7XoNDzYJW6_r53RXD1uKDFUZm8shKHYPFW8

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/ejrLkwloT4wUwGNL0cJPtXCTYSIfAHEqo3zGTtdurtY24iAVPbUYtJ1Ri8BVYVrIZTH6fXaxyQePGcvP7dCM0OyVmrzyHwDg_RvOu2FPo5oQzsYUZ_VeIrWMeKf0oZCbyY_xFW0wmfO12FD3mlGzIBI

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/HiOGTRQ7ADbC3jH6h6JLSqIg0V5dWdxPUU_E2N93Lrgh21yUoFIFqet5UF-b9R_ZmhojUG8ibY7Erb7HAUrwn7WmifHNjLOGqO89Vb7tE1IV8dJOYsYC2z_Nv-h9m_tJtGHKKiOjceK7aFiyieocLb4

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/GYP8fynEdzoA7DbIM1gWISq48KKtuBYHTx0oihJBsjgw6rMJy64l7Ek-7Cd2UrNPp7JZvD7p4xqpYcBlAkg5K1lAsY2U6hWhxNT8ubIIXjLXKogS0otTVVctHAf8QFeiuC0gHhlFxOGv0Yn5p2mb99g

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/kYl9Coq_171FtiewKhMWdQvhZ4_je3R9IfJyel0vFv1Ooe_WzUqWyr3cCe3fR_QalHa4R5niltwdG6-TXZqVoidH6swo9YgN9yOoR7UMf-Ndj4buTE7c0flDVdirLg1aDeYp5a8Q_fqIPzwhddVxN1g

Search URL Search Domain Scan URL

URL: https://github.com/rapid7/metasploit-framework/pull/18501
Title: Metasploit module

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/MFtcWTzYWPh19QKqaf148mu1LWWCPnhoYXGIl3Dd0uiPWlGOYyFNox717XWMuCz5TYYvRdkAdAMyF4tfyl7LwoS54p3k37wwxZ0vTiyXzvhuBIRYIentHSTRHsWDnXU7qlciua6lgplh-sWObtVzzRA

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/rzZJNq3S5iKvDjRbs-0JntIjIUnwZkI2Emb4fMLt0c3G5kWskz6D0DPVhecAV5MYpQwvDXN_woFVlLZ2bUW9x2ybOMwaSipvivOr_j78AhLdFmAV_zU9daEHT9echOR5JtL9TlkwUgx8WNGXrS7nZZ0

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/y2RriP0M-ZywnR3TfdCZGLgK28SbVR0LK2SP5mfCiyuI6XzHykVx_epls-wkM4nVFv1B4t4ogiLWvLkxWbU5i4dQuptMpxE1jWQnOpDfQ7gCUZmvnBYTxCWFqhTyfSGqbjduVcn-wqytGzBmKSskz1c

Search URL Search Domain Scan URL

URL: https://github.com/huntresslabs/threat-intel/blob/main/2023/2023-11/suspicious_child_process_from_activemq.yml
Title: Sigma detector

Search URL Search Domain Scan URL

URL: https://www.facebook.com/huntresslabs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntress-labs

Search URL Search Domain Scan URL

URL: https://twitter.com/HuntressLabs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntress-labs/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/huntresslabs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Huntress/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bizratings.com/Huntress-Labs-Incorporated
Title: BizRatings

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e_ipv6=AQLMt4dxg2E44gAAAYw519GI6x-6hcXe5znKqvgUj1vqgrhSEJ8vB36qXhKymUxAmw

Request Chain 133

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&RedC=c.clarity.ms&MXFR=0FDFB98BDF2361CF03C4AA55DB236F41 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&MUID=28B39DB80F2B6292316B8E660EA0635F

189 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604 Show response
www.huntress.com/blog/ 146 KB
28 KB 152ms
75ms Document
text/html 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

72d4c7c6a35adaf336716307881a29753f3341dbafa2c82d28e6fbeb0a5f1894

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 830c1db61a3e37fc-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 11:58:13 GMT
edge-cache-tag: CT-137519669158,CT-143686222755,CT-144203912473,CT-144873329013,CG-39343107504,P-3911692,L-37647219354,L-38940492861,L-97832688913,CW-37647184945,CW-37647219358,CW-37648091485,CW-37648262592,CW-72308060713,CW-97827380338,E-37640723000,E-37647164007,E-37647184944,E-67886983812,MENU-38395296852,MENU-38397117900,PGS-ALL,SW-4,B-39343107504,GC-38395296829,GC-97827380396
etag: W/"f74cfe2f1c9c4dd9d9d960fd98a38460"
last-modified: Mon, 04 Dec 2023 05:57:11 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
permissions-policy: microphone=(), geolocation=(), camera=()
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rkwNsCw8X4DWH9WC1soJmC5n8pZR%2F1I9QdO2zMd5tYMbSqLkYv2UurbhPM8tGT107ztpO3xU0DlowIgvPduNZfYb8n49LaVOxIqvh9R9300k33u4teexKsPvFYtUZP4kL7p3F1CR9TZULtkcE8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-hs-cache-config: BrowserCache-5s-EdgeCache-30s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-campaign-id: 1e05c64c-0e48-4193-b9b6-93ff943d4c4e
x-hs-content-id: 143686222755
x-hs-https-only: worker
x-hs-hub-id: 3911692
x-hs-prerendered: Mon, 04 Dec 2023 05:57:11 GMT

GET
H2 200 module_97827380338_POWER_Header_V2c.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847207656/ 9 KB
3 KB 63ms
61ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847207656/module_97827380338_POWER_Header_V2c.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9376df9b8822a7f057796704e3cb466577faa32f94b2460a2429944cc16c9489

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2681
x-amz-request-id: ZA1M747C5YN2ZK7K
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9e5756eb6d9de94905780a4ca74a859a"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698847207656
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 ad2604250e9eed83c372fadb62dfeaca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: u5W5j0Xxzn.AHQfCDBaEoGmnDumG6OJB
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: ecfd92bd-a2dd-4921-a33a-c266b93f298c
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ls2RrfPhq54vn5EKTyyQVc5IHW5I/9U+IJjtD6xQ2wmHkMlFiEd6ZWmxoxE52CgZAZDjDgFOSJWaQU1g0HBewA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: ecfd92bd-a2dd-4921-a33a-c266b93f298c
last-modified: Wed, 01 Nov 2023 14:00:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPLXaRIfjY5VVJwW4ZQU5zGazDfH408yj35JUTUPxNQAZSK8BbBrDa5AbB74H%2Fe%2FUy%2FMIgxw0xvGNPcSFNBh7zhKlWFHW1urqfX4jnUg%2Bqh4PizR3mmor9obUnVuD3LUKUlO3LusKxj1xG6U0Qg%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 830c1db6ab1037fc-FRA
x-amz-cf-id: 9-e2yGg41Un7URi_CN3XJnyT_7S1uWD5_zdWS5Y2UygjOP9GLM8Xfw==

GET
H2 200 module_37647219358_POWER_Blog_Post_Header.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/ 74 B
1 KB 153ms
151ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/module_37647219358_POWER_Blog_Post_Header.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: CY9AS4C06EYPDP1X
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"69dec35879b2f3061c26e9b58f93b109"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1639032908209
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 49upZA48BAIxdOk80QHxcPVW7u781vZq
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 032fa8d6-4d01-427f-be30-37f48162f5ab
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 121
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hJbCpw3NokFDICCDsFzgRirFlxAVperZmgWWHbkh7PXbKFN99DuED2b/9KyOo2xK4MyK2JXorXg=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 032fa8d6-4d01-427f-be30-37f48162f5ab
last-modified: Thu, 09 Dec 2021 06:55:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRcQHriw95hb9Uk6spTtRMTJKmt3JGIdJB4bV9EP9DN5%2BoedwasHV0uXVS06zVfvge8w5yDwXOtR708rB%2F1PszEPtc8GxG8%2FodTddmsHLpWidXAGkkQ%2FdTRbm8v7whkIIYe8Nn%2FOVpuQ%2BAjKxxY%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-pbvdq
access-control-allow-credentials: false
cf-ray: 830c1db6ab1637fc-FRA
x-amz-cf-id: u5Kr7lWlkzMbNTi8vGVHNsRNIybUP5DFDjfY8NjUZODmYWiATHFN8Q==

GET
H2 200 module_37648262592_POWER_Blog_Post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1700057517053/ 3 KB
2 KB 54ms
52ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1700057517053/module_37648262592_POWER_Blog_Post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2681
x-amz-request-id: 20EVWK8GYCQ6DMKF
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"32d40d380ad9ef9fa7e8201229f3af48"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1700057517053
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: uCR1l7H5rlNHZpDHA9M4uUaQvUnEe34H
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3c93f6d6-8fa6-4bd9-9340-14972c087b5b
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 181
alt-svc: h3=":443"; ma=86400
x-amz-id-2: o8ZQ6cvJ8b9MX9u1XIMhYTj8J0g1pQx+mRj2tTvJtFR0MzVls64/8q7PZ6msC6Fr2JX73U2pghljoBZKdIXZpHWqQBXkiUvp9zPdZHQLz5s=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3c93f6d6-8fa6-4bd9-9340-14972c087b5b
last-modified: Wed, 15 Nov 2023 14:11:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwPRSTHTntdagYJT7yGu6zY%2FVR1gOBp5ZhBElCdhpf38H77s6kVqU2LmLJsO6r6314SJ0LrjfMwRrpF5n1TN%2BjLGcnXDJ3uaScm%2BtkbSujZWULLe2oXzPatO5StUSMqxZi1x0qsQ3pkQt%2BYdaVQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-mdhhg
access-control-allow-credentials: false
cf-ray: 830c1db6ab1937fc-FRA
x-amz-cf-id: EgXU4OInHAHKAAXXLkMKR6cZ_bGq_L-lO5xjrGwS76dotKzKGNkvww==

GET
H2 200 module_72308060713_Blog_Related_post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/ 980 B
1 KB 60ms
58ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/module_72308060713_Blog_Related_post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2681
x-amz-request-id: DGNK6W1A6SYVTZZZ
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"367408b281056af8212339a4673151f1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943698
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 2174e600dd54879ba9f49d0337eeb2dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PvcH1mnBAoQZmMyjaqQqh_SH9bmBXz5d
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 29322b9f-1cd2-4828-993e-15d78131c570
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6rmBo/mrhge3OA48HJUt3mR5Tq9/rKUFfu5wHCcVUsE8pPFifbtpcNyjluKUwd9gQzB7G7lAwAXUO3fvd7hShmzIFQokKBrIkz7YAp4Ia2w=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 29322b9f-1cd2-4828-993e-15d78131c570
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNm2zilAJ9gyW1nwPFofPPIVfhJiqr38bQoPh3Ir4jZQdHPdrhOsNkpOZWbdqKWdurCBVXh%2BVxfEmk3dkqCjR88OVTl4fF6P%2BP7kAvTilpdvmWlcBEVoIfKoX9bf%2FyiH64s1GDYW29ZFqw%2BS3t8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 830c1db6ab1a37fc-FRA
x-amz-cf-id: L78yMPEjcZSot_BfR4drLoREO-1RmGR-dg60jDSkoc7k5MM6ysRuBQ==

GET
H2 200 module_37648091485_POWER_Footer_Full.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1684898810500/ 576 B
1 KB 143ms
142ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1684898810500/module_37648091485_POWER_Footer_Full.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b5765cdf7d4f072406ef5bfeecee9b32bff67188fd51806fdb3e33dd947d083

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: GYAPQ5AA20E9ME84
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"9a99157071cde4851612764968f3d978"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684898810500
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: R.csxy8CglfZBKioFoVylJ7B89DN_Gka
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6E+DYBmtrRhwgvNq1ZV+sX17kiaVjvKA/4LqcfnplNNkf0/bbbDYvB9WtnZ7YbswdSTRzvKs5Fw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: b014335d-785a-4a94-ad2e-b609247699f2
last-modified: Wed, 24 May 2023 03:26:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2bg0BOkF2pIOUDXEBSZ3LDwdvRFLhlGD9oqUZhF6uDbIZ02ZaSuRiBOIHUYRZCxNva5VohxSrLBdu5sL4vdJjuzahrGiWWuGXkBeNbYP8S9YUMnRRLKBf3MgJ8j06SpGhFD1j3P9lk7aJ%2BV%2B80%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 830c1db6ab1b37fc-FRA
x-amz-cf-id: srKWbETndrx5s1pz4FfWOPZr7PYl83TYJBpZJDeMZkj_AT0iR2dYLg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
96 KB 46ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4088630619dba4909538dd2f3605c8f92b2756f0105a22b4cf8cdab9dc134703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 11:58:13 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 47ms
13ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1174877
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-ams21061-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701777494.576526,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 12, 607372

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 47ms
12ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6975293
x-cache: HIT, HIT
content-length: 4165
x-served-by: cache-lga21924-LGA, cache-ams21061-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701777494.576519,VS0,VE0
etag: W/"28feccc0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5528, 40934

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 33ms
8ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

8e36313d9bdd33c436808fe365c1faf9c3ee7afc1f8a9d7a2f0d89c25d12d73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1174
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163638
x-li-uuid: AAYLwa0DP2Yf5SgREU4qhw==
last-modified: Tue, 05 Dec 2023 11:38:39 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-lor1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lor1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Tue, 5 Dec 2023 12:38:39 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1701378737672/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 65ms
48ms Stylesheet
text/css 2606:4700::6810:6cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1701378737672/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-encoding: br
age: 398702
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1701378738431
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 18d09425-9fc0-43e4-9a2c-6cfc41358102
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 221
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 18d09425-9fc0-43e4-9a2c-6cfc41358102
last-modified: Thu, 30 Nov 2023 21:12:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc6ZOt5yu6uMTmb91Ruj3aO1BQQfLFmeBeRTAOJjCKzTCVugfLOQG8nqoMrxLpgUwaWdDrBWfiLcJsjqFTa7febjoUsobdmUZGoWJI7Ia%2FBj%2Ffea6R1iyW4KcO23TNuWq4XEQLvnPu%2FsTli1WOA%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-5896745bbb-5tx8p
cf-ray: 830c1db6b87e3837-FRA

GET
H2 200 pwr.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1700592732634/HL_Theme_2021/Coded_Files/ 248 KB
43 KB 71ms
70ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1700592732634/HL_Theme_2021/Coded_Files/pwr.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b7c6f73a6e785add388f9ab572432a7c04be2c9b6d8cdb0d21b721877331285

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: E0P76YXG2EZN05QW
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"707efe7b227e8f725ec1e9a58c775e9f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1700592734177
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 1448f69604d5be1f9c9f0c64cfa90594.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dyXZXCoIY9ZIHMBUD6.7KtLiI07Rk6xu
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d78b1903-daba-4e15-9301-8d7bf3063983
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 169
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ojpX695R7jxQt4Y+lIHdpdm1jrMIfa73qs5WY/auo5D/pRcTmiHUUREm5QgTrb7JkBlRjjHurw4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d78b1903-daba-4e15-9301-8d7bf3063983
last-modified: Tue, 21 Nov 2023 18:52:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRsY6tlhoxsXtTUIk%2Fv9czp4T0EzlCpMW3oECFQKhf8zmHFWOFGHfNkj6D7KsQEkCFhA08TxTcrdleuCRexn5J3vS9RAaPZaNRw08cbJwZn8uodJvXb2uBbVeIO8M8Rssv0TfLoD%2FR1DNSmDBvs%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-pbvdq
access-control-allow-credentials: false
cf-ray: 830c1db6ab1e37fc-FRA
x-amz-cf-id: UhpJ4F4nl6ZmqxK7F-f1o-bgj45Z4EMrlwM8BvJQFTzU1EpdefoZ_Q==

GET
H2 200 custom-styles.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1696947144736/HL_Theme_2021/Coded_Files/ 5 KB
2 KB 55ms
55ms Stylesheet
text/css 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1696947144736/HL_Theme_2021/Coded_Files/custom-styles.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95b63df5dfdf0e0b0357145cdcab82f66f47a5b7362d7cc9ca3742bfbd580fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3054
x-amz-request-id: 3HBVKXZVVHXASKG0
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"4a44eb50daee811c10a2b1d0c48ff21b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1696947145421
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: c15uUEuU2sFV9fghOKvvAQdaTKKVU.My
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 70dda67b-b1f8-4eea-9820-98eeddc04d67
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 240
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oWBZt2az+zKRJJWqVOURI/yQjD5LtdPCU1iN9x49SPK5k/N6Qr7V3bcYWEFWQI5Mcf8wRsdR4LVE0x2Rx//Hhqct7dr6dBBtzwGPKRl8szE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 70dda67b-b1f8-4eea-9820-98eeddc04d67
last-modified: Tue, 10 Oct 2023 14:12:26 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVmequhagYcVGH16fHp7jYeQadIRnfJfwzlBPF7SDff1UCuNm0UKnk18QGg2SyAudNmPpxDqahlTTIPmLQe1%2FR8p33ojMeGxSmpVmeltv%2Fgk9%2FcCmlLFLsXrcvu6Yz%2BDd%2FXWVf%2FLRinGUgGj8sg%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-d7b5c
access-control-allow-credentials: false
cf-ray: 830c1db6ab2037fc-FRA
x-amz-cf-id: zy6JT7c6FEHuUXby6EKnCqPuQe-aLtS41pITALuJnCKo0BQogYMO0w==

GET
H2 200 Huntress-1-1.svg
www.huntress.com/hubfs/ 17 KB
14 KB 73ms
72ms Image
image/svg+xml 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Huntress-1-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-83639587659,P-3911692,FLS-ALL
age: 1754216
x-amz-request-id: A09BHAQBDC03H7GZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662015849971
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CV3yu1lUsNjBX07SDUAQdESVyZxYlca4
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sGgM7th3P4m/y1kOQe+8FdqS6kPnZaFLFZZP2PIjdjds9nDO3BsAr6iw/rqNLT4cCw+zKgaz4c4=
last-modified: Thu, 01 Sep 2022 07:04:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CanDovqM2nk1gmKs7d7NhdlO0f7%2Be%2B5BMb%2FBuG0jM3I4lPjl1MsAFSKeo%2B8ly4qOyISAKwmV63cLhyZnuwBoWv6X%2B5letZ7L6btnf9X8gmJn5TCbo174FIuTHERDdmoTC5f8%2F6wyu77Feps45A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830c1db6ab2337fc-FRA
x-amz-cf-id: IDjMtKP_e3lEin10IuSjJmMnxuhEQpVpT-oKnGu7z2oOeSF_GVzrsg==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 132ms
15ms Script
text/javascript 23.45.238.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-53.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 11:58:13 GMT
server: Oracle API Gateway
opc-request-id: /4EE23949503A168EBF2E0D5272ECB7F0/92ED43C5DD1C401CFDA35AB1FB564DF4
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 5 KB
2 KB 34ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 198172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1283
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-148b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yecrfedc4jsev5TXWqoRwOM3xblTv0xrZoD%2FlfAqXv1dYSQmjR6HB4sYmQdNAJg3GQqLT22eeiF%2FH3Sc%2BkVDrs61bxd%2BXlcw0%2BZlMtO%2Fb3PfgsPwxbetdmysE2hPsYW5ygSi2s8vX%2FvHMfZMQoHue%2Bzd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830c1db73d780408-FRA
expires: Sun, 24 Nov 2024 11:58:13 GMT

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 56ms
30ms Script
application/javascript 2606:4700::6811:c060
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c060 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 2110828
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bPzCjnqYwjS7fvRE%2FdFHoYDQAhBFQCfJeMO26TJxVFaJ3uDYnkcbPgqZvQfm8QQyfm0hpLVXVE%2BmXPIdzQH7iqjJ26gxpLFbbqyLgFLBO1OrJIjMbmJSdIG1kzc%2BBk57iuTHAkdd56NcYuYGEmh6JVBGus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830c1db7db3f0497-FRA
x-amz-cf-id: TTCa0jb3HBZtzYsrMuhwBwdNP6iIIF3tbLvWS06j1pDOOAV4QK2IGA==
expires: Wed, 04 Dec 2024 11:58:13 GMT

GET
H3 200 pwr.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1687185407986/HL_Theme_2021/Coded_Files/ 153 KB
39 KB 38ms
38ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1687185407986/HL_Theme_2021/Coded_Files/pwr.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a421dbd597a94360622aa975ff3c27809a08e5ddaada7832a692c3b51c5eeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 742
x-amz-request-id: KZ7PS8HB7C5KP80F
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"8e806318ee2a202f50bd8cb20fd2a402"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1687185408717
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 c49971ad4f76a00082eb4f604c635cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: rRKXCqkyBDcRwPX3bFJeQzRBVXD92P5D
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 89d2077c-686c-4aba-97f1-89d12f9c247a
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SJKIDtzCYwBZc3nx3qBM4jLZ7gDI5g0N+hdmw7Ab/cEnM5gE7fDWgQPIEEZ1ZRN7l4mTfURJ80M=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 89d2077c-686c-4aba-97f1-89d12f9c247a
last-modified: Mon, 19 Jun 2023 14:36:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taDddK4VkKvHHs9xqpJQCshvOk01o6mK%2FJ0k41dmMsDpDkyrWfGl3aRfy5Y4IdHZ2vFOvfZqFaVP5DG%2Bod26J31xsBjML5LJf5wh4JzwfaFIuFU7iU%2FJ1ntCX%2F0z%2BBuwDzgTr0DKz2iEj9GDssU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 830c1db74e6d9c10-FRA
x-amz-cf-id: kTDWsfqeV0oIGK2kCi5REwjd6d39Bfo4qzS2FpKLEN6b576e6bgqUw==

GET
H3 200 project.js Show response
www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 44ms
44ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 537570
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL9rknYG9y2eZzfV7GXNXKuacpfc30QZkvUfi1RGXl472R667leYGVeN1OzF8B3NiYeUP%2BQD9U0ekCetUn6JEg46T6iHrOJh6RsYCFYyCJ%2FHxEMK8UnDgKFR%2BxUZmjR4X0d40oAzPWvbF%2Fs7Fok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830c1db77e9b9c10-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Wed, 04 Dec 2024 11:58:13 GMT

GET
H3 200 module_97827380338_POWER_Header_V2c.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847206817/ 490 B
2 KB 49ms
43ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847206817/module_97827380338_POWER_Header_V2c.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db6b123f97b64be2a35c607c2d290818cea4f045f157b7499d1e57797b52f66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1828
x-amz-request-id: E6AXQQYC5NTC5699
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"15ca550d80a1ae79be0e037f4d84d584"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698847206817
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CdmPgARCcdLCtU4Wo051UNpT0BgA9R6Q
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 64ca4650-3979-4ed8-a61f-b65042a1cf6b
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Zu5D0BktQTBEwbZ84O65eEnllnvO9VNg2Kk/vaki8LY6hLuoBJVMK0uCYZXBrR3nQg/NZDfH+pQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 64ca4650-3979-4ed8-a61f-b65042a1cf6b
last-modified: Wed, 01 Nov 2023 14:00:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI6huQMj%2FQTngtHXieTIocyUv28tvva5ovvFs6SEUNfKn%2F13lLIGpOvdc7c0U%2FoJeYILFViEqbps3fU7MCGPLeYOkc%2Fn%2FcJ7NNhDBKXx0Kc%2BEoDzX01yWP9V1R53I1GgkIY8CMXW78MrLZji7NM%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-lx8qs
access-control-allow-credentials: false
cf-ray: 830c1db7bf139c10-FRA
x-amz-cf-id: TvXBmurIFTx-koFdiHfAz16mcG3Ast_6U7N79KY8XiV4vb-TLVm37w==

GET
H3 200 module_37648262592_POWER_Blog_Post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1700057516226/ 756 B
2 KB 55ms
49ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1700057516226/module_37648262592_POWER_Blog_Post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbbf19297b51d0b785546a092e4cb269724837512dcf86737e2abb7f349dad50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1828
x-amz-request-id: 20EV1JV15875YVXP
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"2f96226bcad33139c13a4f8a87b9dada"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1700057516226
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 795b4b6b943fe3d87b1c7e104dc9034c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: DVK6rbPf50N52t3XAvB5ZDB3iy1uWpTe
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 06442e87-aee5-40ed-9d4a-195d9b318bb9
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KN+iiWzIOobE3B1xpdej+YZkbr0g5R1sbuUMvlLRE45q0SqjT8c4VHGE/sCE64QYo1i+fdJKM9BnMzszYd+gHce1Lxu6twzOscedXgImyZk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 06442e87-aee5-40ed-9d4a-195d9b318bb9
last-modified: Wed, 15 Nov 2023 14:11:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDzVaYEzNPRbQNH0NEz%2B%2BtanX22Ehg3Mh2PZvTDWaE1OdR%2Fp8oJwSCxa2gRVMShnm7LWCNkmu9BjteS1LWddR5q%2FZOgz84MK7lAFYHNhwRkKAO61b%2BXcsU7rkdrSyiG7O%2F%2FVAVq3bTOIZTDMblo%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-pbvdq
access-control-allow-credentials: false
cf-ray: 830c1db7bf159c10-FRA
x-amz-cf-id: 6LRfA5J8TIatvbogYdsSj8FCFxZJjq0nAQUZQ_YgmhTcguQQpQ9I9g==

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 23ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 461193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6546
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42QbM6ACCmoUxIVp5ajm3oIxIJrXQkO655CIVCKo7j08Qq%2BUMY0Uz3GGcJbQQa%2BbWQOY3bs9%2BnjJN95aH82HVSO7zTUsfydZcKTnRSFadS3NUnXvtw4C2yoUkSiFuyuTHDO6%2FJbVw4Irr%2F1BTENg4wzw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830c1db7ce020408-FRA
expires: Sun, 24 Nov 2024 11:58:13 GMT

GET
H3 200 sticky.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/ 3 KB
3 KB 56ms
50ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/sticky.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 1828
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: M7J40TAPVGN5PWP9
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-version-id: oIU6rHYsVQSZOhrGoqvW7sFAXkwuMMSC
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 18
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 94KROPuApihfNTilVCETkwiN60LLFdWxpsJiOn+mJ4e2htI7B1WG8HhaRH+173bCaSZwJIhyiEE=
last-modified: Mon, 07 Mar 2022 07:07:33 GMT
server: cloudflare
etag: W/"55ae62a2138b0ac2dad2cd6f3fc3decb"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1646636852583
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D%2BDyriMgPveLLMpBN4tAPXiyH6Eg4wxijumsHkoPi2ctOkhL44utZCGOC%2BeqfrN7KDXumd7S55av%2B%2FBQn6odgFDuZkR38wdMouuRE%2BCE0TFZrEaJ2TfBZ6sV60%2FAy877FlyvzqF28pBPza5e9A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 830c1db7bf169c10-FRA
x-amz-cf-id: Tgd2BTJKHg9TE5R_xf7-a5r50VTZf2-O2-iSVeuuROYjAdO8GgK0cg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 18

GET
H3 200 module_72308060713_Blog_Related_post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/ 365 B
2 KB 58ms
52ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/module_72308060713_Blog_Related_post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1828
x-amz-request-id: 19J0BBTYN7YN02EF
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"136cb371b82e4f0a84d11b654e92bb11"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943002
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SBG.fyduSO9gOy.FmtNERc3Ncw_1ixXc
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 22f51409-6d11-439f-97b6-a6a27e777df7
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 177
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SRQQz6iGlKgA2cnozE89icafRCWqK3ZbK8iSsa/e6yTG88sIfWqz2mNyE6whNJyVxYDm1vDsDqg=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 22f51409-6d11-439f-97b6-a6a27e777df7
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8aCgqnD6OpJVV%2B6joqzW1GaPy3tN3CHQpaPQqN84rCxTYzHRUR3HLEcpKsRmzfAeEdoU4jVF6pQzAtTtfWSDbqASlCzymXqA7OodBVWN677OJJ%2B7reasrH0gZlpx72PrPstPYZwNwBje8GOduA%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-6xtzz
access-control-allow-credentials: false
cf-ray: 830c1db7bf1a9c10-FRA
x-amz-cf-id: QzxpJog-u3h-LS05MhwDk6B4KcIzuqsnFazvancU_dXTp_nighRjGg==

GET
H3 200 v2.js Show response
www.huntress.com/_hcms/forms/ 560 KB
186 KB 66ms
60ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/v2.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

30830f557fdc6a64c686abee404481eebe0d174d0884ac8b14d9d6dfbb8ec91e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 575
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4186/bundles/project-v2.js&cfRay=830c0faee4ab916b-FRA
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"4408cec6977683fe4c624d7d832d7039"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4186/bundles/project-v2.js
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: u_iKfrwyeMduzB4EqH7hUODQsRTuYJmt
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 1e78f814-53c4-43ad-9f93-a8cb8fc4fc95
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1e78f814-53c4-43ad-9f93-a8cb8fc4fc95
last-modified: Thu, 23 Nov 2023 14:18:22 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JK3GMdeTuR6RvsMWlOUag07yK6vzC19WgmnB%2BJc%2Boeshh8C5S78IW8KYMOXAeBZJdFPHmlNOU%2B17Wm0WYc72Hmwu%2BMjMcmSO%2F5EDwAnZkYFehWwCU9VnZUYGx8D8nlw%2Fer2B0Sn%2B7SukzWsM5Y%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-rjqc8
cf-ray: 830c1db7bf1c9c10-FRA
x-amz-cf-id: DbV2fgpYQiSvh3vjPRDQIhiJ0QxQ_pV_y0qna_yoH4fegSAGsU7Cag==

GET
H3 200 3911692.js Show response
www.huntress.com/hs/scriptloader/ 3 KB
2 KB 181ms
175ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

610dc9971e1062ffca42a6cf174d3656c25985e78a61f15cabb4b2cf48c88323

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 88380b65-dc16-42d1-a008-d18d2a85d2ff
content-encoding: br
x-envoy-upstream-service-time: 20
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 88380b65-dc16-42d1-a008-d18d2a85d2ff
last-modified: Tue, 05 Dec 2023 11:45:52 GMT
server: cloudflare
x-trace: 2B99C34DA8B90C274BCD7EC4C1DE93CC83A9FFDD1A000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-mnjft
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bj5nMHUs3tqmLwWB8CiUbsanelypfZzQdb4nTFb5z6Fdc5puR1usqz4FiZbijaY8qwuSCJSoYy5MW1Ob7U5QeLlzAEyDLjrS7L%2ByvsJaHpYH8hHm3YasclFfZfR%2Fv6YP2tcg0fDjxhmWAOXQdk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830c1db7bf1d9c10-FRA
expires: Tue, 05 Dec 2023 11:59:13 GMT

GET
H3 200 index.js Show response
www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 58ms
52ms Script
application/javascript 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 534476
x-amz-cf-pop: TXL50-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fe3GdekKDiNpXTK1CMjkvInF1vN%2BgYGRcQIY5ulH5fpPP3oadzfyznsmlXUYfjjbPEaiGK3r6zKAdmibaLH0cWcc1RnUrIxRZcElHKfSP7RE7lj5m7qF5LHsmRumM%2F5nhzua14NvHWktN8iVsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830c1db7bf1f9c10-FRA
x-amz-cf-id: 8NRs2Wm2ubi5t9HUvpgx9SMwAJYAnsUpgxBkSQl1rau6_0XB0E7nLw==
expires: Wed, 04 Dec 2024 11:58:13 GMT

GET
H2 200 polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/ 69 KB
16 KB 23ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/polyfill.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2027303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15998
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-11405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q9eFYkylzOOq5HZ5T5FMydW5h50yoJZsVzdUjYdGDPSREzTe7BYrEgyW6uQXv8KgsrKoZg3eC97u2vn6220uYDuqU0OQbPxMOZhDTk7bdK%2Br65GJYu0ipYJFxaPCPKI7G3HGXehBS8ohp5GhjKKoq4Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830c1db7ce040408-FRA
expires: Sun, 24 Nov 2024 11:58:13 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 43ms
17ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18961
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZzBUOPuCcHyZc%2B6cGdpyLrXGk7OaIYXmR3JWn0AatLgEXQxqaBYJs%2F3MCp%2F6ASswkAvMnEoPmqkDPRaoehiEkdhKHKb6F07sa4DqeQ4Qcx7UBsq36NWTxOnUqT9ANMD%2FnWMMsC28LWn6tvf9AM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830c1db7dbff9b95-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
105 KB 58ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8def6f29065ff645f9f4d7e8bca8caa4d7da3711e9850914be7dec91fd8457a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106926
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 11:58:13 GMT

GET
H2 200 19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js Show response
huntresscdn.com/ 111 KB
112 KB 61ms
35ms Script
text/plain 2606:4700:20::ac43:44da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://huntresscdn.com/19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 10:35:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4953
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMI2LMU23RK5WiII%2BAHxtqrB3I6XH%2BG8S3dzuTqi5AQE2hASTTUCP8%2BS1lmF7TBgZqmCDKRbcke3HH3zDlUeNMIbHZfbhXds62L3pR5hKw%2FolQNZ3T7giPY%2Bco4Kb1XRo5W486GZZ8TNdvPGjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=14400, maxage=14400
accept-ranges: bytes
cf-ray: 830c1db7ec28bb5c-FRA
content-length: 113865

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 35ms
12ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=620982&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&f=1&r=0.5498523518456577
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 839209a09d423eea85d71fa9e42c75f164894beda3a3fe07aca07d31417efc0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 109ms
20ms Script
application/javascript 2606:4700::6811:129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 6AYM5TBGP85NWW11
age: 3456
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iZXzGJO9VKymfdzReJmr7uE1uhKUFMKsUsy30jwDEB8uHKDqgWj3ipTG0+hcOjJ7Zu1MV8OmYQjRXYRVud4p80wZyJlSS/jYgm2Q/S0HUNA=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 830c1db84c95085a-FRA
expires: Tue, 05 Dec 2023 15:58:13 GMT

GET
H2 200 5d3cypit2iz8.js Show response
js.driftt.com/include/1701777600000/ 212 KB
60 KB 412ms
345ms Script
application/javascript 108.157.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1701777600000/5d3cypit2iz8.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-88.dus51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 d4c915561282ddbdd32f1872279fb546.cloudfront.net (CloudFront), 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: gzip
x-amz-cf-pop: IAD66-C2, DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 90
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nQfnMdI3auWTT5W0eW954R8ah0VuhhhWigCIyXsU1Z242q_oT6aFng==

GET
H3 200 Rapid%20Response%20-%20Blog%20Header%20%281%29.png
www.huntress.com/hubfs/ 570 KB
572 KB 51ms
51ms Image
image/webp 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Rapid%20Response%20-%20Blog%20Header%20%281%29.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c31067995d6ed92af60884d3b72b61442c85e4eeca743d6edd24f8a4ec66cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-143685021466,P-3911692,FLS-ALL
age: 351971
x-amz-request-id: N4P6T58GYHHW7B1S
x-amz-server-side-encryption: AES256
edge-cache-tag: F-143685021466,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Rapid%20Response%20-%20Blog%20Header%20%281%29.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "06a32b3cb0275f3f5afc7cf29a097b28"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698954883927
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pBQVL8B32TQTdZ_vTBqSq.PCiOOlRb0v
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=836359
x-cache: RefreshHit from cloudfront
cache-tag: F-143685021466,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 583796
x-amz-id-2: t5Yv0rB4ih5qNdajY9fyGw8/+nLZpgKf6SGJ9UiYsXsd8B59w6/vsLfGUguAxyzxry2/3NQ1ovYiXZffOnLmBTUQ9c3JMFeh
last-modified: Thu, 02 Nov 2023 19:54:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNcJWpZ8mxZQiHUCWS9xkI8Qp57BLr0PJMzxcCqhfy4ZnubDxfY4%2FlQX81CMAKccSB7YckmJQzHRx6QQpfgqFd3WhToAuMNW396UuJHjMFwth%2FbJ241%2FWn3p0P1mVwXJ6rZmZb6cjgt9dV9L4hs%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 830c1db7cf279c10-FRA
x-amz-cf-id: karOhK2N5Ty2MfVo_rXogKuUY-4mMw1jfHRu5qjm_S-rQ8m56Ca5FA==

GET
H3 200 Rapid%20Response%20-%20Thumb%20-%20SysAid.png
www.huntress.com/hs-fs/hubfs/ 73 KB
74 KB 77ms
77ms Image
image/webp 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Rapid%20Response%20-%20Thumb%20-%20SysAid.png?width=600&name=Rapid%20Response%20-%20Thumb%20-%20SysAid.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae7e27f5441e4b37863c6076d2f5fb545d23c74a70cff38d2725468b64cb3cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-144874900773,P-3911692,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 74680
cf-resized: internal=ok/m q=0 n=910+0 c=1+205 v=2023.9.8 l=74680
last-modified: Fri, 10 Nov 2023 01:26:55 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfCGL2HdxtxKV41MNrWIg2V8X5e_YPQ8NgyooicLtuDQ:3459121f9776889a46de731134cf4840"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czc9zAeVx%2B2yNhWPKYN49m9V4PKlipdqR678bOTjDztTYaUN%2Fgy1QN4SIf40UilsGfCH9h3SpvkXQQpXXSzpOl8%2BXmsN1wfD9sbHwOoscpJL16nBOa2NqrFTsdEbO0NFur71KT7SpvMGeRbURzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 830c1db7cf299c10-FRA

GET
H3 200 Pharma%20-%20Blog%20Thumbnail.jpg
www.huntress.com/hs-fs/hubfs/ 21 KB
22 KB 48ms
48ms Image
image/webp 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Pharma%20-%20Blog%20Thumbnail.jpg?width=600&name=Pharma%20-%20Blog%20Thumbnail.jpg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

302c2b5e54b9109c31e6f885dcfa028a37b17f5e1e714a093253157eb0e0f9d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 e2dc4178fd5d89ed6c6e3cd0e2e53fa6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-144423910026,P-3911692,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 21724
cf-resized: internal=ok/h q=0 n=10+0 c=2+12 v=2023.9.8 l=21724
last-modified: Wed, 08 Nov 2023 02:51:45 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhcfqTv5xFFF2JkzHqUrCh_V-e_YPQ8NgyooicLtuDQ:9b8c1ab5241e9f37cdfae7c217e851fb"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xd4n74AcjxGH4sfhnVgJEJl9%2FuzouOpTaTW1fmDyIrv4qP5rcMbKTX9D%2BSDB0lgy2Dh2FLkG2arDTrXV5jWVfhwUOEYu5%2B5P4m14hymFCxDQRM9xAr97XhtUw1tZ8omk3hRS3Ia4CEEuJ%2Fwu7v8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 830c1db7cf2a9c10-FRA

GET
H3 200 Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg
www.huntress.com/hs-fs/hubfs/ 13 KB
14 KB 929ms
929ms Image
image/webp 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg?width=600&name=Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f993caa001338e6d090d683e4aca79a0e6c0d770fa3840aafaf09f426397d8fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-144195042667,P-3911692,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 13706
cf-resized: internal=ok/m q=0 n=830+0 c=1+13 v=2023.9.8 l=13706
last-modified: Tue, 07 Nov 2023 00:23:16 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cffAdK7yH980qaXgsKrwCy0ELfe_YPQ8NgyooicLtuDQ:40e72b13ffdb918b90c845b21aa73c57"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N99bsvAARTE5s5boxtT7Ov3SpO8h6ZAQcLrMXv8MdZWd372QaXR65BrahMLLxJf%2FlPjjbBVxtXiH2gu73Skg%2ByFpj3SvKZHesg1Cd694iorl44gwF%2FIUbU4t68O3Ktsc4F%2FMz01GVhkjI9xK%2Bmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 830c1db7cf2c9c10-FRA

GET
H2 200 HKNova-Regular.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 32 KB
33 KB 116ms
87ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Regular.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1700592732634/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
age: 332350
x-amz-request-id: QDPBR6DPSRSWGZMZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "5a3239585a66868a9109bab6273f0a26"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607406808501
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y1_7cBbebzu1P55qghtsCfIzqKHObY4N
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 32892
x-amz-id-2: b1G3DMlvkYaG2Fgjgm31+MBa2rcIAyAM6FWdaWMHnNGWLHrjFNtkhz2lNMN45bmUIkCIzmp9FX8=
last-modified: Tue, 08 Dec 2020 05:53:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 830c1db8097c1d9e-FRA
x-amz-cf-id: bQCR3k47O6fUA4lFkxso1kYpzGphZmQPxnxt0LaRUiRJGcfbop3Lmg==

GET
H2 200 visuelt-black.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/ 28 KB
29 KB 108ms
79ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/visuelt-black.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1700592732634/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
age: 2004090
x-amz-request-id: ADAXATJ8HPY4ARR9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "80407703322249fe13bbef5596e9e414"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607408610505
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: zgv.hEhHVdSF2XuwUP4L0JY36hLML11L
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 28504
x-amz-id-2: ufGdE+CsoSc8cmrHqUNzysxLfLbkinyDqtJILzJML46zKkiWH/5rTbqpT/TB88MRM5NKYxPkqzU=
last-modified: Tue, 08 Dec 2020 06:23:31 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 830c1db8097f1d9e-FRA
x-amz-cf-id: dkRRm-XBRiOmcS85TtDRcAuB5M2HI5QPSo879vC5sQR_Ea5xv5Knrg==

GET
H2 200 3HUtyDCAietS-TRisGdXcIU4Syi7sgvDwfTYg83GBm5mJr5k2Q-dQUS0cE4EG32j2vCbMJqFootvbomsPBup2Mha0yL5BzYT4fm6qQ2Ce-6iX9XQwE1W7XoNDzYJW6_r53RXD1uKDFUZm8shKHYPFW8
lh7-us.googleusercontent.com/ 203 KB
204 KB 266ms
204ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/3HUtyDCAietS-TRisGdXcIU4Syi7sgvDwfTYg83GBm5mJr5k2Q-dQUS0cE4EG32j2vCbMJqFootvbomsPBup2Mha0yL5BzYT4fm6qQ2Ce-6iX9XQwE1W7XoNDzYJW6_r53RXD1uKDFUZm8shKHYPFW8

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

134a10123f83c0ee64b400b44e24cd8327693ad9c194d1e788782f98642eb193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 208292
x-xss-protection: 0
expires: Wed, 06 Dec 2023 11:58:13 GMT

GET
H2 200 ejrLkwloT4wUwGNL0cJPtXCTYSIfAHEqo3zGTtdurtY24iAVPbUYtJ1Ri8BVYVrIZTH6fXaxyQePGcvP7dCM0OyVmrzyHwDg_RvOu2FPo5oQzsYUZ_VeIrWMeKf0oZCbyY_xFW0wmfO12FD3mlGzIBI
lh7-us.googleusercontent.com/ 93 KB
93 KB 259ms
197ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/ejrLkwloT4wUwGNL0cJPtXCTYSIfAHEqo3zGTtdurtY24iAVPbUYtJ1Ri8BVYVrIZTH6fXaxyQePGcvP7dCM0OyVmrzyHwDg_RvOu2FPo5oQzsYUZ_VeIrWMeKf0oZCbyY_xFW0wmfO12FD3mlGzIBI

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c4f6482c09544a1112f7b8f20312a3ace54df5876111647dc7da645b8a102a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94929
x-xss-protection: 0
expires: Wed, 06 Dec 2023 11:58:13 GMT

GET
H2 200 HiOGTRQ7ADbC3jH6h6JLSqIg0V5dWdxPUU_E2N93Lrgh21yUoFIFqet5UF-b9R_ZmhojUG8ibY7Erb7HAUrwn7WmifHNjLOGqO89Vb7tE1IV8dJOYsYC2z_Nv-h9m_tJtGHKKiOjceK7aFiyieocLb4
lh7-us.googleusercontent.com/ 215 KB
216 KB 263ms
202ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/HiOGTRQ7ADbC3jH6h6JLSqIg0V5dWdxPUU_E2N93Lrgh21yUoFIFqet5UF-b9R_ZmhojUG8ibY7Erb7HAUrwn7WmifHNjLOGqO89Vb7tE1IV8dJOYsYC2z_Nv-h9m_tJtGHKKiOjceK7aFiyieocLb4

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db0c6aa767c2f8cd965f05e2589946e74782b4a8152a867de7cf2dca68f4a5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220661
x-xss-protection: 0
expires: Wed, 06 Dec 2023 11:58:13 GMT

GET
H2 200 GYP8fynEdzoA7DbIM1gWISq48KKtuBYHTx0oihJBsjgw6rMJy64l7Ek-7Cd2UrNPp7JZvD7p4xqpYcBlAkg5K1lAsY2U6hWhxNT8ubIIXjLXKogS0otTVVctHAf8QFeiuC0gHhlFxOGv0Yn5p2mb99g
lh7-us.googleusercontent.com/ 206 KB
207 KB 245ms
189ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/GYP8fynEdzoA7DbIM1gWISq48KKtuBYHTx0oihJBsjgw6rMJy64l7Ek-7Cd2UrNPp7JZvD7p4xqpYcBlAkg5K1lAsY2U6hWhxNT8ubIIXjLXKogS0otTVVctHAf8QFeiuC0gHhlFxOGv0Yn5p2mb99g

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cafb311ac2e9e58c5e0883ed0162683af6fc44b806e911268f7f28a03871417f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211358
x-xss-protection: 0
expires: Wed, 06 Dec 2023 11:58:13 GMT

GET
H3 200 Huntress-1-1.svg
www.huntress.com/hubfs/ 17 KB
14 KB 55ms
55ms Other
image/svg+xml 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hubfs/Huntress-1-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-83639587659,P-3911692,FLS-ALL
age: 446437
x-amz-request-id: A09BHAQBDC03H7GZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662015849971
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=31536000
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CV3yu1lUsNjBX07SDUAQdESVyZxYlca4
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sGgM7th3P4m/y1kOQe+8FdqS6kPnZaFLFZZP2PIjdjds9nDO3BsAr6iw/rqNLT4cCw+zKgaz4c4=
last-modified: Thu, 01 Sep 2022 07:04:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oseMBz4ba2X9jlllUwkmMB9yHvOk7qRBQRhw0qrhoOZoykj5hFS4tyZ6qImrvevDJmBRtkaWCMhclKSTKmH6uZfxGGjBJuqqjakDz94En64K4wdCmTAGET36s2tlyvcUDv3VDlVAmFWqGPIv03Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830c1db7ff739c10-FRA
x-amz-cf-id: IDjMtKP_e3lEin10IuSjJmMnxuhEQpVpT-oKnGu7z2oOeSF_GVzrsg==

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
142 B 98ms
98ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=620982&d=huntress.com&u=DA89FB4102DBD750D7C3B78D9048C0214&h=1f415f568ea3db8d62bca15a5442a23c&t=false

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

OPTIONS
H2 200 tp2
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ Frame 0
0 39ms
11ms Preflight
application/json 34.159.227.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

151.227.159.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.huntress.com
content-length: 0
content-type: application/json
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

POST
H2 200 tp2 Show response
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ 53 B
325 B 163ms
147ms XHR
application/json 34.159.227.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Requested by

Host: huntresscdn.com
URL: https://huntresscdn.com/19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

151.227.159.34.bc.googleusercontent.com

Software

Resource Hash

4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.huntress.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 53

GET
H3 200 json Show response
www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/ 9 KB
4 KB 332ms
332ms XHR
application/json 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/json?hs_static_app=forms-embed&hs_static_app_version=1.4186&X-HubSpot-Static-App-Info=forms-embed-1.4186

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

551ca1b23325efca29e8a2d49cba369e90786ea04e6d8ba4a277c26b8499e543

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e04c043-1cba-4292-930b-6ab9b986f0a5
content-encoding: br
x-envoy-upstream-service-time: 26
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e04c043-1cba-4292-930b-6ab9b986f0a5
server: cloudflare
x-trace: 2B069D87AB216A4935549FF5889C55E5FD34BFA67F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-qx4d2
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En0WHslRWB7BC17CsZl%2Fo8c4pXA1aLFOo4U1P4YPLfZUkV11A4Wq4SHmrsTA5oIHDNzpFBSXCKUrAdWLjedQVF6sW5n%2Fx6sqwe9OxZx1wDRsOhYhBFfpUf7FmI%2F7jWHG8FYFtwCH3cdtW45ZJQc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 830c1db8b8cf9c10-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 hotjar-2159185.js Show response
static.hotjar.com/c/ 9 KB
4 KB 51ms
37ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

15060ee6ff8c9789a6b1bf901b59da0707043b9606c40c9790c453f51faa63ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/d405240d0349516e568dd05ed57c5350
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: m0psixqzQQG0qsdLoRINC47Suq1J3jL6Yv5bhxe65nlTGu1nYQWa-g==

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700::6811:129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 6AYM5TBGP85NWW11
age: 3456
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iZXzGJO9VKymfdzReJmr7uE1uhKUFMKsUsy30jwDEB8uHKDqgWj3ipTG0+hcOjJ7Zu1MV8OmYQjRXYRVud4p80wZyJlSS/jYgm2Q/S0HUNA=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 830c1db8cd0b085a-FRA
expires: Tue, 05 Dec 2023 15:58:13 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea0da571c3239d7a11e2f1b948a309d91a258620fe69658dbadc7f1d17d4dc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 11:58:13 GMT
content-md5: meVkJ58qt8oGKcxmWdrukQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: 4Sv9II3mGYdaSAAU+E80H+4GIkf25oUjkbCAKsw10GVS4/VaUyShcedv6NhSkKse/GqrzrI2qcDmQnH9keXTgA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 293e34f9a0a9d7c2eee015980e77085e
cross-origin-opener-policy: same-origin-allow-popups
etag: "c83493a56944aad7f54637885bbdd45d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 05 Dec 2023 12:10:12 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 27ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:13 GMT
Content-Encoding: gzip
Age: 1469
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/673A)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 21ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-429191348&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fda6fbd067db534ed80481a9e4a5f065183218e2e54499033c0427bfb2f37a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81939
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 11:58:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 37ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GCTMBVFESS&gtm=45je3bt0v9122196611&_p=1701777493692&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dZTQ1Zm&cid=1353051171.1701777494&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701777493&sct=1&seg=0&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&dt=Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=523
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.huntress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 66ms
44ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=1073084653.1701777494&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&dma_cps=sypham&dma=1&gtm=45He3bt0n81WVGPJJ5v9127322656

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 40ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230042-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 10:31:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 12:31:36 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 37ms
8ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84320
accept-ranges: bytes
content-length: 596

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 68ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 05 Dec 2023 11:58:13 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A136E55001A46A8AE7A70032CC750CF Ref B: FRA31EDGE0507 Ref C: 2023-12-05T11:58:13Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 54ms
16ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SQW7NAVMXQTQ03G5
age: 1840152
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJxqPI9akTsEL27egwxozy7RV38C3QGpKE99PaCDc+mp6rx7AxaaOpkck1XY3C1gw3J/aONga1w=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 830c1db97a7235f0-FRA
expires: Tue, 05 Dec 2023 15:58:14 GMT

GET
H2 200 site-script.js Show response
cdn.metadata.io/ 7 KB
2 KB 201ms
7ms Script
application/javascript 2600:9000:223c:5200:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-script.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5200:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4b6b77503264da32a4acd54d0cd9b7d8d39380d728145c359d775f0ce07c513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Q8kyIuBWVpGBvQCpouh07BDUKlDQiW6y
content-encoding: br
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 07:57:18 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 14467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Nov 2023 10:15:46 GMT
server: AmazonS3
etag: W/"1c23429cfe9f20c5f4e1180a2f966677"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: eHleef3Pn88KS1jbaecCwrOmBeb7bhHucMk1f3Hw9hEePX06Ptepog==

GET
H2 200 62f67a71a4cf97008ef6d460 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 281ms
251ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/62f67a71a4cf97008ef6d460

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

697658c010f11e771e57683da2bc8adbfbfcf6ebedd5fd44f0341e1d0b8a2c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 830c1db988d88fe9-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 73ms
40ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 34764
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 830c1db9a8603835-FRA
expires: Tue, 05 Dec 2023 12:18:14 GMT

GET
H2 200 1006267.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 958 B
2 KB 445ms
416ms Script
text/javascript 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e=

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c59924cdca7796d9578872e6933998297b41cb0a2951ccaf7de4bd7cf921ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 8cf637d2-c189-43c1-b94b-d67099a02d0d
x-runtime: 0.004181
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"14c59924cdca7796d9578872e6933998"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 830c1db9b8465bf5-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 11:58:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: BdavqN+TJSt4rk7GApZpXPgM6NECrCH42jDsXH3zNYcrKD+KpaO6nRTQV3iptnxEkAomJLZn6077tem2SeG/Cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 33ms
9ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 131ms
100ms Script
text/javascript 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4fca0c51e0dc861634bd5b1edb17940bfec91aab230e351ba6da3c080dd11b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 11:58:14 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 e666a54d-ff29-48f9-9baa-2be6ac05412e.js Show response
j.6sc.co/j/ 837 B
837 B 549ms
516ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e666a54d-ff29-48f9-9baa-2be6ac05412e.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 82ba33778a6595a59baef6e6964c64d7c3e9888c2bbf74461f1948b295db28e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: iBgsOgE4Kr3Z0Ccj2rm1wK8VxmZ_A29h
content-encoding: gzip
date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 438
pragma: no-cache
last-modified: Fri, 18 Aug 2023 17:22:32 GMT
server: AmazonS3
etag: "29df5bb770be8e518fe2206581f712a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: DdZxHz3m2cHhaJOT0Gbm333Pv-rAa-591ojqHyeBQBEqCP2hmzzO7g==
expires: Tue, 05 Dec 2023 11:58:14 GMT

GET
H2 200 site-insights.js Show response
cdn.metadata.io/ 3 KB
1 KB 55ms
7ms Script
application/javascript 2600:9000:223c:5200:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-insights.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5200:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f277f68dfdfd292d90cb8024420897e6915ab570803af77f6e2118dea071a7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: ODluRCoRelOVkyhnmrpOHlRTG26H_cXE
content-encoding: br
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 01:55:12 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 36570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Nov 2023 18:22:38 GMT
server: AmazonS3
etag: W/"fdaf99c1cb788098c0c033d7296cacf5"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: VhTDT2Z42E6l2QBx9GN8Yv5048TKC7pZ05GX0LH7hQ_d13qIN6qt8A==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/83f2d51fb0164c438fbdaa8c29ed2e5e/ 43 B
418 B 377ms
91ms Image
image/gif 52.6.216.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/83f2d51fb0164c438fbdaa8c29ed2e5e/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.216.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-216-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,4bab155db5fea457ee6d43d1b6828ea8,10.0.0.244,14764,81.95.5.39,,48052568811,1,1701777494.464,0.002,,.,0,0,0.000,0.004,-,0,0,203,120,60,10,35796,,,,,,-,
Content-Type: image/gif

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
358 B 302ms
92ms XHR
application/json 54.196.175.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.196.175.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-175-244.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: f9afdd5a6746908ba5f561f106cddca9

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
357 B 303ms
93ms XHR
application/json 54.196.175.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.196.175.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-175-244.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: e6dba4661993a408c239e53dab52e303

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 181ms
165ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3911692&callback=jsonpHandler

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 133e780a-077f-4443-8734-c81fda62ecf4
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=830c1dbabfd390d4&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 133e780a-077f-4443-8734-c81fda62ecf4
server: cloudflare
x-trace: 2B32045A10BFE60820BE69ECF332E47B8AF4D634D1000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-s6d6r
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 830c1dbabfd390d4-FRA

GET
H/1.1 200
OK 256149
bidagent.xad.com/conv/ 42 B
341 B 377ms
94ms Image
image/gif 54.205.109.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/256149?ts=1701777493952
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.109.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-109-127.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 141ms
118ms Script
application/javascript 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 499c68dd-a2b9-47b1-b6b1-3af5f1a024a0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=830c1dbad82665b5-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 499c68dd-a2b9-47b1-b6b1-3af5f1a024a0
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-t4n22
cf-ray: 830c1dbad82665b5-FRA
x-amz-cf-id: V9Jxtxcz-pccGzmk5xj_-j0nunHjgkHxMGd7v-ZjSSacusg9ezsnkA==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 43ms
17ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 388
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=830c144148da68fe-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: e299de54-bd89-46e3-9be5-2d11d89e8204
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e299de54-bd89-46e3-9be5-2d11d89e8204
last-modified: Mon, 04 Dec 2023 14:19:28 UTC
server: cloudflare
etag: W/"ed930579444c6c7c0292363361667508"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-rjqc8
cf-ray: 830c1dbb0eb79b49-FRA
x-amz-cf-id: asWr9mZRYDsu0nY3FqnFGkKhdqZuyQdSVyQPqFJlx53B_TpMEb6fvA==
x-hs-target-asset: adsscriptloaderstatic/static-1.501/bundles/pixels-release.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 78 KB
23 KB 146ms
119ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c83ca0c69da08f97b59cbfcf7f63529d115f5e6b54d32c52ac70399bde8dbcae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.719/bundles/project.js&cfRay=830c1dbb0d1939c2-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"585fb54e67e3532b09a76730f9f0f909"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.719/bundles/project.js
date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: gaY0JDKLLOuBnBR0KxTER8neWANVupuj
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 932cda83-4872-410c-b1f2-8a77735e956a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 932cda83-4872-410c-b1f2-8a77735e956a
last-modified: Fri, 01 Dec 2023 13:22:48 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbgD0bh3uv9JlJHdGvlDrVZGbaXeQj6G9YKWEvzCEQ8MJD2DthRH%2Fa%2BcnJgx%2BTNa%2BLKLw6TqKwWRKA%2FdrecVfvdaFblAosqOA16L6qIRMp2Br8YKafvcPJJnvNEPfJFioACy60ZiD4JXVT77"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-hsvgz
cf-ray: 830c1dbb0d1939c2-FRA
x-amz-cf-id: Jos2l3hO1nLN_xYY6Csawx0xuTI-b6nEl2Oo30MwL3cNDlClkZby1Q==

GET
H2 200 3911692.js Show response
js.hs-analytics.net/analytics/1701777300000/ 68 KB
22 KB 160ms
143ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1701777300000/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14252e7f73ef2e03b671d57ca706eea2810f946d591da6f90ff15939f330f41c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: SZQ5MG3HX51GXECT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0aa7d2ae-df57-4882-931b-74552e330f26
x-envoy-upstream-service-time: 22
x-amz-id-2: Ge98+lqfEDSFT2JsrtO2npzvJlhguqRaK5iEIhcT5v3PhC6Z9ifrLBw2+CiCsNVtvOnh5tfWzDQ=
x-evy-trace-listener: listener_https
x-request-id: 0aa7d2ae-df57-4882-931b-74552e330f26
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 29 Nov 2023 21:51:46 GMT
server: cloudflare
etag: W/"e77d6be4fba4d4cc19427b24c3f57976"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-tlmd8
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 830c1dbb39509be6-FRA
expires: Tue, 05 Dec 2023 12:03:14 GMT

GET
H2 200 3911692.js Show response
js.hs-banner.com/ 60 KB
16 KB 356ms
334ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ec2970e1ea645a22df26ade381eec232e101c9fe22e63162234a282c15495e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: GxlWwlQmKgTJ3tlwJ1IsNVvZ7vUkrIi9
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 14BQXW3PXT2GXW3P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 995a1c1f-ad5f-4d8a-a894-141dca992111
x-envoy-upstream-service-time: 23
x-amz-id-2: 4TLM1rlziJz849+or8Bi3F5HGk3E5iPz9z6fJi09H3gBjHD8O6aGkxpbtdzAoKdl8BW6lYwJdSDYBA3qjydpCw==
x-evy-trace-listener: listener_https
x-request-id: 995a1c1f-ad5f-4d8a-a894-141dca992111
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 29 Nov 2023 21:51:46 GMT
server: cloudflare
etag: W/"0e957868e6418f8e7d3261004c527994"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-4hwl9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 830c1dbb48ba1994-FRA
expires: Tue, 05 Dec 2023 12:03:14 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 33ms
16ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-encoding: br
age: 78213
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js&cfRay=8304a83cab9765cc-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c314aa317d74a89c787c3c4a9d2fd97c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js
date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-version-id: QUNwK0xemzsIqupWMH2b5phjsLRnkTKD
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 73597f42-7448-40b9-a1aa-8ea57a712362
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 73597f42-7448-40b9-a1aa-8ea57a712362
last-modified: Mon, 04 Dec 2023 12:11:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-9gwtm
cf-ray: 830c1dbb3b4d4d4a-FRA
x-amz-cf-id: kUUAj7r9YZVRnUCFPze35N00oy8I0lkODux1hzaZ9zHR8gAeD6--4A==

GET
H2 200 modules.9a6460d94a753d6764ef.js Show response
script.hotjar.com/ 218 KB
55 KB 21ms
7ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6460d94a753d6764ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 968
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55401
last-modified: Tue, 05 Dec 2023 11:41:37 GMT
etag: "96ef6b2dd3fa58f5dfaaef19a5968444"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: F913-YJ_ryLZsx9Et-qMOTyFp0qrC92qkPQkkMpqOACOm2rJhrm0lQ==

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 304 KB
86 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=f45b8a2d707544b59e5134cb69343401

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55d7f186ba2b03c67dfdc6034996134fcfd22539c61a61b7f864dfec6131d21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 11:58:13 GMT
content-md5: f8PdnaaLJ/vNOsTB/IMylg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87811
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: Hs5oTHISDTbCWDNIXc5T32aZWKQLbyhSvj59oUt2tZLKwwuRpYiSZY81sTyBMwket6BD2dNIzyblVUmuIdKV6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 140e97a93c338236428687fc5040e855
cross-origin-opener-policy: same-origin-allow-popups
etag: "d56aa419ffa6941d91c3cf0450a9d32e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Dec 2024 10:44:42 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 5990 319 KB
104 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.huntress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4658068
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Dec 2023 11:58:13 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/673A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=965348531&t=pageview&_s=1&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&ul=en-us&de=UTF-8&dt=Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAAABAAAAAAAAIk~&cid=1353051171.1701777494&tid=UA-67431920-1&_gid=983338302.1701777494&gtm=45He3bt0n81WVGPJJ5v9127322656&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=1034453532

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:16:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6090
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 403957864408442 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/403957864408442?v=2.9.138&r=stable&domain=www.huntress.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49024c1bc4bd92c9e8c1c36275fa4b5427c99d54f1538fff38cce60451c59159

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 11:58:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36896
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: /njQ8Cw9vTv9i79zesueIqIOxVCw3nxJOLCMWAmaIo8xAedW76dObEsZGAjkElZue30F9oYIKWTNxMFxQJLxvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 12ms
11ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84226
accept-ranges: bytes
content-length: 12150

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 178ms
114ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=811f8fc5-024b-480a-8116-792d010737a9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7a08029d-2e59-4d9a-aadf-e6147f0a40f0&tw_document_href=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&tw_iframe_status=0&txn_id=odo68&type=javascript&version=2.3.29

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e6af98dc4109caae
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e76e57d7db312b43ec9a033e7e6590e1cbe82be359331752d5dfdf8a268c838f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 129ms
109ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=811f8fc5-024b-480a-8116-792d010737a9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7a08029d-2e59-4d9a-aadf-e6147f0a40f0&tw_document_href=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&tw_iframe_status=0&txn_id=odo68&type=javascript&version=2.3.29

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 102
date: Tue, 05 Dec 2023 11:58:13 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2ab6653387643d3f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3ec470992ea5221d613924bb9cee6650950fc610c2dd8c122e1bf050f3ad69f3
content-length: 43

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5990 869 B
658 B 130ms
110ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9714038d8de94136d6a4ebfe6cbd46d3fb86ba87

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 05 Dec 2023 11:58:13 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 05 Dec 2023 11:58:14 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 5edf27d0edf9615f
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 0dff24ff6e16eccf3052dc82b399db8f71ce82ab40811db533452ea55ec673a1
content-length: 337

GET
H2 200 187059084.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 34ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187059084.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf8edbedfd479fe7cc642e3a1db515dd1103f2d7864f0db5cae6144fbde44ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 05 Dec 2023 11:58:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E0311FB90064ABE9A4FA8633852B650 Ref B: FRA31EDGE0507 Ref C: 2023-12-05T11:58:14Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 49ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187059084&tm=gtm002&Ver=2&mid=d7b28631-b6d9-4b6e-9e74-a801b09b079a&sid=91b52c00936511eeb5aa4379fb1a8186&vid=91b51e00936511eea1a789e441b9f6ad&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604&p=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&r=&lt=568&pt=1701777493379,,,,,0,56,56,56,77,62,77,152,158,154,563,566,568,,,&pn=0,0&evt=pageLoad&sv=1&rn=607381

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 11:58:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61F52E9977DA4EC3BCD66B99EC1BFEC6 Ref B: FRA31EDGE0507 Ref C: 2023-12-05T11:58:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=403957864408442&ev=PageView&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&rl=&if=false&ts=1701777494067&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701777494066.1494086384&cs_est=true&ler=empty&it=1701777494007&coo=false&rqm=GET

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 11:58:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e_ip...

0
481 B

151ms
107ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e_ipv6=AQLMt4dxg2E44gAAAYw519GI6x-6hcXe5znKqvgUj1vqgrhSEJ8vB36qXhKymUxAmw
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1004DBD2EB7D435FA551CD42B4F4B8F6 Ref B: FRAEDGE1414 Ref C: 2023-12-05T11:58:14Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLwfMMo0xVkIWTq2HCpg==

Redirect headers

date: Tue, 05 Dec 2023 11:58:14 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9444220F48C9439A92D7EDCAAFBA1E00 Ref B: FRAEDGE1117 Ref C: 2023-12-05T11:58:14Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1701777494068&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e_ipv6=AQLMt4dxg2E44gAAAYw519GI6x-6hcXe5znKqvgUj1vqgrhSEJ8vB36qXhKymUxAmw
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLwfMKYpuYPC92mr3JVg==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
699 B 144ms
119ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 11:58:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ED3102F9B623411CA14D24BF83861B87 Ref B: FRAEDGE1117 Ref C: 2023-12-05T11:58:14Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.huntress.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYLwfMGd3W7N1EZ3djc2Q==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 32ms
11ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1701777494074&id=t2_12z44i&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=7b63c7fa-0d00-4584-a8dc-75465f94e643&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
448 B 119ms
118ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17715818&r=1701777494075&ref=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17715818
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPr_zOk4E2QV84CjwdQ_ockP7C-BwpwdxR4JeI8VSSiKfjKTjvZtkXHgGwokYfqTG6gvBqqdWxOGcA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Tue, 05 Dec 2023 12:58:14 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 146ms
106ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17715818&r=1701777494075&ref=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 11:58:14 GMT
expires: Tue, 05 Dec 2023 11:58:14 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPqLMusqIi5BGYu0GfyBuIUE7Wg4sl5dJyo9SOLXWImxD3PhOnOXWuIzq_lc205spgOYDBg

GET
H2 200 187059084 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 175ms
133ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187059084
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187059084.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a492ab8f89900409deff14b8c3d425a047cb9c377f4a87f04bf4ed87399d0a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Tue, 05 Dec 2023 11:58:14 GMT
x-azure-ref: 20231205T115814Z-vtaz0ng6ed4zp5aab0sb8vh0g400000005a0000000006reg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

OPTIONS
H2 200 traffic
api-gw.metadata.io/ Frame 0
0 564ms
182ms Preflight
application/json 44.225.227.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-gw.metadata.io/traffic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 44.225.227.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-227-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-apigw-id: Pd99lGr6PHcEp0w=
x-amzn-requestid: 2c1848f2-d831-46c1-8a0f-88d77656c82f

POST
H2 202 traffic
api-gw.metadata.io/ 0
0 187ms
187ms Fetch
application/json 44.225.227.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-gw.metadata.io/traffic
Requested by: Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 44.225.227.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-227-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-amzn-remapped-content-length: 0
x-amzn-remapped-connection: keep-alive
x-amzn-requestid: eef192b0-8ad1-4de5-acee-7609547a8697
access-control-max-age: 1728000
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 0
x-amzn-remapped-date: Tue, 05 Dec 2023 11:58:14 GMT
x-amz-apigw-id: Pd99nF6RvHcEmgQ=

GET
H2 204 cs
a.usbrowserspeed.com/ 0
0 593ms
202ms Fetch 44.228.105.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.usbrowserspeed.com/cs?pid=5de38576d91fe7ac65e01de48078379caf9e72e979b06a5762372b0c12e930ef&puid=lpsadqcncpxgb7e959t
Requested by: Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.105.44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-105-44.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
server: awselb/2.0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 98ms
98ms Stylesheet
text/css 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bf140dc12f2ed8ec639a4476223803ca6ca9f808d8b9a975b214f6feaf252684

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 11:58:14 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 114ms
100ms Fetch
image/jpeg 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 11:58:14 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 113ms
98ms Fetch
image/jpeg 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 11:58:14 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 159ms
128ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: d5d20f2e-e4aa-4770-a0c8-b989ad3cf7f6
x-envoy-upstream-service-time: 7
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d5d20f2e-e4aa-4770-a0c8-b989ad3cf7f6
Server: cloudflare
X-Trace: 2B0E41B050FDC2DFDBEA9EA32A3DC63679CFA5A7BB000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-xs72w
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 830c1dbc3bd89bc2-FRA

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1015 B 141ms
124ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 1e4c7a6b-7f61-4866-871f-6c6276c5de8f
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e4c7a6b-7f61-4866-871f-6c6276c5de8f
Server: cloudflare
X-Trace: 2B0CB8DFD5199B71562836582414CDDE23F56E555E000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-wcbcs
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 830c1dbc3e2a381f-FRA

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
466 B 92ms
92ms XHR
application/json 54.196.175.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.196.175.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-175-244.compute-1.amazonaws.com

Software

Resource Hash

7aa935a51c951ef38ac4a704222adb4c0825fce03748d32fabe38da5cfa91b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 5a8b216b8b97f26c6139934a893ba006

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
465 B 93ms
92ms XHR
application/json 54.196.175.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.196.175.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-175-244.compute-1.amazonaws.com

Software

Resource Hash

d2357ef3736baef870c92aaabf0c83bcebacc63c0f8ac37168bf9c664df92ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 7e14eeff15575c01ee87d021b3253b19

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
333 B 99ms
98ms XHR
text/plain 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=yZKscIIzalsoNin7qAYxQw&is_js=true&landing_url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&t=Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604&tip=v_fAN8B13A_KhmHgxu0swcLWGIg-nh7bwuuuiq3Gy1g&host=https%3A%2F%2Fwww.huntress.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9dff1b18a91f254c75217efe1fa106608515f0527&sa-user-id-v3=s%253AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCDWoLyrBjABOgSVjvJGQgTGw3PQ.Qdth%252BpmKV7C%252F7CbdzNGrr%252F7yZo9DBjS%252BokM4tJRG%252BzY&sa-user-id-v2=s%253A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%252FfidluW2oilJaNKvXAAeo&sa-user-id=s%253A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%252Fq30TQj%252FReje80542oESNI
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.huntress.com
date: Tue, 05 Dec 2023 11:58:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
333 B 99ms
99ms XHR
text/plain 35.157.222.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=yZKscIIzalsoNin7qAYxQw&is_js=true&landing_url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&t=Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604&tip=v_fAN8B13A_KhmHgxu0swcLWGIg-nh7bwuuuiq3Gy1g&host=https%3A%2F%2Fwww.huntress.com&sa_conv_data_css_value=%270-dff1b18a-91f2-54c7-5217-efe1fa106608%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9dff1b18a91f254c75217efe1fa106608515f0527&sa-user-id-v3=s%253AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCDWoLyrBjABOgSVjvJGQgTGw3PQ.Qdth%252BpmKV7C%252F7CbdzNGrr%252F7yZo9DBjS%252BokM4tJRG%252BzY&sa-user-id-v2=s%253A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%252FfidluW2oilJaNKvXAAeo&sa-user-id=s%253A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%252Fq30TQj%252FReje80542oESNI
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.157.222.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-222-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.huntress.com
date: Tue, 05 Dec 2023 11:58:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 204 2159185 Show response
vc.hotjar.io/sessions/ 0
259 B 79ms
37ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2159185?s=0.25&r=0.04614465803753198
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 27pFfYzhV0Vw9GZTbBnxDKjJ-2x6PVeozPDLpWUqfySz86da5SvIAA==

GET
BLOB 200
OK 44490e16-b125-4e9a-b2cf-753684778dd7
https://www.huntress.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.huntress.com/44490e16-b125-4e9a-b2cf-753684778dd7
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 161ms
88ms XHR
application/json 46.51.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.51.146.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-146-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 00d81dc08579fe7e375f6e935cbe51af743799343d9ca495c483f45f3ca32112

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 11:58:14 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
436 B 112ms
111ms XHR
application/json 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=3911692&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f5728d64-f5d9-47b9-b9bb-327b5600ed4e
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f5728d64-f5d9-47b9-b9bb-327b5600ed4e
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-c7x79
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 830c1dbc49a665b5-FRA

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 369 B
1 KB 127ms
127ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3911692&currentUrl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&contentId=143686222755

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 120487ef-c82e-4753-93a1-e82a161e2fe0
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 120487ef-c82e-4753-93a1-e82a161e2fe0
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOamJKo%2BexKHBWGsEwid05mRASYbR5Wc1S6IN2qlqcpowFMcrTR82NCEUWxh30D2daPMZhO%2BBr9H55GGwnBVC%2B65W3YgEv6LAT7jkVtTD2E6q31qunoj9VEmqLNa%2BEPjr2M7nrYmKBf0VmI%2Fg%2Bc6gkiNhPrZObISceo%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 830c1dbc5eb939c2-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-9sgqn

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/1006267/ 0
266 B 116ms
115ms Ping
text/html 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryf35DH5kBhJ4GfjYt

Response headers

x-runtime: 0.004171
date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
vary: Origin
cf-ray: 830c1dbc5b0b5bf5-FRA
x-request-id: e9a26982-7366-4a48-aff9-ae7909615609

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/1006267/ 0
96 B 126ms
126ms Ping
text/html 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4oYE5SEhf9h6b5IN

Response headers

x-runtime: 0.004327
date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
vary: Origin
cf-ray: 830c1dbc5b0c5bf5-FRA
x-request-id: 7c20ac1a-960d-42dd-b2e0-7e145c9d14cf

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 15ms
14ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187059084
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231205T115814Z-vtaz0ng6ed4zp5aab0sb8vh0g400000005a0000000006rf2
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 308ms
307ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 2dce25d4-0773-4be7-a775-043b90cc5749
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2dce25d4-0773-4be7-a775-043b90cc5749
Server: cloudflare
X-Trace: 2B7DB617FD218BB6E7331F5F0C3EB20DF257D751D2000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-qx4d2
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 830c1dbd0cce9bc2-FRA

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 142ms
123ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:58:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 28bcc85c-20c7-470e-8047-d7b48d0d1dcc
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 28bcc85c-20c7-470e-8047-d7b48d0d1dcc
Last-Modified: Tue, 05 Dec 2023 11:58:14 GMT
Server: cloudflare
X-Trace: 2B1152B320789E68BB888F0BD7558FF80E23165F7B000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-gpnnv
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 830c1dbd6ba237fb-FRA

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 14ms
14ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/e666a54d-ff29-48f9-9baa-2be6ac05412e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 18:58:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "656789ea-fdc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17428
expires: Tue, 05 Dec 2023 11:58:14 GMT

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 128ms
113ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 830c1dbd79db1e68-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 05 Dec 2023 11:58:14 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-vfzwq
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: c7fdf118-6e1b-4ed9-9a85-d26d6baac41f
x-request-id: c7fdf118-6e1b-4ed9-9a85-d26d6baac41f

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 136ms
135ms XHR
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/3911692.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ad40c890-abd8-4c65-b1f5-9ff90fdccbe8
x-envoy-upstream-service-time: 23
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad40c890-abd8-4c65-b1f5-9ff90fdccbe8
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-wvt5r
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 830c1dbe3ad21e68-FRA

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
571 B 21ms
7ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:14 GMT
an-x-request-uuid: 3766d83b-9957-4afb-b6ee-74cba3b27bac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 8ms
8ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.huntress.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 15 B
303 B 50ms
11ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9181a6929147959668b1f69b492b777a5b60d239d9ab4bf2774c335e66389eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:14 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.huntress.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:2b::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701777494658_388391900_1067694414_32_1114_6_15_219";dur=1
content-length: 15
expires: Tue, 05 Dec 2023 11:58:14 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 465ms
429ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 231ms
196ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22a87a3edc53b5a86d1795d11887b5aa39%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e666a54d-ff29-48f9-9baa-2be6ac05412e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
296 B 494ms
298ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.huntress.com
Date: Tue, 05 Dec 2023 11:58:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 201ms
198ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A2b%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core Show response
rc-widget-frame.js.driftt.com/ Frame E91C 2 KB
1 KB 495ms
302ms Document
text/html 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1701777600000/5d3cypit2iz8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.huntress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 05 Dec 2023 11:58:15 GMT
etag: W/"6a5cea74d414ec151635bd2880abb1c3"
last-modified: Mon, 21 Aug 2023 14:57:03 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id: wF3SQWkdHYZajm9rhc1MmEstHqd0y1aaZPiCTzBqlcChNrjQsFz_3A==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: hIxJdEPbt_45OV8bTT9Ad1M7VE.ABA8G
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
449 B 138ms
138ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=3911692&pi=143686222755&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&cpi=143686222755&cgi=39343107504&lpi=143686222755&lvi=143686222755&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&t=Critical+Vulnerability%3A+Exploitation+of+Apache+ActiveMQ+CVE-2023-46604&cts=1701777495145&vi=32d3ac194c39df2cb006d9bbb53ede76&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1977aee9-cca6-4205-8096-b4bad8679a9e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1977aee9-cca6-4205-8096-b4bad8679a9e
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwXK%2Bnq6f7HVCRS%2Fp5gQI6bvgYpw%2F3XOjU9%2FXk0CKJxgze6rQ4tUpwzGJAacgbZzU%2B8yhnDth6X8LmxgyjJR87L27BZd%2BEJkUd%2FNCW0NEk3J%2B24K0Qg%2FWnvfZR2Qkv6Xete%2FtsiWm8nfhzSUaBii"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-wqf4r
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 830c1dc0ad0390d4-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
606 B 127ms
127ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=a5544ac2-4cdb-4687-aaef-778e59ff044c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=3911692&pi=143686222755&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&cpi=143686222755&cgi=39343107504&lpi=143686222755&lvi=143686222755&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&t=Critical+Vulnerability%3A+Exploitation+of+Apache+ActiveMQ+CVE-2023-46604&cts=1701777495146&vi=32d3ac194c39df2cb006d9bbb53ede76&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e14d167-abcd-45cf-8b96-d51f0ee14025
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 2
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e14d167-abcd-45cf-8b96-d51f0ee14025
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F43SAhiTiHaA4Kr4Fvbmc3Rmq%2BBi8DylAOTzjbehu9XXc5aO%2Bcnyv3Y843inBTNji0CAok2j6w8Dj1vi0oJZm9n8TpUXNJMOpzJfyZIg4QxBhCvabUmq1qzPh8wBiurQlUiZD34ycb0D2M7Khj85"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-qb795
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 830c1dc0ad0990d4-FRA
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&RedC=c.clarity.ms&MXFR=0FDFB98BDF2361CF03C4AA55DB236F41
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&MUID=28B39DB80F2B6292316B8E660EA0635F

42 B
443 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&MUID=28B39DB80F2B6292316B8E660EA0635F
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:15 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:58:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 474FF72C568F437EAF443446348A1B2D Ref B: FRA31EDGE0507 Ref C: 2023-12-05T11:58:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=011F43104F81472897C650F9BDF5C384&MUID=28B39DB80F2B6292316B8E660EA0635F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 runtime~main.23dacaf3.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 6 KB
3 KB 120ms
120ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: pIvWjpmnkFEOPFn4Wb5jKsJCJYLlBZpR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"7bebf8444c728503329344c5817cc4e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gaMDzHZf8VW2VehZsybrioTPt6KvEqWfwaKda7STxVWXIDlYUWXEbg==

GET
H2 200 9.4a3e9801.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 35 KB
13 KB 216ms
216ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: 0R6w4wPD2HwiAnQQU407Ei0VYlDL7aGp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U4nENF4NNgjklhdivvGusKwXkD4SGGZPc1AZZDYoas9xwn4Vf4XheA==

GET
H2 200 main~493df0b3.91dc5a14.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 7 KB
3 KB 124ms
123ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/main~493df0b3.91dc5a14.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: aQ8O6UMWsN.2o5G5k1LSH1svCMcNLzIM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"c11c9776fa434757756e10e6ded61c75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2URPHPLMOojATCWppji1FGTOfBHwRPLtDlSeuXofan3UwLHKu7ewLw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 248ms
248ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 51.558be3c5.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 23 KB
8 KB 154ms
151ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: .6TxTo9usbUQYUCwKDuiHb.BM6ApG8BQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VKAokmxYZsnex5IsC5nwPoEjcJsrlVyRLonOJusltZ1OCYJIoHH63A==

GET
H2 200 33.ae4de0a0.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 36 KB
10 KB 250ms
247ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: PUG2tPuHbg6UXU15H37d6Lifu.5b8Act
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cBpgFQ2CFqwt4AEwtuAVfPsFgPp7mzMAUzUZifl00-QIr6vLwQ7nsA==

GET
H2 200 22.6b9a301a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 32 KB
11 KB 318ms
315ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: QoOI72Vu.zlrxZZl0a64sbvRoOIA5ojK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vDeZGW-v_EDNtbWi5d0O0sBFnzqNSUAvDujmUUyqt-pZT83f4lge_Q==

GET
H2 200 19.6f85b843.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 17 KB
6 KB 126ms
123ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: Hk_vupXb1b30d6Vcw2qdMZn4qW64.euE
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HjoHlWl6wEUunYCJvmR7AeOKTzLuY3d7aa4I82Ze6lRJYhY8KCAU6g==

GET
H2 200 41.b4fc4de2.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 25 KB
8 KB 221ms
218ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: m7K9iRw1ct8e79JOd9vr4cnWcFJSESd6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UKWO5kFsiQDHDlnows1tftySGSelcsxibDIvzCOTUk2gGcNDsMNEnw==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 74 KB
23 KB 127ms
125ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: LhqTKj9DloF6hQiI94KtDbTFn57ubD.4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KksY-NMssr7prqZ3OxOEDFW9WFUYn4QaQNG5fDbkB8_cajfwiB1NnQ==

GET
H2 200 27.3951aad8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 66 KB
20 KB 218ms
216ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: PLRwkxTy0W_1o8rwzVQG6XR9UyxAvjNh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Sat, 02 Sep 2023 21:37:07 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X3jedQaSaAA3lDOnO5UmwJz_grwMPzY7tv5SKEqGXldXYLDUWA9-yw==

GET
H2 200 14.e24a6190.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 91 KB
28 KB 229ms
226ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: mIY2ELgWr_CDZ0QUy2TBDvE.N4KsWN4_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Wed, 29 Nov 2023 17:11:54 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 36lBuxo9L8Bup6umI3CvwuIxC8vyoTA4o8DfSe72z-jLnOFzg-Pc4A==

GET
H2 200 11.639238ba.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 23 KB
7 KB 130ms
128ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: x.qnzsU4q_mda0sg.8ZCKp4GZfVYuTVK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 29 Nov 2023 17:11:54 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NuWxowC529gWFzxUE4Y0x2SR3lfP6o755X2L25t6EToSg-k_uBoMsw==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 62 KB
20 KB 133ms
131ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: YcOgqbMwdOjFG8NDjtdnGfLewYtJE2k0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UPi6_y7IAC9crEyvTDdSxyv5qslTDFp58_txW_FFyr4iNl4cQRYf_w==

GET
H2 200 49.f7274268.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 105 KB
34 KB 232ms
230ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: llBDDQuDR9RZC2bd.Myma6Y6PSE8kQFM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: miZz6P2CRkfGn-fyIEPeCxm_aFMwYzVDGHH8P3ETeV6pf3IOgtmLrQ==

GET
H2 200 40.31ef8dbf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 12 KB
4 KB 129ms
127ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: BF6DDEi3tY_MTyjx5juxWja3dU6E4kcy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X3gx9zcDRLIJjORNmrUPNQxPv-459rjmPtT-N2YFEr58FPUr3VwrVA==

GET
H2 200 29.31d09948.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 13 KB
6 KB 135ms
133ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: 5WH0AwMiemK_CtYNSiVFaQOSFtLBQmj1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7NtIDGtSvHaT_4YvG9kEVtWd6I_Kr8KtVCiApem3yXvpfpzo8PINjA==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 17 KB
7 KB 127ms
125ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: LUAFScBI38JgCVW_nUPciPbMwbUBYV3h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Wed, 29 Nov 2023 17:11:55 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7F4fNwb3YggRLOC73PSj9B0-fTga3jgGxTNGsPMWOiabwyEQ_KkG2Q==

GET
H2 200 8.98b34517.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 31 KB
5 KB 121ms
120ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: iNKtCZtb69S5Xg2ti_W3KaKTIlBxoqLp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"82429fd1682dcb60e14996ad58a35a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GX8ZM1d_iQn7yGpSSrf9Tp63MzucZ-5AeLlYcUy2MYddTnE1oUrj4A==

GET
H2 200 8.5fdda827.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 81 KB
25 KB 226ms
225ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/8.5fdda827.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: s5Gs7OuwDj2F26kpSyydH_032jxZE3YX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:26 GMT
server: istio-envoy
etag: W/"f78079aaffe016efb8ec35b9fbb9f42f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B0x8n8bxyL-llg-EH7zRzR7n4jqRCCLfbk85bDBweCEt0rCUhDERxA==

GET
H2 200 16.22abfce0.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 24 B
696 B 123ms
121ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: lz5JRT4b_T7nBR2M4YPZijYaT7Ed4E5V
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 14
content-length: 24
last-modified: Wed, 29 Nov 2023 17:11:53 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fCQh9SsAq3wdevkb0OBIJwWopimm0hDWe2_X8JDTWEZ6kpavXyM2Iw==

GET
H2 200 16.890a0911.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 91 KB
24 KB 407ms
406ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/16.890a0911.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: 2cJi_0AtsucvWstmkbj3mO1t8SiuDMru
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"52b055a08e59141b8f7b7947c7d7ab69"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zkl9xI7M3ZulovipJKIgcPM2w330xn52pzqBCuZmVxK8ShIV63b5yw==

GET
H2 200 24.24e43c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 50 KB
14 KB 225ms
224ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/24.24e43c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:15 GMT
x-amz-version-id: J3Ynz_VL_Xe.kEj4VqPxsio5dIqXBI10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"390d4b78f4c738295b7974aca941d031"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FqF8MN47tHf-6LZXzAweADPS3jUgWQtxQLHQZr5bTyDgXme6bWnVxA==

GET
H2 200 17.413337a8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 40 KB
13 KB 333ms
332ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/17.413337a8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: Ud1ylpzTdwt3qfnkRXUYob2T_ovQMI1N
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"4aea30e551ee7f04a564c0408c291306"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -3Z-z8K8HJLedZjqZXNs7bkpcXXABVejPDFThRtVKNFJnEbHcPihhg==

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
296 B 98ms
98ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.huntress.com
Date: Tue, 05 Dec 2023 11:58:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 9 KB
3 KB 124ms
122ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: IEc3lNTTV.AfOb9md8JELPoFmKS3FQhJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Wed, 29 Nov 2023 17:11:54 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -HFkCEh45OkwnTDs_84wipGUTWs49PJBqNgq6Wwyg-fw7Ewo0GpGLQ==

GET
H2 200 4.07aa08a5.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 7 KB
2 KB 125ms
123ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/4.07aa08a5.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: wzblrhR8VgaZ91O5gq0aMSI2PU89S5cp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gEIV1pI1RGuPSbpLdMJcI2esQmIKb-Yjuf-soM3MiSKC98duX5U3GA==

GET
H2 200 4.36582b8b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 54 KB
15 KB 219ms
217ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/4.36582b8b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: aXK3nhxEmGQGmcWeEUpmTanxIifnp1mO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"eb4f4fdfa625f5036ae2538950af438e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rhhdaPamBFn6TZmiVTeO8LQ151jq5JpIJ-bR-0J_l2MiNgAp91SZlg==

GET
H2 200 34.4924e4bf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 27 KB
8 KB 128ms
126ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/34.4924e4bf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: T7ywXmlgZ2pn_NjEp3YMDrKgM16OYgwy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"2a9499a40949c70c9c00081b06639cb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YieCE3jZ9JUfXrx0v9djSI4VdA5HUz8QS7xYhlK5Z0hZAp9zybYiEQ==

GET
H2 200 1.12ba17b6.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 44 KB
7 KB 134ms
132ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: SXWunl_UbQgCF_WiWah0WJBWLF813tCe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Wed, 29 Nov 2023 17:11:53 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KEaBvpyibEAi511SpikjsaC6fHBIojbkU7552bfEXzi5LPY46O5-BA==

GET
H2 200 1.9d9c8c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 54 KB
18 KB 223ms
222ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/1.9d9c8c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: TN5uaySIype7BWdOQeU5pFJLqRV.3qiK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:24 GMT
server: istio-envoy
etag: W/"bc8dde7d353b792cb424661adcff29fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iJWQX7RwAhUrtbMHyeQhZTdHskSSJhLt4AWZiLeFNzOs16CTC7kiFA==

GET
H2 200 3.bbe0e1fa.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 24 KB
10 KB 127ms
125ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/3.bbe0e1fa.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: pHxDHN0IINa0RNuxMPvQ8pBn4Eg1GWSc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"b394f9cf6fe473cdb6852b332234aa52"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: efe3fGmbBVkAvJPHZbhTD1_PjSF920rgxVYLDzfL9n_cO9loQlRPHA==

GET
H2 200 26.5208cc6b.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 11 KB
3 KB 125ms
124ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/26.5208cc6b.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: SrCjVsE3413g5wEL9F8CX8IFIQaqzFVz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"0842e637a23acc114afbb6195c984564"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SC3iVgEnqLIh8X52HPG4b5OYVpXueEPc_Mn3HjKsqXMwTtQnFTnZNQ==

GET
H2 200 26.69219246.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 16 KB
6 KB 222ms
221ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/26.69219246.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: xHgUeRJlJNXFuOCOFJ6VHVB_xDcgAWBV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"c41c7243f45ea540e99a3256f4942432"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DBCtnLm9DVcCLK1Qnd5XQWbIsCqZINP__EytLhU3Wojoia9pqILyxg==

GET
H2 200 25.7addeee7.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 9 KB
2 KB 128ms
127ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/25.7addeee7.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: EFJHE_lMh.tvaT0GqPW.1ROLceWNBRoz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"b9011653b355d04d18b2ff93e45e1ecd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VJXkEC8uXjQE8cNN3esSkS1A2fPDNlNMvSEV-HCRhn5AKa5HKI2T1Q==

GET
H2 200 25.915ff314.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 47 KB
14 KB 218ms
217ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/25.915ff314.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: qod1m4nnLfUgaMaxljkZuFfY2SywXHfx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"12bceaba2da6c30ab2a0aacbde681b0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TORfoP6ISIxlSYXvo-FgaQ-5JvX7wUQ22auwps1CR1Gs_bJLbmnnJg==

GET
H2 200 28.e29661b2.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 561 B
1 KB 134ms
133ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/28.e29661b2.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: yOY99EI9PDEu6PYQSPkvCce7eoR8ev5W
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 26
content-length: 561
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: "5847d5731c3141aa511411d6c66a193c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V2LLVOE3UZawJUHOdCHyaQgDjra3rBXK4PWs45qqpa2WeGu2QDyrow==

GET
H2 200 28.7257241a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 49 KB
14 KB 221ms
220ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/28.7257241a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: Aw7E9DaiC.0zygWe8D.HQj28dALSaXA6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"e737f53b0791dac4c523770b4992131c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9n2tZ4qy_uEa8i-Qtr4ec6ai-YJ7L_KlD6vCkS34GSB8M8539KDPQw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 214ms
214ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 35.3cdf48ae.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame E91C 16 KB
3 KB 129ms
128ms Stylesheet
text/css 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/35.3cdf48ae.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: V1yopT2bXZUj.CNczvGqS7_vfWAIiP2A
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"ac16e52f547ce8f3de32d9d7d591c2c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uMM3CtKN3szWWY08GyHK8nDBtK2neQHw_5wfOeYyO1UcgcyWio7Rsw==

GET
H2 200 35.3969a3d7.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 11 KB
5 KB 126ms
125ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/35.3969a3d7.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:16 GMT
x-amz-version-id: _L8fRFK5jC3YnnGaFitzP.KBJ4MXVS_2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"dcd622adceee29d53432ca3f6e9eb777"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pziq_OtskZz-ghOkR83JXlRVljjG8kw3VIt7SMXF8hHmbnzzBK0RSw==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame E91C 208 B
647 B 329ms
99ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

facf8de270be69de3d2a6fc877d6bbf24baacdeb6f8c5b39a4ac4853bcc096bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Dec 2023 11:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 779d75f1f50ef60
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 208

POST
H2 200 v2 Show response
customer.api.drift.com/integrations/hubspot/utk/ Frame E91C 2 B
65 B 147ms
147ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 11:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: b6de2a622bd8c318
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 54
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2

OPTIONS
H2 200 v2
customer.api.drift.com/integrations/hubspot/utk/ Frame 0
0 112ms
93ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-widget-frame.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 05 Dec 2023 11:58:17 GMT
requestid: drift068cd0b4868a3fc9e4ded34c8b0
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame E91C 25 B
89 B 114ms
106ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Dec 2023 11:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6413f41c2192ba3f
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame E91C 10 KB
4 KB 277ms
277ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e383f37e3aecf0c89a78156124607125653e7dfd9ac2b8111d9778be02b6c779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Dec 2023 11:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: a18b9a80755d7724
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 184
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 204ms
204ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A16%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223002%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame E91C 669 B
729 B 93ms
92ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

82ad9b94424e28c5d4a50084448962ee9b2f20bac232f2d0b0e127463ac760f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDMwNjc4Nzk0MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwOTI4MDQiLCJleHAiOjE3MzMzOTk4OTcsImlhdCI6MTcwMTc3NzQ5N30.NUxeC0UgOVBgz_KgD6vFlw3bluHqiI9rxPaOCRBV3gI6gCGCMEDWR7kYhGIIfuReHzpbTo-17teiXvGPV3kKUQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 11:58:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: b2acbd82f92d4796
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 669

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 122ms
92ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-widget-frame.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 05 Dec 2023 11:58:18 GMT
requestid: drift702b4774090b9089629f6bf4333
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 57.28dde8ce.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame E91C 19 KB
7 KB 123ms
123ms Script
application/javascript 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-59.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=a1b77edd-3c26-46a2-86a1-10bca1625175&sessionStarted=1701777495.125&campaignRefreshToken=6d0af208-1271-4b61-8764-993cc94dad80&pageLoadStartTime=1701777493537&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:18 GMT
x-amz-version-id: wTFdwfE1Kj.lbHD_WuV1T0YTkktCGVAl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 29 Nov 2023 17:11:56 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4u60WGGBtOY5MRDLsFjoHHwPlrAH8DURWRbj2MXLXoi57eO8kXIZEw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame E91C 11 KB
11 KB 36ms
11ms Font
font/woff2 108.157.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-88.dus51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 6670114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
content-length: 11028
last-modified: Fri, 03 Mar 2023 19:55:17 GMT
server: istio-envoy
etag: "1f6d3cf6d38f25d83d95f5a800b8cac3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fk9vtUJPEWT0xcNnV-V5X1oUc2_xGm3vl8WYSMg_MOAQrUHNMaOWWw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame E91C 11 KB
11 KB 37ms
12ms Font
font/woff2 108.157.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-88.dus51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:27:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 14578257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
content-length: 11040
last-modified: Fri, 03 Mar 2023 14:31:39 GMT
server: istio-envoy
etag: "5e22a46c04d947a36ea0cad07afcc9e1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1SDHwFmk6iDRUT0iV6sQAoGwpGge62Se5BPzIdAjzvQxpN30LTRkXQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 196ms
196ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=e33da146-c2c1-4fa6-83d7-c50f815ac47d&session=b671510a-57ac-4db8-84f2-94b9eb782c3a&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2005%20Dec%202023%2011%3A58%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224003%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-46604%20is%20a%20critical%20remote%20code%20execution%20vulnerability%20in%20Apache%20ActiveMQ.%20Patch%20now%20to%20avoid%20any%20potential%20adversary%20exploitation.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20Exploitation%20of%20Apache%20ActiveMQ%20CVE-2023-46604%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-exploitation-of-apache-activemq-cve-2023-46604&pageViewId=0817ff9b-1fbd-440e-8612-833eec20bc2d&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:58:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
296 B 101ms
101ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.huntress.com
Date: Tue, 05 Dec 2023 11:58:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.huntress.com/	1970-01-20 16:42:59	Name: __cf_bm Value: LMJ4RSi706BWrMzvxAGM4Xoj7gtuKpRnDGmDcqBe.pQ-1701777493-0-AdtibZ+62Qm1IszwMk94oPzQnxD8v/J/q/930K6HhGVSeTQR2OQB70PQ+Xlkk8QA7ukBvbLuz04IjPlxaZ591EE=
.www.huntress.com/	1969-12-31 23:59:59	Name: __cfruid Value: 12b4ca3dc2b782ebe8ee4eefa396ac8acaeef575-1701777493
.huntress.com/	1970-01-21 01:29:59	Name: _vwo_uuid_v2 Value: DA89FB4102DBD750D7C3B78D9048C0214\|1f415f568ea3db8d62bca15a5442a23c
.huntress.com/	1970-01-20 16:42:59	Name: _sp_ses.1564 Value: *
.huntress.com/	1970-01-21 02:18:57	Name: _sp_id.1564 Value: f62a6ddb-c0c2-44c8-ac75-fef21bf05e62.1701777494.1.1701777494.1701777494.634043a9-f808-4db2-a63a-1e4954787e25
.huntress.com/	1970-01-20 16:44:23	Name: _uetsid Value: 91b52c00936511eeb5aa4379fb1a8186
.huntress.com/	1970-01-21 02:04:33	Name: _uetvid Value: 91b51e00936511eea1a789e441b9f6ad
.techtarget.com/	1970-01-20 16:42:59	Name: __cf_bm Value: 9s5lvLNI3i6U1LYQlBLjNYl0hIcu0QAi4L.URTL.qHg-1701777494-0-AZwDFMNoB/8Vukf23q65gjQkE1BfLaociLoidfR2bUEXXCaq3UpXus4CX4ZLSfSK0h2/Xp5kujZMOnq550rmuz4=
.huntress.com/	1970-01-20 18:52:33	Name: _fbp Value: fb.1.1701777494066.1494086384
.huntress.com/	1970-01-20 18:52:33	Name: _rdt_uuid Value: 1701777494074.7b63c7fa-0d00-4584-a8dc-75465f94e643
.bing.com/	1970-01-21 02:04:33	Name: MUID Value: 28B39DB80F2B6292316B8E660EA0635F
tags.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id Value: s%3A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%2Fq30TQj%2FReje80542oESNI
.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id Value: s%3A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%2Fq30TQj%2FReje80542oESNI
tags.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id-v2 Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id-v2 Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
tags.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id-v3 Value: s%3AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCDWoLyrBjABOgSVjvJGQgTGw3PQ.Qdth%2BpmKV7C%2F7CbdzNGrr%2F7yZo9DBjS%2BokM4tJRG%2BzY
.srv.stackadapt.com/	1970-01-21 01:28:33	Name: sa-user-id-v3 Value: s%3AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCDWoLyrBjABOgSVjvJGQgTGw3PQ.Qdth%2BpmKV7C%2F7CbdzNGrr%2F7yZo9DBjS%2BokM4tJRG%2BzY
www.huntress.com/	1970-01-21 01:28:33	Name: Metadata_visitor_id Value: lpsadqcncpxgb7e959t
www.huntress.com/	1970-01-20 16:42:59	Name: Metadata_session_id Value: lpsadqcnozkr5a3vhtg
www.huntress.com/	1970-01-21 01:28:33	Name: sa-user-id Value: s%253A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%252Fq30TQj%252FReje80542oESNI
www.huntress.com/	1970-01-21 01:28:33	Name: sa-user-id-v2 Value: s%253A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%252FfidluW2oilJaNKvXAAeo
www.huntress.com/	1970-01-21 01:28:33	Name: sa-user-id-v3 Value: s%253AAQAKIAqTdpk7Om2OUOtZDaK6nyd3Kq-6mbU4HcPD9pfuLSQhEHwYBCDWoLyrBjABOgSVjvJGQgTGw3PQ.Qdth%252BpmKV7C%252F7CbdzNGrr%252F7yZo9DBjS%252BokM4tJRG%252BzY
.linkedin.com/	1970-01-21 01:28:33	Name: bcookie Value: "v=2&6e2a8e30-f1d1-4c76-8b1e-816b5f7dd73e"
.linkedin.com/	1970-01-20 21:02:09	Name: li_gc Value: MTswOzE3MDE3Nzc0OTQ7MjswMjFx4bwAaxtK64svalfpEcAPSpwLsAQlseE2wVSZxmIpCQ==
.linkedin.com/	1970-01-20 16:44:23	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2925:u=1:x=1:i=1701777494:t=1701863894:v=2:sig=AQFq4PmNnFm8zliObm7ym4L6gsTkogja"
www.huntress.com/	1970-01-20 16:53:02	Name: slireg Value: https://scout.us4.salesloft.com
.ws.zoominfo.com/	1970-01-21 01:28:33	Name: visitorId Value: 8540aa491c89c4b356d32d18c1d2662bca5750137064743bb7c1758c8ebc6876
.zoominfo.com/	1970-01-20 16:42:59	Name: __cf_bm Value: U7m7XDuIXFTR7wGSQUX8_gYDCjyi4G44Fp0MmtMqrSg-1701777494-0-AeGINOFSupz4ZKD8gnk/TtnK67WvOspV7naPxZD+5XuTwuJwHb+gzjvaASvImeDXSUptDPqTFq8iiKeAvU5YFfE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: TGrSa.zP9Kgl_7vrRxLMwUZJAA5u7ovEWqaJCD1z5Hw-1701777494249-0-604800000
www.huntress.com/	1970-01-21 01:28:33	Name: slirequested Value: true
www.huntress.com/	1970-01-21 01:28:33	Name: sliguid Value: d791ba08-3693-4b51-94e4-ad84eda4ce81
.hubspot.com/	1970-01-20 16:42:59	Name: __cf_bm Value: QleYYfEUZTEVZ1y_xl5wcv5zA.bhapNSzd48hsK49AQ-1701777494-0-AR0i1jFMVFwvbk/HIfnm+fDnDuC2BoQP69n200+pZbxixvAOOOrCDHOrTYpldHa236dUr+i7Qwn9xq5bUIsIqT8=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2ekE75levGYaLgfgJmmuQHQlqKWSyJ20kzsO.UjIY2s-1701777494349-0-604800000
.huntress.com/	1970-01-20 16:42:59	Name: _hjFirstSeen Value: 1
.huntress.com/	1970-01-20 16:42:59	Name: _hjIncludedInSessionSample_2159185 Value: 1
.huntress.com/	1970-01-20 16:42:59	Name: _hjSession_2159185 Value: eyJpZCI6ImUzOGRmNzE4LWYyNWEtNDlkMy05ZGE1LTNlMzUzNjRjN2ZlNCIsImNyZWF0ZWQiOjE3MDE3Nzc0OTQzNzksImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.huntress.com/	1970-01-21 01:28:33	Name: _hjSessionUser_2159185 Value: eyJpZCI6IjdjMjZkYmFhLWZhNjktNTZlZS1iOWZlLTEyMjAwMTE1NjVkMiIsImNyZWF0ZWQiOjE3MDE3Nzc0OTQzNzgsImV4aXN0aW5nIjp0cnVlfQ==
.huntress.com/	1970-01-20 16:42:59	Name: _hjAbsoluteSessionInProgress Value: 1
tracking.g2crowd.com/	1970-01-20 17:03:07	Name: _session_id Value: 471d9df9859f059d953c1b17b1ddf6f3
.g2crowd.com/	1970-01-20 16:42:59	Name: __cf_bm Value: Uq6oYnb0z.6z_v5GLVzB3lmII9qIeV7H1pk1FmcFl6Q-1701777494-0-ARlO1/ClQMOoLAdITqG2PnEuw+fonYBNbuNioBNbw49eloX/NF6S0fVQxJhSgAw+MoHEtyknDzXSSN9WbGeesyE=
.twitter.com/	1970-01-21 02:18:57	Name: guest_id_marketing Value: v1%3A170177749441680105
.twitter.com/	1970-01-21 02:18:57	Name: guest_id_ads Value: v1%3A170177749441680105
.twitter.com/	1970-01-21 02:18:57	Name: personalization_id Value: "v1_rACpFpXikvh/XmN5c4KjZg=="
.twitter.com/	1970-01-21 02:18:57	Name: guest_id Value: v1%3A170177749441680105
.t.co/	1970-01-21 02:18:57	Name: muc_ads Value: fd1bab2e-8fa1-48c3-ada8-166f277cbb6c
.bidagent.xad.com/	1970-01-20 17:26:09	Name: xad-uid Value: MzYxNDZhODEtNzJjZi00NmE2LTk4NjEtMzA0NzExYzc3MWIx
www.clarity.ms/	1970-01-21 01:28:33	Name: CLID Value: 8dcfbbc663974916a449b938eab7074c.20231205.20241204
.huntress.com/	1970-01-21 01:28:33	Name: _clck Value: 5k737o%7C2%7Cfha%7C0%7C1434
www.huntress.com/	1970-01-20 16:53:02	Name: _an_uid Value: 0
www.huntress.com/	1970-01-21 02:18:57	Name: _gd_visitor Value: e33da146-c2c1-4fa6-83d7-c50f815ac47d
www.huntress.com/	1970-01-20 16:43:11	Name: _gd_session Value: b671510a-57ac-4db8-84f2-94b9eb782c3a
.a.usbrowserspeed.com/	1970-01-21 01:28:33	Name: tuid Value: 3454e455-a101-475a-bf37-89d0a2630f9b
.6sc.co/	1970-01-21 02:18:57	Name: 6suuid Value: bd641102bc0f090057106f654600000014627d00
www.huntress.com/	1970-01-20 16:42:59	Name: drift_campaign_refresh Value: 6d0af208-1271-4b61-8764-993cc94dad80
.huntress.com/	1970-01-20 16:44:23	Name: _clsk Value: 16j2zhm%7C1701777495183%7C1%7C1%7Ci.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 16:53:02	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:04:33	Name: SRM_B Value: 28B39DB80F2B6292316B8E660EA0635F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:04:33	Name: MUID Value: 28B39DB80F2B6292316B8E660EA0635F
.c.clarity.ms/	1970-01-20 16:53:02	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:42:58	Name: ANONCHK Value: 0
www.huntress.com/	1970-01-21 02:18:57	Name: drift_aid Value: 11fce347-2943-4e8e-8f0d-f7fe6c3a46af
www.huntress.com/	1970-01-21 02:18:57	Name: driftt_aid Value: 11fce347-2943-4e8e-8f0d-f7fe6c3a46af

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3911692.fs1.hubspotusercontent-na1.net
a.quora.com
a.usbrowserspeed.com
alb.reddit.com
analytics.twitter.com
api-gw.metadata.io
app.hubspot.com
b.6sc.co
bat.bing.com
bidagent.xad.com
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.metadata.io
cdn2.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
content.hotjar.io
cta-service-cms2.hubspot.com
customer.api.drift.com
dev.visualwebsiteoptimizer.com
event.api.drift.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
huntresscdn.com
i.clarity.ms
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
lh7-us.googleusercontent.com
metrics.api.drift.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
rc-widget-frame.js.driftt.com
region1.google-analytics.com
s7.addthis.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
syndication.twitter.com
t.co
tags.srv.stackadapt.com
track.hubspot.com
tracking.g2crowd.com
trk.techtarget.com
vc.hotjar.io
webhooks.fivetran.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.huntress.com
www.redditstatic.com
104.244.42.136
104.244.42.67
104.244.42.69
108.157.4.88
13.107.42.14
13.32.27.107
146.75.116.157
151.101.65.140
162.159.152.17
18.66.112.19
18.66.147.59
18.66.97.49
2.17.100.193
2001:4860:4802:34::36
23.45.238.53
2600:9000:223c:5200:9:d7d4:1380:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:671c
2606:4700:20::ac43:44da
2606:4700:4400::6812:24c4
2606:4700:4400::6812:2b1f
2606:4700:4400::ac40:9284
2606:4700:4400::ac40:991b
2606:4700::6810:4cba
2606:4700::6810:5614
2606:4700::6810:6cd1
2606:4700::6810:890f
2606:4700::6811:129
2606:4700::6811:190e
2606:4700::6811:589a
2606:4700::6811:c060
2606:4700::6811:cff9
2606:4700::6811:e3a3
2606:4700::6811:eff9
2606:4700::6812:7c0c
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:26f0:3500:16::215:1484
2a02:26f0:480:23::1726:629c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42::396
34.111.208.231
34.159.227.151
34.193.113.164
34.96.102.137
35.157.222.108
37.252.171.85
44.225.227.138
44.228.105.44
46.51.146.14
52.167.85.21
52.6.216.199
54.196.175.244
54.205.109.127
68.219.88.97
00d81dc08579fe7e375f6e935cbe51af743799343d9ca495c483f45f3ca32112
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508
11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868
134a10123f83c0ee64b400b44e24cd8327693ad9c194d1e788782f98642eb193
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
14252e7f73ef2e03b671d57ca706eea2810f946d591da6f90ff15939f330f41c
14c59924cdca7796d9578872e6933998297b41cb0a2951ccaf7de4bd7cf921ff
14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2
15060ee6ff8c9789a6b1bf901b59da0707043b9606c40c9790c453f51faa63ec
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb
1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938
1db6b123f97b64be2a35c607c2d290818cea4f045f157b7499d1e57797b52f66
24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2b7c6f73a6e785add388f9ab572432a7c04be2c9b6d8cdb0d21b721877331285
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302c2b5e54b9109c31e6f885dcfa028a37b17f5e1e714a093253157eb0e0f9d3
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30830f557fdc6a64c686abee404481eebe0d174d0884ac8b14d9d6dfbb8ec91e
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
3ae7e27f5441e4b37863c6076d2f5fb545d23c74a70cff38d2725468b64cb3cb
3b5765cdf7d4f072406ef5bfeecee9b32bff67188fd51806fdb3e33dd947d083
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
4088630619dba4909538dd2f3605c8f92b2756f0105a22b4cf8cdab9dc134703
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49024c1bc4bd92c9e8c1c36275fa4b5427c99d54f1538fff38cce60451c59159
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4fca0c51e0dc861634bd5b1edb17940bfec91aab230e351ba6da3c080dd11b18
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551ca1b23325efca29e8a2d49cba369e90786ea04e6d8ba4a277c26b8499e543
558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9
55d7f186ba2b03c67dfdc6034996134fcfd22539c61a61b7f864dfec6131d21d
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735
610dc9971e1062ffca42a6cf174d3656c25985e78a61f15cabb4b2cf48c88323
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
697658c010f11e771e57683da2bc8adbfbfcf6ebedd5fd44f0341e1d0b8a2c35
6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
72d4c7c6a35adaf336716307881a29753f3341dbafa2c82d28e6fbeb0a5f1894
7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7aa935a51c951ef38ac4a704222adb4c0825fce03748d32fabe38da5cfa91b84
82ad9b94424e28c5d4a50084448962ee9b2f20bac232f2d0b0e127463ac760f7
82ba33778a6595a59baef6e6964c64d7c3e9888c2bbf74461f1948b295db28e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839209a09d423eea85d71fa9e42c75f164894beda3a3fe07aca07d31417efc0d
84ec2970e1ea645a22df26ade381eec232e101c9fe22e63162234a282c15495e
860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8def6f29065ff645f9f4d7e8bca8caa4d7da3711e9850914be7dec91fd8457a1
8e36313d9bdd33c436808fe365c1faf9c3ee7afc1f8a9d7a2f0d89c25d12d73f
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
9181a6929147959668b1f69b492b777a5b60d239d9ab4bf2774c335e66389eae
9376df9b8822a7f057796704e3cb466577faa32f94b2460a2429944cc16c9489
93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a492ab8f89900409deff14b8c3d425a047cb9c377f4a87f04bf4ed87399d0a15
a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a
a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff
a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e
ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bbbf19297b51d0b785546a092e4cb269724837512dcf86737e2abb7f349dad50
bf140dc12f2ed8ec639a4476223803ca6ca9f808d8b9a975b214f6feaf252684
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c4f6482c09544a1112f7b8f20312a3ace54df5876111647dc7da645b8a102a49
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c
c7c31067995d6ed92af60884d3b72b61442c85e4eeca743d6edd24f8a4ec66cc
c83ca0c69da08f97b59cbfcf7f63529d115f5e6b54d32c52ac70399bde8dbcae
ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503
cafb311ac2e9e58c5e0883ed0162683af6fc44b806e911268f7f28a03871417f
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf8edbedfd479fe7cc642e3a1db515dd1103f2d7864f0db5cae6144fbde44ea4
d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39
d2357ef3736baef870c92aaabf0c83bcebacc63c0f8ac37168bf9c664df92ce0
d4b6b77503264da32a4acd54d0cd9b7d8d39380d728145c359d775f0ce07c513
d5a421dbd597a94360622aa975ff3c27809a08e5ddaada7832a692c3b51c5eeb
d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44
d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e
db0c6aa767c2f8cd965f05e2589946e74782b4a8152a867de7cf2dca68f4a5eb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf
e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab
e383f37e3aecf0c89a78156124607125653e7dfd9ac2b8111d9778be02b6c779
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c
e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
e95b63df5dfdf0e0b0357145cdcab82f66f47a5b7362d7cc9ca3742bfbd580fd
ea0da571c3239d7a11e2f1b948a309d91a258620fe69658dbadc7f1d17d4dc12
eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277f68dfdfd292d90cb8024420897e6915ab570803af77f6e2118dea071a7c7
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f993caa001338e6d090d683e4aca79a0e6c0d770fa3840aafaf09f426397d8fa
facf8de270be69de3d2a6fc877d6bbf24baacdeb6f8c5b39a4ac4853bcc096bb
fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a
fda6fbd067db534ed80481a9e4a5f065183218e2e54499033c0427bfb2f37a5c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.huntress.com Open in urlscan Pro 2606:2c40::c73c:671c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

189 Requests

98 %HTTPS

56 %IPv6

48 Domains

75 Subdomains

65 IPs

4 Countries

3663 kBTransfer

8472 kBSize

63 Cookies

22 Outgoing links

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.huntress.com Open in urlscan Pro
2606:2c40::c73c:671c Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

98 %
HTTPS

56 %
IPv6

48
Domains

75
Subdomains

65
IPs

4
Countries

3663 kB
Transfer

8472 kB
Size

63
Cookies

189 HTTP transactions
0 data transactions