urlscan.io logo urlscan.io
SecurityTrails logo

blogs.infoblox.com Open in urlscan Pro
2a04:4e42:8d::765  Public Scan

Go To Rescan Add Verdict Report
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Submission: On July 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 4 countries across 29 domains to perform 210 HTTP transactions. The main IP is 2a04:4e42:8d::765, located in United States and belongs to FASTLY, US. The main domain is blogs.infoblox.com.
TLS certificate: Issued by R3 on May 20th 2023. Valid for: 3 months.
This is the only time blogs.infoblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 2a04:4e42:8d:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 23.185.0.2 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 18.158.110.93 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
10 23.53.42.251 20940 (AKAMAI-ASN1)
7 13.225.78.26 16509 (AMAZON-02)
68 18.66.112.55 16509 (AMAZON-02)
4 152.195.15.58 15133 (EDGECAST)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 52.202.186.11 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 37.252.172.123 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 108.138.17.53 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.85 16509 (AMAZON-02)
1 18.66.122.57 16509 (AMAZON-02)
1 54.77.174.140 16509 (AMAZON-02)
8 151.101.130.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
12 34.193.113.164 14618 (AMAZON-AES)
1 2a04:4e42:8d:... 54113 (FASTLY)
210 36
42    2a04:4e42:8d::765 (United States)

ASN54113 (FASTLY, US)
blogs.infoblox.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    23.185.0.2 (United States)

ASN54113 (FASTLY, US)
live-infoblox-blog.pantheonsite.io
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    18.158.110.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
epsilon.6sense.com
5    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
4    2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
visitor.reactful.com
tracking.reactful.com
10    23.53.42.251 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-251.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
7    13.225.78.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-26.fra2.r.cloudfront.net
consent.trustarc.com
68    18.66.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-55.fra56.r.cloudfront.net
js.driftt.com
4    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
2    2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    52.202.186.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-186-11.compute-1.amazonaws.com
lltrck.com
1    2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
1    2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
1    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:20eb:2600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    108.138.17.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-53.fra56.r.cloudfront.net
epsilon-cloudfront.6sense.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.66.97.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-85.fra56.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
1    54.77.174.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-174-140.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
8    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
12    34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com
bootstrap.api.drift.com
metrics.api.drift.com
event.api.drift.com
targeting.api.drift.com
flow.api.drift.com
1    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
driftt.imgix.net
Apex Domain
Subdomains		 Transfer
68 driftt.com
js.driftt.com — Cisco Umbrella Rank: 6723
771 KB
42 infoblox.com
blogs.infoblox.com
556 KB
12 drift.com
bootstrap.api.drift.com — Cisco Umbrella Rank: 7955
metrics.api.drift.com — Cisco Umbrella Rank: 7828
event.api.drift.com — Cisco Umbrella Rank: 8605
targeting.api.drift.com — Cisco Umbrella Rank: 8275
flow.api.drift.com — Cisco Umbrella Rank: 13383
11 KB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 6369
c.6sc.co — Cisco Umbrella Rank: 9185
b.6sc.co — Cisco Umbrella Rank: 4176
13 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2357
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5243
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5234
tracking.crazyegg.com — Cisco Umbrella Rank: 4635
83 KB
8 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 535
25 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2896
97 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
6 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 10419
epsilon-cloudfront.6sense.com
2 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 614
p.typekit.net — Cisco Umbrella Rank: 795
140 KB
4 reactful.com
visitor.reactful.com — Cisco Umbrella Rank: 91286
tracking.reactful.com — Cisco Umbrella Rank: 109618
106 KB
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 17554
ibc-flow.techtarget.com — Cisco Umbrella Rank: 18818
2 KB
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 8631
26 KB
3 pantheonsite.io
live-infoblox-blog.pantheonsite.io
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
px4.ads.linkedin.com — Cisco Umbrella Rank: 6544
1 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
186 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
ajax.googleapis.com — Cisco Umbrella Rank: 433
32 KB
1 imgix.net
driftt.imgix.net — Cisco Umbrella Rank: 17735
9 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 331
408 B
1 google.de
www.google.de — Cisco Umbrella Rank: 4752
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
408 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031
373 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
351 B
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 14277
190 B
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 469
574 B
1 lltrck.com
lltrck.com — Cisco Umbrella Rank: 33442
0 cloudfront.net Failed
des8qu5llanad.cloudfront.net Failed
210 29
Domain Requested by
68 js.driftt.com blogs.infoblox.com
js.driftt.com
42 blogs.infoblox.com blogs.infoblox.com
8 js-agent.newrelic.com blogs.infoblox.com
8 b.6sc.co blogs.infoblox.com
7 consent.trustarc.com blogs.infoblox.com
consent.trustarc.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
blogs.infoblox.com
5 use.typekit.net blogs.infoblox.com
4 targeting.api.drift.com js.driftt.com
4 epsilon.6sense.com blogs.infoblox.com
3 cdn.bizible.com www.googletagmanager.com
blogs.infoblox.com
cdn.bizible.com
3 visitor.reactful.com blogs.infoblox.com
cdn.bizible.com
3 live-infoblox-blog.pantheonsite.io blogs.infoblox.com
2 flow.api.drift.com js.driftt.com
2 event.api.drift.com js.driftt.com
2 metrics.api.drift.com js.driftt.com
2 bootstrap.api.drift.com js.driftt.com
2 epsilon-cloudfront.6sense.com cdn.bizible.com
2 ibc-flow.techtarget.com trk.techtarget.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googletagmanager.com blogs.infoblox.com
www.googletagmanager.com
2 cdn.jsdelivr.net blogs.infoblox.com
1 driftt.imgix.net
1 bam.nr-data.net cdn.bizible.com
1 tracking.reactful.com cdn.bizible.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 www.google.de blogs.infoblox.com
1 www.google.com blogs.infoblox.com
1 px4.ads.linkedin.com blogs.infoblox.com
1 px.ads.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io cdn.bizible.com
1 stats.g.doubleclick.net cdn.bizible.com
1 cdn.bizibly.com blogs.infoblox.com
1 c.6sc.co j.6sc.co
1 secure.adnxs.com j.6sc.co
1 region1.google-analytics.com www.googletagmanager.com
1 p.typekit.net blogs.infoblox.com
1 trk.techtarget.com blogs.infoblox.com
1 lltrck.com blogs.infoblox.com
1 j.6sc.co blogs.infoblox.com
1 ajax.googleapis.com blogs.infoblox.com
1 fonts.googleapis.com blogs.infoblox.com
0 des8qu5llanad.cloudfront.net Failed blogs.infoblox.com
210 45
Subject Issuer Validity Valid
blogs.infoblox.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
pantheonsite.io
Sectigo RSA Organization Validation Secure Server CA		 2023-06-06 -
2024-07-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.6sense.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-09 -
2024-03-08		 a year crt.sh
*.reactful.com
Go Daddy Secure Certificate Authority - G2		 2023-05-09 -
2024-06-09		 a year crt.sh
6sc.co
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
drift.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-09-21		 7 months crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-01 -
2024-07-01		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
lltrck.com
Go Daddy Secure Certificate Authority - G2		 2022-07-25 -
2023-08-26		 a year crt.sh
ibc-flow.techtarget.com
GTS CA 1D4		 2023-05-30 -
2023-08-28		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh

This page contains 5 frames:

Primary Page: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Frame ID: 19F8A964F2DC795F862F53EC0C444982
Requests: 121 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=infoblox.com
Frame ID: 06ED50DBE9BEAAD1859764EC13395E97
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0042/5835/sampling/blogs.infoblox.com.json?t=469245
Frame ID: D7FA2BD87FFFD90CC7581CFED01C27DD
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Frame ID: 776DF740B027BE148B44C91BE04D9E80
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Frame ID: B16DDA51E22EC9BCF8D0457E86FFFF5F
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Complete List of Log4j Indicators of Compromise (IOC) to Date | Infoblox

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

210
Requests

97 %
HTTPS

53 %
IPv6

29
Domains

45
Subdomains

36
IPs

4
Countries

2098 kB
Transfer

5660 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&e_ipv6=AQK3xgtkDmq80gAAAYlROMhNFfmQMTPTsjw0LqxNM5d00qN_Evh8C8Zx_hdLCjGxXIumWgI

210 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/ 		256 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6649c0813396097d5f49f416055ce6d104b260f8d9ce9f70ee300703c1cb797
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.jsdelivr.net *.infoblox.com *.pantheonsite.io *.infoblox.local *.vimeo.com *.addthis.com *.typekit.net *.driftt.com *.drift.com *.google-analytics.com *.eloqua.com *.nr-data.net *.doubleclick.net *.linkedin.com *.vidyard.com *.google.com *.captivate.fm *.soundcloud.com *.youtube.com *.6sense.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.pathfactory.com *.mktoresp.com *.google.co.in *.adnxs.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ *.use.fontawesome *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com cdn.bizible.com cdn.linkedin.oribi.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: filesystem: *.google.com *.addthis.com *.addthisedge.com *.moatads.com *.cookielaw.org *.driftt.com *.bidr.io *.cloudfront.net *.bing.com *.linkedin.com *.licdn.com *.typekit.net *.googletagmanager.com js.driftt.com *.googleadservices.com *.doubleclick.net *.google-analytics.com *.newrelic.com *.nr-data.net *.vidyard.com *.captivate.fm *.soundcloud.com https://cdnjs.cloudflare.com *.jobvite.com *.jsdelivr.net *.infoblox.com *.lltrck.com lltrck.com https://lltrck.com https://ajax.googleapis.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.adnxs.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.google.com *.googleapis.com *.typekit.net *.gstatic.com *.googleusercontent.com https://info.infoblox.com/js/forms2/css/ *.jsdelivr.net *.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.bootstrapcdn.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.trustarc.com; img-src 'self' https: data: *.jsdelivr.net *.infoblox.com https://infoblox.com *.bing.com *.adsymptotic.com *.googleusercontent.com *.gstatic.com *.pantheonsite.io *.infoblox.local *.linkedin.com *.drift.com *.eloqua.com *.typekit.net *.google-analytics.com *.google.com *.doubleclick.net *.gravatar.com https://play.vidyard.com https://cdn.vidyard.com https://i.ytimg.com *.vimeocdn.com https://share.vidyard.com/ *.googletagmanager.com https://lltrck.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com *.google.co.in *.snaproute.com snaproute.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io ; font-src 'self' https: data: filesystem: use.typekit.net *.use.fontawesome.com; media-src 'self' mediastream: blob: filesystem: *.driftqa.com *.kaltura.com *.js.driftt.com https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3; frame-ancestors 'self' https: data: http://*.jsdelivr.net *.infoblox.com https://*.jsdelivr.net *.infoblox.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ http://infoblox.litmos.com/ https://infoblox.mindtickle.com/ https://infobloxpartners.mindtickle.com/ https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; frame-src 'self' https://www.youtube-nocookie.com https://play.vidyard.com https://www.google.com *.youtube.com *.vimeo.com https://w.soundcloud.com/ https://player.captivate.fm/ jobs.jobvite.com info.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com https://js.driftt.com/ https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3 *.js.driftt.com cdn.bizible.com cdn.linkedin.oribi.io
Strict-Transport-Security max-age=300
X-Content-Type-Options
X-Frame-Options allow-from <URI>
X-Xss-Protection

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=600
content-encoding
gzip
content-length
48093
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.jsdelivr.net *.infoblox.com *.pantheonsite.io *.infoblox.local *.vimeo.com *.addthis.com *.typekit.net *.driftt.com *.drift.com *.google-analytics.com *.eloqua.com *.nr-data.net *.doubleclick.net *.linkedin.com *.vidyard.com *.google.com *.captivate.fm *.soundcloud.com *.youtube.com *.6sense.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.pathfactory.com *.mktoresp.com *.google.co.in *.adnxs.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ *.use.fontawesome *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com cdn.bizible.com cdn.linkedin.oribi.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: filesystem: *.google.com *.addthis.com *.addthisedge.com *.moatads.com *.cookielaw.org *.driftt.com *.bidr.io *.cloudfront.net *.bing.com *.linkedin.com *.licdn.com *.typekit.net *.googletagmanager.com js.driftt.com *.googleadservices.com *.doubleclick.net *.google-analytics.com *.newrelic.com *.nr-data.net *.vidyard.com *.captivate.fm *.soundcloud.com https://cdnjs.cloudflare.com *.jobvite.com *.jsdelivr.net *.infoblox.com *.lltrck.com lltrck.com https://lltrck.com https://ajax.googleapis.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.adnxs.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.google.com *.googleapis.com *.typekit.net *.gstatic.com *.googleusercontent.com https://info.infoblox.com/js/forms2/css/ *.jsdelivr.net *.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.bootstrapcdn.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.trustarc.com; img-src 'self' https: data: *.jsdelivr.net *.infoblox.com https://infoblox.com *.bing.com *.adsymptotic.com *.googleusercontent.com *.gstatic.com *.pantheonsite.io *.infoblox.local *.linkedin.com *.drift.com *.eloqua.com *.typekit.net *.google-analytics.com *.google.com *.doubleclick.net *.gravatar.com https://play.vidyard.com https://cdn.vidyard.com https://i.ytimg.com *.vimeocdn.com https://share.vidyard.com/ *.googletagmanager.com https://lltrck.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com *.google.co.in *.snaproute.com snaproute.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io ; font-src 'self' https: data: filesystem: use.typekit.net *.use.fontawesome.com; media-src 'self' mediastream: blob: filesystem: *.driftqa.com *.kaltura.com *.js.driftt.com https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3; frame-ancestors 'self' https: data: http://*.jsdelivr.net *.infoblox.com https://*.jsdelivr.net *.infoblox.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ http://infoblox.litmos.com/ https://infoblox.mindtickle.com/ https://infobloxpartners.mindtickle.com/ https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; frame-src 'self' https://www.youtube-nocookie.com https://play.vidyard.com https://www.google.com *.youtube.com *.vimeo.com https://w.soundcloud.com/ https://player.captivate.fm/ jobs.jobvite.com info.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com https://js.driftt.com/ https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3 *.js.driftt.com cdn.bizible.com cdn.linkedin.oribi.io
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 21:47:01 GMT
link
<https://blogs.infoblox.com/wp-json/>; rel="https://api.w.org/" <https://blogs.infoblox.com/wp-json/wp/v2/posts/7375>; rel="alternate"; type="application/json" <https://blogs.infoblox.com/?p=7375>; rel=shortlink
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding, Cookie, Cookie
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
x-frame-options
allow-from <URI>
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-n5wh9
x-served-by
cache-chi-klot8100142-CHI, cache-fra-etou8220034-FRA, cache-fra-eddf8230109-FRA
x-styx-req-id
cc2d674e-21c6-11ee-a81e-2ac443a33091
x-timer
S1689284821.720291,VS0,VE955
x-xss-protection
wp-emoji-release.min.js
blogs.infoblox.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
4, 104, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184946
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-qmc4p
content-length
5842
x-served-by
cache-chi-klot8100072-CHI, cache-fra-eddf8230124-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.766493,VS0,VE2
etag
W/"64ad9e14-4904"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
30c2d084-2018-11ee-a85b-aa2b4b163e62
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
style.css
blogs.infoblox.com/wp-content/themes/infoblox-blog/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/style.css?ver=2.10.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
526d676a40f3d7b45aa46213e63602a7ea7e2906505a99df3bd593c94e94e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 315, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-kr2mw
content-length
8497
x-served-by
cache-chi-kigq8000050-CHI, cache-fra-etou8220052-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.766901,VS0,VE2
etag
W/"64ad9e14-7723"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30da350f-2018-11ee-8af1-765f0a262401
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
style.min.css
blogs.infoblox.com/wp-includes/css/dist/block-library/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 250, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-2wzr9
content-length
16404
x-served-by
cache-chi-klot8100171-CHI, cache-fra-eddf8230123-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.767116,VS0,VE2
etag
W/"64ad9e14-17ced"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30d96d54-2018-11ee-bee9-3e64610c1cba
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
classic-themes.min.css
blogs.infoblox.com/wp-includes/css/ 		291 B
443 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/css/classic-themes.min.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 248, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-qmc4p
content-length
211
x-served-by
cache-chi-kigq8000049-CHI, cache-fra-eddf8230110-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.767102,VS0,VE3
etag
W/"64ad9e14-123"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30d99214-2018-11ee-a85b-aa2b4b163e62
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
public.css
blogs.infoblox.com/wp-content/plugins/custom-related-posts/dist/ 		716 B
445 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/custom-related-posts/dist/public.css?ver=1.6.6
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
913eba8f73d4feff3ad28bb0eaab998afe9a90ad4df397b38da8f905a062a133
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 251, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-n5wh9
content-length
208
x-served-by
cache-chi-klot8100066-CHI, cache-fra-eddf8230082-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:15 GMT
server
nginx
x-timer
S1689284822.768071,VS0,VE2
etag
W/"64ad9e13-2cc"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30d9c281-2018-11ee-a59c-2ac443a33091
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
csbwfs.css
blogs.infoblox.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34988554893009eb1f64d49b96d6dd472699ad46e71557eab757bcfcecee4342
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 79, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-8dsl4
content-length
1727
x-served-by
cache-chi-kigq8000136-CHI, cache-fra-eddf8230035-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:15 GMT
server
nginx
x-timer
S1689284822.768049,VS0,VE3
etag
W/"64ad9e13-19c3"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30e320ae-2018-11ee-9e66-5e0a805aac42
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
jquery.ui.css
blogs.infoblox.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 246, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
4865
x-served-by
cache-chi-klot8100029-CHI, cache-fra-eddf8230077-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.772052,VS0,VE2
etag
W/"64ad9e14-5940"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30e68d8c-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
widget-options.css
blogs.infoblox.com/wp-content/plugins/widget-options/assets/css/ 		1 KB
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 311, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
292
x-served-by
cache-chi-kigq8000113-CHI, cache-fra-etou8220072-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.772444,VS0,VE3
etag
W/"64ad9e14-416"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30fb5cf5-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
wp-ulike.min.css
blogs.infoblox.com/wp-content/plugins/wp-ulike/assets/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.6.4
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2f997d3abc6d5c182b7826ea43636c26196a2a42273c875096cb1ad62f6c7e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 245, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-kr2mw
content-length
4849
x-served-by
cache-chi-klot8100148-CHI, cache-fra-eddf8230066-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.772431,VS0,VE2
etag
W/"64ad9e14-6840"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30fc44f3-2018-11ee-8af1-765f0a262401
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C700&ver=2.10.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
926eccb79b21d631b8f6b7924395e71270aae4b56ebb1f102691e34bedd40a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jul 2023 21:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 21:47:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jul 2023 21:47:01 GMT
dashicons.min.css
blogs.infoblox.com/wp-includes/css/ 		58 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/css/dashicons.min.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 315, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-7sp7p
content-length
36701
x-served-by
cache-chi-klot8100111-CHI, cache-fra-etou8220047-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.772415,VS0,VE2
etag
W/"64ad9e14-e688"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30fc434a-2018-11ee-b026-7a9cdb1b0df9
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
front-end.css
blogs.infoblox.com/wp-content/themes/infoblox-blog/lib/gutenberg/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/lib/gutenberg/front-end.css?ver=2.10.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47bb48dbb60985f6c3925bcf32c14d6c586edcad7b629b9c97fe3705d1660279
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 247, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
2205
x-served-by
cache-chi-kigq8000150-CHI, cache-fra-eddf8230032-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.806387,VS0,VE3
etag
W/"64ad9e14-23d0"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
30fea369-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
jquery.sidr.dark.min.css
cdn.jsdelivr.net/jquery.sidr/2.2.1/stylesheets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.sidr/2.2.1/stylesheets/jquery.sidr.dark.min.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
780929714861ca223c2893799ec20e113d5cd9d3dcae15be3aca5db440ea1db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 21:47:01 GMT
age
844948
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1401
x-served-by
cache-fra-eddf8230069-FRA
etag
W/"ddb-6HgE8UA45Z+BAXCB3SXpxOmIsUw"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
infoblox-custom.css
blogs.infoblox.com/wp-content/themes/infoblox-blog/ 		59 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b691b68ce2b648677ff1bb637d09e0a0005ecbc2ef054f1c3b118e96a3debf5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 164, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-7sp7p
content-length
15037
x-served-by
cache-chi-kigq8000130-CHI, cache-fra-eddf8230030-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.805986,VS0,VE2
etag
W/"64ad9e14-eaa7"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
3105c45b-2018-11ee-b026-7a9cdb1b0df9
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
slider-hp.css
blogs.infoblox.com/wp-content/themes/infoblox-blog/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/slider-hp.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0ff37ec6455fc98cf29d6e3d6a6117c260e2623f9f8238519a6570b7081daaf
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 315, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-49qms
content-length
881
x-served-by
cache-chi-klot8100114-CHI, cache-fra-etou8220027-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.806435,VS0,VE3
etag
W/"64ad9e14-975"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
310901ac-2018-11ee-bec3-865413d40f7c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:36 GMT
lity.min.css
blogs.infoblox.com/wp-content/themes/infoblox-blog/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/lity.min.css
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
708ac71ed8728392391eb1d7c3fdb816dedb96bfcd4a1ab9238647623b9528c6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 246, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-49qms
content-length
1197
x-served-by
cache-chi-klot8100047-CHI, cache-fra-eddf8230108-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.806402,VS0,VE2
etag
W/"64ad9e14-f11"
vary
Accept-Encoding
content-type
text/css
x-styx-req-id
3120b5fc-2018-11ee-bec3-865413d40f7c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
jquery.min.js
blogs.infoblox.com/wp-includes/js/jquery/ 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 250, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-xsfvg
content-length
36154
x-served-by
cache-chi-kigq8000054-CHI, cache-fra-eddf8230098-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.805936,VS0,VE3
etag
W/"64ad9e14-15ed7"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
311f68a5-2018-11ee-81a8-0ed86ea0387c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
jquery-migrate.min.js
blogs.infoblox.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 249, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-49qms
content-length
5262
x-served-by
cache-chi-kigq8000117-CHI, cache-fra-eddf8230048-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.805899,VS0,VE2
etag
W/"64ad9e14-3470"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
3120be4f-2018-11ee-bec3-865413d40f7c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
settings.js
blogs.infoblox.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77dfd44bcef56675f5716a9c5585aeeea6f527bf1d0c6623eb8f60a9ea43045e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 39, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-n5wh9
content-length
3807
x-served-by
cache-chi-klot8100034-CHI, cache-fra-etou8220086-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:18 GMT
server
nginx
x-timer
S1689284822.805898,VS0,VE4
etag
W/"64ad9e16-3dae"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
312ca167-2018-11ee-a59c-2ac443a33091
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jul 2024 20:17:33 GMT
infoblox-logo-2.svg
blogs.infoblox.com/wp-content/uploads/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/infoblox-logo-2.svg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e532f2001bd715ac2458b017f00e83297416f11297bb68a50d13e84f497b16b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
1, 19, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6f854dbb8b-988gp
content-length
2265
x-served-by
cache-chi-klot8100059-CHI, cache-fra-etou8220071-FRA, cache-fra-eddf8230109-FRA
last-modified
Fri, 14 Apr 2023 17:11:47 GMT
server
nginx
x-timer
S1689284822.946028,VS0,VE3
etag
W/"64398953-1558"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
6c4a2561-0458-11ee-a69d-9660c56b88be
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 06 Jun 2024 10:53:51 GMT
search.png
blogs.infoblox.com/wp-content/uploads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/search.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f27ff5fc0da5cefdc57dd9e79a91efdd46903e83bd6c86643aafd686430ffb0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-7db7b86cf-n6z5v
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184944
x-cache
HIT, HIT, MISS, MISS
expires
Sun, 23 Jun 2024 02:44:11 GMT
content-length
1228
x-served-by
cache-chi-klot8100114-CHI, cache-ams21059-AMS, cache-ams12737-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.946754,VS0,VE13
etag
"5dfb699b-4cc"
content-type
image/png
x-styx-req-id
d54905e5-116f-11ee-8974-8696ded5d644
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 21, 0, 0
category-cyber-campaign-brief.svg
blogs.infoblox.com/wp-content/uploads/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/category-cyber-campaign-brief.svg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5df5e8a29e365d5d26d39b742710c2debd1a910b19a89fda1f965385d7f2f17a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
1, 1, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
167709
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-nnltr
content-length
2248
x-served-by
cache-chi-kigq8000152-CHI, cache-fra-etou8220091-FRA, cache-fra-eddf8230109-FRA
last-modified
Wed, 04 Aug 2021 22:55:59 GMT
server
nginx
x-timer
S1689284822.944879,VS0,VE6
etag
W/"610b1aff-1bd9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
2c3d8393-1bac-11ee-8eb6-c234aa8ee8e6
cache-control
max-age=31622400
accept-ranges
bytes
expires
Sat, 06 Jul 2024 03:21:18 GMT
FB.svg
live-infoblox-blog.pantheonsite.io/wp-content/uploads/ 		446 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-infoblox-blog.pantheonsite.io/wp-content/uploads/FB.svg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.185.0.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cddede585f1ce388062b874c8ed32e1bbe2a0ffa258e85ff334ec7d1b673200f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 13 Jun 2024 15:30:22 GMT
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184874
x-cache
HIT, HIT
x-pantheon-styx-hostname
styx-fe2-b-5f5d6bf89f-v8t7n
content-length
328
x-served-by
cache-chi-kigq8000177-CHI, cache-fra-eddf8230031-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.362724,VS0,VE2
etag
W/"5dfb699b-1be"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
360f5860-09ff-11ee-be30-3eabf4fc94b2
cache-control
max-age=31622400
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 1
TW.svg
live-infoblox-blog.pantheonsite.io/wp-content/uploads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-infoblox-blog.pantheonsite.io/wp-content/uploads/TW.svg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.185.0.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce6c568bcf951e8d9abeb0858e492c3b41c769b190fbfe5cfe5fd76932008ef0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 13 Jun 2024 10:05:59 GMT
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184874
x-cache
HIT, HIT
x-pantheon-styx-hostname
styx-fe2-b-5f5d6bf89f-htkxt
content-length
653
x-served-by
cache-chi-kigq8000143-CHI, cache-fra-eddf8230031-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.362745,VS0,VE2
etag
W/"5dfb699b-46c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
e58ab681-09d1-11ee-9ee8-e6fcbac67db7
cache-control
max-age=31622400
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
1, 1
LI.svg
live-infoblox-blog.pantheonsite.io/wp-content/uploads/ 		604 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live-infoblox-blog.pantheonsite.io/wp-content/uploads/LI.svg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.185.0.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
868503219c7ca2afd9cab62a466011d4e99684a725dd287e55b1b57fbe78febd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jun 2024 16:39:59 GMT
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184874
x-cache
HIT, HIT
x-pantheon-styx-hostname
styx-fe2-b-85879b7d89-w6hvk
content-length
406
x-served-by
cache-chi-klot8100114-CHI, cache-fra-eddf8230031-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.362822,VS0,VE27
etag
W/"5dfb699b-25c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
1bc601cf-061b-11ee-8d02-1639e758c122
cache-control
max-age=31622400
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
2, 1
avatar_user_290_1645745085.png
blogs.infoblox.com/wp-content/uploads/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/avatar_user_290_1645745085.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f826be9a2bdd52bec6a2688bd18becc4ec823f9cb77debcbc8eda105dac83ef
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-8854d7986-zx6wp
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
179866
x-cache
MISS, HIT, MISS, MISS
expires
Mon, 08 Jul 2024 04:53:29 GMT
content-length
22035
x-served-by
cache-chi-kigq8000142-CHI, cache-ams21033-AMS, cache-ams21054-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 24 Feb 2022 23:24:45 GMT
server
nginx
x-timer
S1689284822.944877,VS0,VE21
etag
"621813bd-5613"
content-type
image/png
x-styx-req-id
6194a2c4-1d4b-11ee-811b-d23409cc7221
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 1, 0, 0
infoblox-blog-promo-cyber-threat-report-q4-2022.jpg
blogs.infoblox.com/wp-content/uploads/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/infoblox-blog-promo-cyber-threat-report-q4-2022.jpg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a5dffe58ffe8be12c8da54d26b190ef6722f90318b0be0e3ccf0ce43443e002
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-8854d7986-97svt
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
180017
x-cache
MISS, HIT, MISS, MISS
expires
Sat, 06 Jul 2024 13:08:57 GMT
content-length
33614
x-served-by
cache-chi-klot8100092-CHI, cache-ams21024-AMS, cache-ams12723-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 23 Feb 2023 10:24:10 GMT
server
nginx
x-timer
S1689284822.945670,VS0,VE14
etag
"63f73eca-834e"
content-type
image/jpeg
x-styx-req-id
440ab964-1bfe-11ee-ac86-92cd60693b15
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 1, 0, 0
arrow_link.jpg
blogs.infoblox.com/wp-content/uploads/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/arrow_link.jpg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0ef668120a2df876d90bbe0667a69db1e27b958aced171feb3d391b17bfde11
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-7db7b86cf-p477r
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184944
x-cache
HIT, HIT, MISS, MISS
expires
Thu, 27 Jun 2024 15:39:36 GMT
content-length
24252
x-served-by
cache-chi-kigq8000048-CHI, cache-ams21067-AMS, cache-ams12771-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.945438,VS0,VE14
etag
"5dfb699b-5ebc"
content-type
image/jpeg
x-styx-req-id
d1f1c7cf-1500-11ee-be69-5aad695b1fb4
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 2, 0, 0
slider-hp.js
blogs.infoblox.com/wp-content/themes/genesis-sample/ 		116 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/genesis-sample/slider-hp.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b663370b2ecf34db611eaba1d1064a9c0f08f8047c18c59f5ffd16caf58ef6b7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
3, 28, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
34566
x-served-by
cache-chi-klot8100144-CHI, cache-fra-eddf8230054-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.919321,VS0,VE2
etag
W/"64ad9e14-1cfb8"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
312c84bc-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
social-facebook-1.png
blogs.infoblox.com/wp-content/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/social-facebook-1.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ae44b29a07f543b7a144557b1bd07d18d2bb506283eb34c4decf6af582adfef
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-7db7b86cf-5cch2
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184943
x-cache
MISS, HIT, MISS, MISS
expires
Thu, 04 Jul 2024 15:12:27 GMT
content-length
2199
x-served-by
cache-chi-kigq8000060-CHI, cache-ams21039-AMS, cache-ams21066-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 22 Jul 2021 16:51:57 GMT
server
nginx
x-timer
S1689284822.945302,VS0,VE19
etag
"60f9a22d-897"
content-type
image/png
x-styx-req-id
2fd03556-1a7d-11ee-8e4c-16b81addd79c
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 1287, 0, 0
social-twitter-2.png
blogs.infoblox.com/wp-content/uploads/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/social-twitter-2.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ea04b8b3bd61287ef6d9241dab1b94924accc38651f973f9897828b4f60e738
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-7b645b554f-dgbk9
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184943
x-cache
HIT, HIT, MISS, MISS
expires
Thu, 27 Jun 2024 15:39:36 GMT
content-length
3648
x-served-by
cache-chi-klot8100165-CHI, cache-ams21040-AMS, cache-ams12779-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 22 Jul 2021 16:51:59 GMT
server
nginx
x-timer
S1689284822.945293,VS0,VE31
etag
"60f9a22f-e40"
content-type
image/png
x-styx-req-id
d1f0d575-1500-11ee-997d-66d03e7e3093
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 42, 0, 0
social-youtube.png
blogs.infoblox.com/wp-content/uploads/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/social-youtube.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
746f92201abc63d71f4bf1a7271eba568c0710b2677379826bdcd943faeecc2c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-6df556c945-6gvjl
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184943
x-cache
HIT, HIT, MISS, MISS
expires
Mon, 17 Jun 2024 00:22:55 GMT
content-length
3443
x-served-by
cache-chi-kigq8000054-CHI, cache-ams21021-AMS, cache-ams21050-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 22 Jul 2021 16:51:59 GMT
server
nginx
x-timer
S1689284822.945042,VS0,VE12
etag
"60f9a22f-d73"
content-type
image/png
x-styx-req-id
1ab8a8b9-0ca5-11ee-b9b2-228a1e39125d
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1300, 0, 0
social-linked-in.png
blogs.infoblox.com/wp-content/uploads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/social-linked-in.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81584aa37e1b82faaea55445c87f2c3c29abff2f3b0937435d5ae08646425bb0
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-7db7b86cf-d5nxv
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184943
x-cache
MISS, HIT, MISS, MISS
expires
Thu, 27 Jun 2024 00:31:34 GMT
content-length
2674
x-served-by
cache-chi-kigq8000114-CHI, cache-ams21048-AMS, cache-ams12768-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 22 Jul 2021 16:51:58 GMT
server
nginx
x-timer
S1689284822.944924,VS0,VE10
etag
"60f9a22e-a72"
content-type
image/png
x-styx-req-id
f86ffcb4-1481-11ee-bca6-b2b75ded1bde
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 1300, 0, 0
wp-ulike.min.js
blogs.infoblox.com/wp-content/plugins/wp-ulike/assets/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.6.4
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b53e5f3408771e8cf79666bc1466cd55c0314d4191ce9c2f7a75dfc20aa57589
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
6, 312, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184944
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-49qms
content-length
5113
x-served-by
cache-chi-kigq8000071-CHI, cache-fra-etou8220038-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.941165,VS0,VE5
etag
W/"64ad9e14-3d5e"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
312cb5c2-2018-11ee-bec3-865413d40f7c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
hoverIntent.min.js
blogs.infoblox.com/wp-includes/js/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 312, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184944
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-8dsl4
content-length
721
x-served-by
cache-chi-klot8100030-CHI, cache-fra-etou8220046-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.943241,VS0,VE3
etag
W/"64ad9e14-5db"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
3144e48b-2018-11ee-9e66-5e0a805aac42
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
superfish.min.js
blogs.infoblox.com/wp-content/themes/genesis/lib/js/menu/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 312, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184944
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-7sp7p
content-length
2000
x-served-by
cache-chi-kigq8000144-CHI, cache-fra-etou8220072-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.943445,VS0,VE2
etag
W/"64ad9e14-1193"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
31434b01-2018-11ee-b026-7a9cdb1b0df9
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
superfish.args.min.js
blogs.infoblox.com/wp-content/themes/genesis/lib/js/menu/ 		132 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.4.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 198, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-49qms
content-length
132
x-served-by
cache-chi-klot8100077-CHI, cache-fra-eddf8230133-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.943874,VS0,VE2
etag
W/"64ad9e14-84"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
314c34e6-2018-11ee-bec3-865413d40f7c
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
skip-links.min.js
blogs.infoblox.com/wp-content/themes/genesis/lib/js/ 		386 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.4.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 162, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-qmc4p
content-length
252
x-served-by
cache-chi-klot8100134-CHI, cache-fra-eddf8230121-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.944330,VS0,VE2
etag
W/"64ad9e14-182"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
314dede9-2018-11ee-a85b-aa2b4b163e62
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
responsive-menus.min.js
blogs.infoblox.com/wp-content/themes/infoblox-blog/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/js/responsive-menus.min.js?ver=2.10.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 246, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
1527
x-served-by
cache-chi-klot8100156-CHI, cache-fra-eddf8230061-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.944349,VS0,VE3
etag
W/"64ad9e14-e64"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
31520594-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
genesis-sample.js
blogs.infoblox.com/wp-content/themes/infoblox-blog/js/ 		1 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/js/genesis-sample.js?ver=2.10.0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1c4a7fc8d5baa9d1b5e4d8c55c3229442dbf98430024e9b008cd3cd99c72fbb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 242, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-8j4fz
content-length
637
x-served-by
cache-chi-klot8100114-CHI, cache-fra-eddf8230065-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.944693,VS0,VE2
etag
W/"64ad9e14-4e1"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
3159764d-2018-11ee-8065-0655140b32b2
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
lity.min.js
blogs.infoblox.com/wp-content/themes/infoblox-blog/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/js/lity.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
576e529ab8a4f6521f8aff687e04e47ca0e165585dfe6b82d1758fd99ff03336
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
5, 160, 0
strict-transport-security
max-age=300
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184945
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-b-6bb44578-2wzr9
content-length
3184
x-served-by
cache-chi-kigq8000140-CHI, cache-fra-eddf8230028-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.944441,VS0,VE44
etag
W/"64ad9e14-1c1a"
vary
Accept-Encoding
content-type
application/x-javascript
x-styx-req-id
316615aa-2018-11ee-bee9-3e64610c1cba
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:37 GMT
jquery.sidr.min.js
cdn.jsdelivr.net/jquery.sidr/2.2.1/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.sidr/2.2.1/jquery.sidr.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 21:47:01 GMT
age
2408841
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2765
x-served-by
cache-fra-eddf8230069-FRA
etag
W/"1b7a-V8NZ9CJQc1jNZn9BGb1UCGoehC0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		306 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a8557df2a0828ad5ae25a6fbc74f60ea9e2e47122bcbb432675e4684cf30cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100311
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jul 2023 21:47:02 GMT
wks0kwv.js
use.typekit.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wks0kwv.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d43c60fba3f2e7d415f0ca36e8393741a49416d4a3fed260cc51c28368e699a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6740
ciu-banner.jpg
blogs.infoblox.com/wp-content/uploads/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/ciu-banner.jpg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
945c284f98ebab78bcdccb6711ebc2340756345a312a8fcad4da1871505029bf
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-5595496464-zv94k
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
182736
x-cache
HIT, HIT, MISS, MISS
expires
Sat, 15 Jun 2024 07:40:45 GMT
content-length
138471
x-served-by
cache-chi-klot8100088-CHI, cache-ams21061-AMS, cache-ams21042-AMS, cache-fra-eddf8230109-FRA
last-modified
Wed, 04 Aug 2021 22:59:25 GMT
server
nginx
x-timer
S1689284822.976940,VS0,VE37
etag
"610b1bcd-21ce7"
content-type
image/jpeg
x-styx-req-id
f0607011-0b4f-11ee-80db-86d2bbad664a
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1, 0, 0
ProximaNova-Semibold.woff
blogs.infoblox.com/wp-content/themes/infoblox-blog/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/fonts/ProximaNova-Semibold.woff
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16cce560fa71db9564d2563c6fde2d1fa9b7a25e1e3e4f9532ff3a675ac2b0c4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
6, 6, 0
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:01 GMT
age
184943
x-cache
HIT, HIT, MISS
x-pantheon-styx-hostname
styx-fe1-a-8854d7986-7sp7p
content-length
24600
x-served-by
cache-chi-kigq8000122-CHI, cache-fra-etou8220100-FRA, cache-fra-eddf8230109-FRA
last-modified
Tue, 11 Jul 2023 18:23:16 GMT
server
nginx
x-timer
S1689284822.995816,VS0,VE2
etag
"64ad9e14-6018"
content-type
font/woff
access-control-allow-origin
*
x-styx-req-id
325654a5-2018-11ee-b026-7a9cdb1b0df9
cache-control
max-age=31622400
accept-ranges
bytes
expires
Thu, 11 Jul 2024 18:24:39 GMT
icon-kudo.png
blogs.infoblox.com/wp-content/uploads/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/icon-kudo.png
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
658414418ebba65bb3d94f37b93ce4245b29d3b900897c923eeffd56ace0d381
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-76d97c5bc4-ln7bm
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184866
x-cache
HIT, HIT, MISS, MISS
expires
Thu, 06 Jun 2024 17:54:57 GMT
content-length
3483
x-served-by
cache-chi-klot8100023-CHI, cache-ams21025-AMS, cache-ams12781-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.127974,VS0,VE16
etag
"5dfb699b-d9b"
content-type
image/png
x-styx-req-id
3fb255ac-0493-11ee-a2dc-1ec4b6b52dde
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 19, 0, 0
search_icon.jpg
blogs.infoblox.com/wp-content/uploads/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/search_icon.jpg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d80f9badc08b8777ce9133f8bfa898576eaac335a195355a410f34e83c26311d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-7b645b554f-vrj66
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184868
x-cache
HIT, HIT, MISS, MISS
expires
Sat, 22 Jun 2024 02:28:33 GMT
content-length
24824
x-served-by
cache-chi-klot8100092-CHI, cache-ams21025-AMS, cache-ams12775-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1689284822.129132,VS0,VE19
etag
"5dfb699b-60f8"
content-type
image/jpeg
x-styx-req-id
7bc686c3-10a4-11ee-bf2c-4ab248b0c70a
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 16, 0, 0
arrow_down.jpg
blogs.infoblox.com/wp-content/uploads/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.infoblox.com/wp-content/uploads/arrow_down.jpg
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ddef9b3daec625719558594a045592a53c1b4b1e3c1360fa9e985a075b928c7a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blogs.infoblox.com/wp-content/themes/infoblox-blog/infoblox-custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-7db7b86cf-99wl9
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 13 Jul 2023 21:47:02 GMT
age
184866
x-cache
MISS, HIT, MISS, MISS
expires
Thu, 04 Jul 2024 12:21:48 GMT
content-length
25176
x-served-by
cache-chi-kigq8000168-CHI, cache-ams21042-AMS, cache-ams21083-AMS, cache-fra-eddf8230109-FRA
last-modified
Thu, 22 Jul 2021 16:29:28 GMT
server
nginx
x-timer
S1689284822.129825,VS0,VE15
etag
"60f99ce8-6258"
content-type
image/jpeg
x-styx-req-id
58f736a6-1a65-11ee-b9b4-0e35167f7bb8
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
0, 907, 0, 0
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
etag
"7419d3e31dff61919238b7104d975fb9f66eb724"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35128
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
etag
"98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34380
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-forwarded-for
Access-Control-Request-Method
GET
Origin
https://blogs.infoblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-forwarded-for
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://blogs.infoblox.com
access-control-max-age
1800
date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Jul 2023 20:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4303
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 13 Jul 2023 22:35:19 GMT
5835.js
script.crazyegg.com/pages/scripts/0042/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0042/5835.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de56d33adf5dd4c396874042c2878637bb6b68ca76f54331646bde61f17a32d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3985
cf-polished
origSize=6063
ce-version
11.5.100
cf-bgj
minify
last-modified
Thu, 13 Jul 2023 20:40:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
7e64b8dd39054dc9-FRA
main.rtfl.js
visitor.reactful.com/dist/ 		273 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor.reactful.com/dist/main.rtfl.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4d71e28edcd31a762462d68b69b58c84965188c5f19c64f9d55fe0520e33985d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:18:25 GMT
content-encoding
gzip
server
Google Frontend
age
178117
etag
"yotqXg"
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
35b548dd2722c3eb3382c5fe9bd31902
cache-control
public,public, max-age=432000
content-length
107826
expires
Sun, 16 Jul 2023 20:18:25 GMT
details
epsilon.6sense.com/v3/company/ 		726 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1c67ef1f94af13cc299f9143d69a95eb253555b0888fb6e08599b295de59847

Request headers

Referer
accept-language
de-DE,de;q=0.9
Authorization
Token 482f94f5ef8419c30131ca99e9837fa458cb3174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Forwarded-For
null
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://blogs.infoblox.com
access-control-allow-credentials
true
content-length
388
6si.min.js
j.6sc.co/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 00:01:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"623bb4eb-7b41"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
9853
expires
Thu, 13 Jul 2023 21:47:02 GMT
notice
consent.trustarc.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=infoblox.com&c=teconsent&js=nj&noticeType=bb&pcookie&gtm=1&text=true&language=en
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
021c286db194430940a06d70452b439863e85bdb35cd755a5c7507ebd7f3c38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
uKVtuI0T-Nb4ICykmQEqvUrYscNgg2I3eg4y5XpjpejtM-o-d3_JvA==
expires
Thu, 13 Jul 2023 22:47:02 GMT
42wt2pyhpc8v.js
js.driftt.com/include/1689285000000/ 		213 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1689285000000/42wt2pyhpc8v.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5eb019e359fbb25ee979392549a9b4218b5908dfab4856b8c79c10d78e7e80bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
yrthcx18fSw4JgfLpIuUeZPGC3LDaCmZ
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 13 Jul 2023 21:47:02 GMT
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
38
last-modified
Thu, 29 Jun 2023 19:06:59 GMT
server
istio-envoy
etag
W/"75bd77d2f62545286bbf96d0d5ff309e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
cLLsmJub467Xhn1ZkYZF18jD4nlt-zZfeolqQTcdk4fsKeexwcHQPg==
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F333) /
Resource Hash
7ad349f95df1a4ebdbb59f61db8b27d14fdb228dfb43849ae4f9039997f89160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Jul 2023 20:43:21 GMT
server
ECS (via/F333)
age
55230
etag
"a66e4b7f1b5d91:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25471
js
www.googletagmanager.com/gtag/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D4JXVXQTYG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9c360b205a6c1873b37e98ccb81b1c40cb06b01e0d8b2d3657382c4eced41a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89481
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Jul 2023 21:47:02 GMT
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-forwarded-for
Access-Control-Request-Method
GET
Origin
https://blogs.infoblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-forwarded-for
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://blogs.infoblox.com
access-control-max-age
1800
date
Thu, 13 Jul 2023 21:47:02 GMT
server
nginx
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F7RMF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a224dfc1e1af0259dd16f2fbc3033f2d43c30eb02ce760a3333d86c01dc1e942
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Jul 2023 13:42:35 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=57376
accept-ranges
bytes
content-length
491
lt-v3.js
lltrck.com/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lltrck.com/scripts/lt-v3.js?llid=10235
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.186.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-186-11.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
pix.js
des8qu5llanad.cloudfront.net/js/tracker/ 		0
0
details
epsilon.6sense.com/v3/company/ 		726 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.110.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-110-93.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
72b513696b20be52ebf90b45f9c4a26603040cbdf47f7c1066818374e1999dc2

Request headers

Referer
accept-language
de-DE,de;q=0.9
Authorization
Token 482f94f5ef8419c30131ca99e9837fa458cb3174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Forwarded-For
null
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://blogs.infoblox.com
access-control-allow-credentials
true
content-length
386
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
server
cloudflare
age
16680
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1200
cf-ray
7e64b8dd5dfe8fe2-FRA
expires
Thu, 13 Jul 2023 22:07:02 GMT
p.gif
p.typekit.net/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=wks0kwv&ht=tk&h=blogs.infoblox.com&f=139.140.175.176&a=6646607&js=1.21.0&app=typekit&e=js&_=1689284822591
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D4JXVXQTYG&gtm=45je37c0&_p=737372412&cid=1758246770.1689284823&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1689284822&sct=1&seg=0&dl=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&dt=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4JXVXQTYG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs.infoblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blogs.infoblox.com.json
script.crazyegg.com/pages/data-scripts/0042/5835/site/ 		171 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0042/5835/site/blogs.infoblox.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0042/5835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8496c14880dfce9254e5af1745ed45dcfbfb440bb0db0af0a3f6cd4e4ce3be18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
104371
ce-version
11.5.100
content-length
13595
last-modified
Wed, 12 Jul 2023 16:47:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64b8df2f09994b-FRA
get
consent.trustarc.com/ Frame 06ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=infoblox.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=infoblox.com&c=teconsent&js=nj&noticeType=bb&pcookie&gtm=1&text=true&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
479
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 13 Jul 2023 21:39:03 GMT
expires
Sat, 12 Aug 2023 21:39:03 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Origin
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-id
gvQ5MA9E_PbRTE5iiRHNeL4BCu54edpqtvS25HGoqgQ9XpoSCx193Q==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
v1.7-1894
consent.trustarc.com/asset/notice.js/v/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-1894
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=infoblox.com&c=teconsent&js=nj&noticeType=bb&pcookie&gtm=1&text=true&language=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
a757ff2d599debf54d686dbdef9b3086f6960f809f79a6ae212e92085cbf53c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:34:42 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
740
x-cache
Hit from cloudfront
pragma
public
last-modified
Wed, 12 Jul 2023 01:19:01 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
KDKD-utIarmFgwTDnbjlI8Xa2s7gh4bE3PbD5d4lbugrF4c-JyKwAw==
expires
Sat, 12 Aug 2023 21:34:42 GMT
log
consent.trustarc.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=infoblox.com&country=de&state=&behavior=implied&session=efee9f0c-8231-4610-8182-4cfc5f98727d&userType=NEW&c=50ec
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:02 GMT
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
vBMv9lt8lPHC4y2fnCrOl72DLM4TJkSe16JIUtDnVOhEsEZ7GiCbeQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=737372412&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&ul=en-us&de=UTF-8&dt=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1304051283&gjid=1406650275&cid=1758246770.1689284823&tid=UA-1234994-1&_gid=1186114541.1689284823&_r=1&_slc=1&gtm=45He37c0n61F7RMF&z=1070395352
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs.infoblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1253438&r=1689284822825&ref=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
1253438
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
via
1.1 google
x-guploader-uploadid
ADPycdtOPZBml42R_LWAknj0NMt4wHFJjh347hQnrnhkeXQTXhKaZLdaQA9wR_CRV_DgtRLQelWPUI5z_UcRng8rxvPmNQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Thu, 13 Jul 2023 22:47:03 GMT
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1253438&r=1689284822825&ref=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://blogs.infoblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 13 Jul 2023 21:47:03 GMT
expires
Thu, 13 Jul 2023 21:47:03 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ADPycduZO6_2MHl7mnAEVZ_vTx1tQAZneICXJF_0Uug4HhR28OERv_1WNvj-eESZh2gdHuFDXzfUzpeAxbsyRmamn387Xg
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:00:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=23733
accept-ranges
bytes
content-length
4807
getuidj
secure.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:03 GMT
an-x-request-uuid
bf5d3722-a7f6-41e3-b0b7-0a112e86e70f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://blogs.infoblox.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		7 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/?d=1
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://blogs.infoblox.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
ipv
cdn.bizible.com/m/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=324ef3d4d05945baabad41192eb63af6&_biz_s=14c87e&_biz_l=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&_biz_t=1689284822833&_biz_i=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&_biz_n=0&rnd=910170&cdn_o=a&_biz_z=1689284822835
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33F) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:02 GMT
last-modified
Sat, 08 Jul 2023 19:31:02 GMT
server
ECS (via/F33F)
age
440160
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
Image/GIF
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=324ef3d4d05945baabad41192eb63af6&_biz_s=14c87e&_biz_l=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&_biz_t=1689284822838&_biz_i=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&rnd=497401&cdn_o=a&_biz_z=1689284822839
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F333) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:02 GMT
last-modified
Sat, 08 Jul 2023 21:22:00 GMT
server
ECS (via/F333)
age
433502
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
Image/GIF
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1234994-1&cid=1758246770.1689284823&jid=1304051283&gjid=1406650275&_gid=1186114541.1689284823&_u=YCDACEAABAAAACAAI~&z=448088329
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Jul 2023 21:47:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blogs.infoblox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdc.js
cdn.bizible.com/ 		84 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=324ef3d4d05945baabad41192eb63af6&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.07.11
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F34A) /
Resource Hash
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
server
ECS (via/F34A)
etag
EFEDFBC3
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
186
token
cdn.linkedin.oribi.io/partner/32346/domain/blogs.infoblox.com/ 		36 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/32346/domain/blogs.infoblox.com/token
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:21:35 GMT
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1528
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
o2cFEJ-ECwkR1csct37atyeRcguTQMNBtM02ZABu4TZMfAlOrIZQmg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromis...
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&e_ipv6=AQK3xgtkDmq80gAAAYlROMhNFfmQMTPTsjw0LqxNM5d00qN_Evh8C8Zx_hdLCjGxXIumWgI
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9F15A0C0E9BB4C779343FEA612DA1C96 Ref B: FRAEDGE2012 Ref C: 2023-07-13T21:47:03Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAZUXTc4k+69XNQO3PEA==

Redirect headers

date
Thu, 13 Jul 2023 21:47:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A080C625594442FE96E24D9F78219175 Ref B: FRAEDGE1713 Ref C: 2023-07-13T21:47:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=32346&time=1689284822907&url=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&e_ipv6=AQK3xgtkDmq80gAAAYlROMhNFfmQMTPTsjw0LqxNM5d00qN_Evh8C8Zx_hdLCjGxXIumWgI
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAZUXOWB4QSfIVCtPPTw==
/
visitor.reactful.com/config/247745/ 		911 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://visitor.reactful.com/config/247745/?page=%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&hash=&referer=&user_id=&hshkgid=9e69a89e-d96c-4c81-ab01-ad42fe91d2af&cb_rtfl=_rtfl_jsonp_0
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3ee78e5545394c3859e04444ccd5c917f4595bfe124f224fde2f2399ecbb2225

Request headers

Referer
Six-Sense-Data
eyJjb21wYW55Ijp7ImRvbWFpbiI6IiIsIm5hbWUiOiIiLCJyZWdpb24iOiIiLCJjb3VudHJ5IjoiR2VybWFueSIsInN0YXRlIjoiQmVybGluIiwiY2l0eSI6IkJlcmxpbiIsImluZHVzdHJ5IjoiIiwiY291bnRyeV9pc29fY29kZSI6IkRFIiwiYWRkcmVzcyI6IiIsInppcCI6IiIsInBob25lIjoiIiwiZW1wbG95ZWVfcmFuZ2UiOiIiLCJyZXZlbnVlX3JhbmdlIjoiIiwiZW1wbG95ZWVfY291bnQiOiIiLCJhbm51YWxfcmV2ZW51ZSI6IiIsImlzX2JsYWNrbGlzdGVkIjpmYWxzZSwic3RhdGVfY29kZSI6IiIsImlzXzZxYSI6ZmFsc2UsImdlb0lQX2NvdW50cnkiOiJHZXJtYW55IiwiZ2VvSVBfc3RhdGUiOiJCZXJsaW4iLCJnZW9JUF9jaXR5IjoiQmVybGluIiwiY29tcGFueV9tYXRjaCI6Ik5vbi1hY3Rpb25hYmxlIE1hdGNoIiwiYWRkaXRpb25hbF9jb21tZW50IjoiVGhlcmUgaXMgbm8gdmFsaWQgQjJCIHVzZSBjYXNlIGFzIHRoaXMgd2FzIG1hdGNoZWQgdG8gc29tZXRoaW5nIG90aGVyIHRoYW4gYSBjb21wYW55IG5hbWUvZG9tYWluIChpLmUuIGJvdCwgaG9zdCwgbm9pc3kgc2lnbmFsLCBldGMuKSIsImluZHVzdHJ5X3YyIjpbXSwic2ljX2Rlc2NyaXB0aW9uIjoiIiwic2ljIjoiIiwibmFpY3NfZGVzY3JpcHRpb24iOiIiLCJuYWljcyI6IiJ9LCJzY29yZXMiOltdLCJzZWdtZW50cyI6W10sImNvbmZpZGVuY2UiOiJMb3cifQ==
Url-Params-Data
e30=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
https://blogs.infoblox.com
content-type
text/html; charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
x-cloud-trace-context
cac973f15eff1a5662d6d779dd5243f9
access-control-allow-headers
Six-Sense-Data,Custom-Vars-Data,Url-Params-Data
content-length
466
expires
Thu, 13 Jul 2023 21:47:03 GMT
61f2689d95e94c6ef599202edd32401c.js
script.crazyegg.com/pages/versioned/common-scripts/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/61f2689d95e94c6ef599202edd32401c.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0042/5835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2ccc051fd7633008012ea29d2598c95d84c9a9c985db4359eb1982bd6f2b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 09:34:40 GMT
server
cloudflare
age
105038
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64b8df8b9d4dc9-FRA
content-length
27037
details
epsilon-cloudfront.6sense.com/v3/company/ 		726 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon-cloudfront.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-53.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
72b513696b20be52ebf90b45f9c4a26603040cbdf47f7c1066818374e1999dc2

Request headers

Referer
accept-language
de-DE,de;q=0.9
Authorization
Token 482f94f5ef8419c30131ca99e9837fa458cb3174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://blogs.infoblox.com
access-control-allow-credentials
true
content-length
386
x-amz-cf-id
Yi7fICFHOOkD0ZvOwXOkl96JtbtnWET1zJnmVrYLIbXlH-EooutsQg==
/
visitor.reactful.com/config/247745/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://visitor.reactful.com/config/247745/?page=%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&hash=&referer=&user_id=&hshkgid=9e69a89e-d96c-4c81-ab01-ad42fe91d2af&cb_rtfl=_rtfl_jsonp_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
six-sense-data,url-params-data
Access-Control-Request-Method
GET
Origin
https://blogs.infoblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Six-Sense-Data, Custom-Vars-Data, Url-Params-Data
access-control-allow-methods
GET
access-control-allow-origin
https://blogs.infoblox.com
cache-control
no-cache
content-length
0
content-type
text/javascript
date
Thu, 13 Jul 2023 21:47:03 GMT
expires
Thu, 13 Jul 2023 21:47:03 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
server
Google Frontend
x-cloud-trace-context
bbf54a3f179cb725734a86791b6ff720
details
epsilon-cloudfront.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon-cloudfront.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-53.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://blogs.infoblox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://blogs.infoblox.com
access-control-max-age
1800
date
Thu, 13 Jul 2023 21:47:03 GMT
server
nginx
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id
GKwt_yz-im_I04OcWuyVBzPtRJql_YDf8gYUCBmAj2pAwc0aRSDefA==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
get
consent.trustarc.com/ 		61 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=MuseoSans-300.otf
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Thu, 13 Jul 2023 21:30:13 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
1010
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
hFEK4bOiv3DhLSpei8ezjyDT_ks1tCOiGKDcWlkMn12dPt3_CggyjQ==
expires
Sat, 12 Aug 2023 21:30:13 GMT
get
consent.trustarc.com/ 		62 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=MuseoSans_700.otf
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
c36ca8cd5566c156e23f38dde55efa9767270c732ddcb7ed915ea44b2295601e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blogs.infoblox.com/
Origin
https://blogs.infoblox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
public
date
Thu, 13 Jul 2023 21:09:30 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
2253
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
QZZLb7I2KOC0yx0XSIkFvzMgU-_hpl1UsObKOSGhKION072I3GyhBg==
expires
Sat, 12 Aug 2023 21:09:30 GMT
bannermsg
consent.trustarc.com/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=infoblox.com&behavior=implied&country=de&language=en&rand=0.7453433137230827&session=efee9f0c-8231-4610-8182-4cfc5f98727d&userType=NEW
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-26.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:03 GMT
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
OwSk83n-sbWTEKdmIeOXXI3mkVEAqGv4lf6eC_hsmiZCDBysAAGFzA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A02%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1234994-1&cid=1758246770.1689284823&jid=1304051283&_u=YCDACEAABAAAACAAI~&z=257381004
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1234994-1&cid=1758246770.1689284823&jid=1304051283&_u=YCDACEAABAAAACAAI~&z=257381004
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 21:47:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blogs.infoblox.com.json
script.crazyegg.com/pages/data-scripts/0042/5835/sampling/ Frame D7FA 		158 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0042/5835/sampling/blogs.infoblox.com.json?t=469245
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/61f2689d95e94c6ef599202edd32401c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc51849c29a9165262605b94f6fca7d7a1ae1b7047da6aa84e19758381cd3c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
65426
ce-version
11.5.100
content-length
146
last-modified
Thu, 13 Jul 2023 03:36:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64b8e118f7994b-FRA
healthcheck
pagestates-tracking.crazyegg.com/ Frame D7FA 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/61f2689d95e94c6ef599202edd32401c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 11:18:30 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8504914
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
CTJVt-I2ghdoY-rn625aznWbFFS-SjByWQsimmsrauBgNkCRSgdiqw==
healthcheck
assets-tracking.crazyegg.com/ Frame D7FA 		19 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/61f2689d95e94c6ef599202edd32401c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 05 Nov 2022 03:10:02 GMT
via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
21667022
etag
"d06f04fccf68d0b228a5923187ce1afd"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
19
x-amz-cf-id
Zt2_p_aJkBtIRxEs2rgyWweK3TdYuTZZmZfF7yBMWqrSAVf-kMqwJA==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737372412&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&ul=en-us&de=UTF-8&dt=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1758246770.1689284823&tid=UA-1234994-1&_gid=1186114541.1689284823&gtm=45He37c0n61F7RMF&cd1=&cd2=&cd3=Germany&cd4=Berlin&cd5=Berlin&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=0&cd15=Low&z=434761869
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70376
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
61ee8292-7981-423d-a371-ccb8d3d024b9
https://blogs.infoblox.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://blogs.infoblox.com/61ee8292-7981-423d-a371-ccb8d3d024b9
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
img.gif
b.6sc.co/v1/beacon/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=epsilon-cloudfront&q=%7B%22name%22%3A%22https%3A%2F%2Fepsilon-cloudfront.6sense.com%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A2382.6000022888184%2C%22duration%22%3A290.6999969482422%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A2382.6000022888184%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22responseEnd%22%3A2673.2999992370605%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon-cloudfront.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=&d=1
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
4c20cad8-e48a-414e-99b5-fc4d70c29a72
https://blogs.infoblox.com/ 		0
0
clock
tracking.crazyegg.com/ Frame D7FA 		28 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1689284823494&tk=94c1298a9befcde50aad42a699da8ca2&s=237558&p=%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&u=425835&v=3ec6e19790fedbd94a83f15321f59a6a5c476fd4&f=blogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date&ul=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/61f2689d95e94c6ef599202edd32401c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.174.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-174-140.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
bd76efc3e1ff9ca9393375426f6b29d09d11f6835f4bc2d311965b3589978eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Jul 2023 21:47:03 GMT
cache-control
no-store
server
awselb/2.0
content-length
28
content-type
text/plain
core
js.driftt.com/ Frame 776D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1689285000000/42wt2pyhpc8v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2d629f289895461e21d84586f22c3f13ec967a94db43dcb98f18f224bc464ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 21:47:03 GMT
etag
W/"65f30129bbd62f11fa724bd8d6571382"
last-modified
Thu, 29 Jun 2023 19:06:49 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id
NukhcSmYggJlqIuFaSjZcqS8_n075mnmZF6rxUQ5rdoe6ny_jENBUQ==
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-amz-version-id
fB1S0CyMLJHR17UtlnCvP9KPpCePP0bM
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
36
chat
js.driftt.com/core/ Frame B16D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1689285000000/42wt2pyhpc8v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2d629f289895461e21d84586f22c3f13ec967a94db43dcb98f18f224bc464ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Jul 2023 21:47:03 GMT
etag
W/"65f30129bbd62f11fa724bd8d6571382"
last-modified
Thu, 29 Jun 2023 19:06:49 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id
-x8n0skEaPYvkH4GHAgEBn2A4kJiDP-hmn1ce-mVe_zfOBJwkN6wMQ==
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-amz-version-id
fB1S0CyMLJHR17UtlnCvP9KPpCePP0bM
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
15
async-api.30bd804e-1.236.0.min.js
js-agent.newrelic.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEGF3EKJ20GJ2M0B
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1418
x-amz-id-2
7Bnp/acDFEVPOk4KkO8G7KCaEAPmVl9BEz+T2W3GECp7L6ot5oleCbOlovAlxmFTFBTt4vF0h30=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.717914,VS0,VE0
etag
"ce1527db8799a0ba1913b5c7b7f666aa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6993
860.03a8b7a5-1.236.0.min.js
js-agent.newrelic.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEG37M53ZHPNPYPQ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5273
x-amz-id-2
gv55Gg66aMmrHkB8Fge6lNpTz6cyGgp4g3hGLfVUoXX8Ywtm0u+nP7Cq83BuwsuHuDSgB7+4MC4=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.717927,VS0,VE0
etag
"5c2d33afe15ef1ea0f7dfd3d77677165"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1024
session-manager.2a64278a-1.236.0.min.js
js-agent.newrelic.com/ 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
F0T0KRXCF42HDR2X
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
677
x-amz-id-2
chmyyZ+gRR6zkYZ+3vMJ32qO1vXfDlOxAuZMMzIY+AS2GnAwDXG8hGK8xI4QRjD1cmRKC3VRKOI=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.717892,VS0,VE0
etag
"a097cb2068fb2d63e521cacf139c921d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
132
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737372412&t=timing&_s=2&dl=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&ul=en-us&de=UTF-8&dt=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3011&pdt=44&dns=24&rrt=0&srt=995&tcp=83&dit=1656&clt=1656&_gst=1868&_gbt=2217&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1758246770.1689284823&tid=UA-1234994-1&_gid=1186114541.1689284823&gtm=45He37c0n61F7RMF&z=958964905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70376
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0042/5835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 16:32:01 GMT
server
cloudflare
age
105034
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64b8e5caf64dc9-FRA
content-length
8025
99e2e488-95a1-487e-a39a-d9f57f9934d4
https://blogs.infoblox.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://blogs.infoblox.com/99e2e488-95a1-487e-a39a-d9f57f9934d4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4feacf07f26856360c14267fa1d8edd0459996feb8ad471da273cbf7510e4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
runtime~main.02ef51f0.js
js.driftt.com/core/assets/js/ Frame 776D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
88057ddacc1543613b0ee53043ce9abda8c2fa8bf584df3c8da2ed9ffdb08f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
8umjs9Qos4riOhMKisjLoyJvF.scLuv8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Thu, 29 Jun 2023 18:36:41 GMT
server
istio-envoy
etag
W/"95d1c74bdc24f5ed7f8ed455813b49b7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tL_s12FrOvAg1RuJXC5dGFsKytgz8_UfUf9-aa7-IZHWIT966Zxcbw==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id
hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
14444527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 27 Jan 2023 17:00:22 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
AtB1CM3DQPJuZyl3K5lDkAuyVc0UseAUVz5iYSB0dv8TE9YMZi57cQ==
main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:46 GMT
x-amz-version-id
_6ChWa7QfxwgvKvHcksc0_7OHMp8jBKX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Tue, 20 Jun 2023 14:23:11 GMT
server
istio-envoy
etag
W/"e094b276ad2035c3a46871991c258c2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sdDkmvQEF5YSd2vMztD318EgQzg-5Sl0jLNRizkIQ2FWdIWj7V70Ow==
runtime~main.02ef51f0.js
js.driftt.com/core/assets/js/ Frame B16D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
88057ddacc1543613b0ee53043ce9abda8c2fa8bf584df3c8da2ed9ffdb08f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
8umjs9Qos4riOhMKisjLoyJvF.scLuv8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Thu, 29 Jun 2023 18:36:41 GMT
server
istio-envoy
etag
W/"95d1c74bdc24f5ed7f8ed455813b49b7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dPhMhrzcgGhR1VZ4QmJeAX9sge8Ydm4e_yUt7X4J6N0e6AQ_Kg-BAg==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id
hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
14444527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 27 Jan 2023 17:00:22 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0Np3Ij-mqMfNEjukS_2eZOwgHt8XX8GZKxcuqpW_K1KxwyzWsgHKKg==
main~493df0b3.d2a43907.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:46 GMT
x-amz-version-id
_6ChWa7QfxwgvKvHcksc0_7OHMp8jBKX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Tue, 20 Jun 2023 14:23:11 GMT
server
istio-envoy
etag
W/"e094b276ad2035c3a46871991c258c2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
X31BaiPasDSRCyGMTuHJ-ON-1wkUZM72rvMQKx0GC2-7V7R3B663NQ==
img.gif
b.6sc.co/v1/beacon/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A03%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A02%20GMT%22%2C%22timeSpent%22%3A%221128%22%2C%22totalTimeSpent%22%3A%221128%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
2aac998c-6e5d-4a47-9608-e3bbce2f7906
https://blogs.infoblox.com/ 		911 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://blogs.infoblox.com/2aac998c-6e5d-4a47-9608-e3bbce2f7906
Requested by
Host: visitor.reactful.com
URL: https://visitor.reactful.com/dist/main.rtfl.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee78e5545394c3859e04444ccd5c917f4595bfe124f224fde2f2399ecbb2225

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
911
Content-Type
text/html
lazy-feature-loader.2f55ce66-1.236.0.min.js
js-agent.newrelic.com/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEGDKDYAMFQT6R5V
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
435
x-amz-id-2
xrQ60wqPVy7njbGQJaMAoxW1ZbXN7jToII+PgtVwmYfznO3vHvTB0zXoVanUjEaGc5Y6C1AIk5c=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.993490,VS0,VE0
etag
"e43b565f398109176254b8a9394de5ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1032
/
tracking.reactful.com/tracking/247745/ 		6 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.reactful.com/tracking/247745/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f3bd101a079878a72f97c95be894493d
cache-control
no-cache
content-length
26
51.558be3c5.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
78
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"fa281fcbe4b2e35558d60fae3e316367"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
oRCOD-ZaX1HUPDuJB1oe37l46oJQDByhP1jN2lCuxB7Z2fRdIvCk_Q==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id
qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
685010
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_XOXY0i3MhBmpTwq73tsPuaruN-TGNzKuRoXtfysEWxsCtZ3qF2SgQ==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id
zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Tue, 20 Jun 2023 14:23:09 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
RYXo_7QypXWMYXXBbParExzCXWuULzXL3wwBPFKOxfVnYGMLmaZl4w==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id
NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3337910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
38
last-modified
Wed, 31 May 2023 20:40:09 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qNYVTFB7qi_JEw3gH2OVMwYR_q5gkkCex9MUVSJ4dhBt2rQFTLwG2Q==
41.b4fc4de2.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id
aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
584520
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 30 Jun 2023 16:16:09 GMT
server
istio-envoy
etag
W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ry8nA2R8q3i7ib5m2jC1E_wJlsOfDXr780FoKL-tnPHnmQFzN9fMeA==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
69
last-modified
Fri, 16 Jun 2023 20:26:54 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xRnDLDZ8QPaUVBHXWziMZ5r8syfs-iOTkNQpRzXcj3QM0lnpUIZJhg==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id
pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4286296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Wed, 24 May 2023 17:36:06 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Wun73Sojdzq3d8Q5O5N1SeLyAAr6eWkI0crisg34DrGz5DFfsKWVxQ==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id
SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
553324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Fri, 30 Jun 2023 16:16:08 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
kJwss54rknZKzTMpigcVXDnI7Qghfmxxjc7mbe1WqEeqfO83RS9Cxg==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id
IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3840251
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Fri, 26 May 2023 19:24:42 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
q3uGYxwPmQYuzozM4BSWEDLlOVUPE_PlMljJZkKSoDTjJlPmnsXvZQ==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id
4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1367113
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Mon, 26 Jun 2023 20:12:19 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rIHoAnGYBbBlFhugkmr24reLnEIFvehPSwf95r6jCcjOJYokN2w3vQ==
49.f7274268.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/49.f7274268.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
100
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
WEBl8AQN64ahIltKwTiGkfkU9FX8zyBOOhiEBGP8CmVRiKjI30gGug==
40.31ef8dbf.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id
d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4215214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
44
last-modified
Wed, 24 May 2023 17:52:54 GMT
server
istio-envoy
etag
W/"b0793fa46e8c0ae1846b7be8a833da35"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0ihlX746Jtsrnd3y0pL83EMp8_P06Nmf03Hsc-p41ldQRTxLtUt_nQ==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
8hPfOwtBxkcjgv2ZyFL1Ykg-FJgUr6SL-FogIfroQROHxETNnzElzQ==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id
VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3327745
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
72
last-modified
Wed, 31 May 2023 20:40:09 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
zmGQ2kf3LJLcKp4iJqBGrguDfy_GQA-sZmFLuSVt0KHobPdqEtfE0g==
8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 776D 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
50
last-modified
Fri, 16 Jun 2023 14:07:10 GMT
server
istio-envoy
etag
W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0zibezKbuoIQxd1d6tUC5GQ5BqYb_wqk3TU5_woqSBFhjFvzRUkuKQ==
8.4f36d6d3.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/8.4f36d6d3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
OvTTtuWZAdZ_8FikHg8oq2SJobSEIlCt
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
27
last-modified
Thu, 29 Jun 2023 18:36:40 GMT
server
istio-envoy
etag
W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fJ_TtTvKSdXAmI2Ha1TMrD7GoXuWX66Pb-kGI2YFj7dsUvyphe50yQ==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 776D 		24 B
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id
C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P5
age
5387853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
content-length
24
last-modified
Thu, 11 May 2023 20:21:34 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hNvINxkaY7qfP4WSdVkRxmUZ1ZbyxmJS4ULbG8TXN8WMqT77lOYm8Q==
16.d21cfb1d.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/16.d21cfb1d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
288a9ccd9b1eeefd3dbb1472e44e1de6b28ce3cc808b7f89745f3e6caaefd3b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
d.6IKrCAQiM3_pBacs73GiOdIbiSZpjT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Thu, 29 Jun 2023 18:36:38 GMT
server
istio-envoy
etag
W/"ca720b81e8f86c6b2257cdf1343f755c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YyhGBa6uYS6v1jaVQqXkjjOip2-H3N0ai3lU4FaHq5q4ahzwIcTzJA==
24.b3a2b2ff.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/24.b3a2b2ff.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
801d37a3e3ca1817d45173f1b2991f9f8b576714436fae4bfdf13adc926b8654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
Ragnb6AMJHLJxZu7pxAUKeTDlhYQ2C70
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
25
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"36d9e825bfd0b9d778f826ff1802ad0c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9bVrmgB6wWBAdIoSUTbIZ14eGrykjOtY32zEJvhReBe08EIjsSLf5g==
17.643e5310.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/17.643e5310.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3ab024f4b3bee687327d55fcb3791e699f903744ef30a6b13160cd0204656db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
lgRtz1DdpvQS6RXsMQb3Dti7IikLYChH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Thu, 29 Jun 2023 18:36:38 GMT
server
istio-envoy
etag
W/"8ec0c6ca6900325b3aec6c54db564bac"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6pmeeKEgCUEfz4RFS1k1FqamPI-za4NMThO9lWKmJs4NFzV3uxXDfA==
c309e643c9296acd089a953f4da269eb.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/c309e643c9296acd089a953f4da269eb.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0042/5835.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3984e363ce3748ca098da7e3e751be94cea316a4246b39c3b7768c66ac453856

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2023 16:31:58 GMT
server
cloudflare
age
105036
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e64b8e63b4f4dc9-FRA
content-length
31988
51.558be3c5.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
78
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"fa281fcbe4b2e35558d60fae3e316367"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0PBra2VUixXfejkBvD37aJIRSiuDdm8PIwJb0Ji-IUxuwi6I96KMrA==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id
qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
685010
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tVlAUM0ektoxcjWQ4jc0-W4Fb6JaSU8BLr5x1FPg8Hh6Rzjdd6c3jw==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id
zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Tue, 20 Jun 2023 14:23:09 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aZoHDS2JUafEzwPFygb4HwNICeQPq1r3bDPngQ7-Ipfcje2mh5KxdQ==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id
NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3337910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
38
last-modified
Wed, 31 May 2023 20:40:09 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MznRluMVK4bT5VJ5Q7l3o5a1bx3Li5jJhw-EZ3MmFRzChvK7CN927w==
41.b4fc4de2.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id
aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
584520
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 30 Jun 2023 16:16:09 GMT
server
istio-envoy
etag
W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
h1uLyI2mBO44h6EGvY2t4p0fubO98VZYCnko7JjCkjPYEZ1Rp9Cqyg==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
69
last-modified
Fri, 16 Jun 2023 20:26:54 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bqzgxPlszbttKBF5912dYqdtjVU1KxD84UIs9AubgDE0ROt2FbJ9_A==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id
pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4286296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Wed, 24 May 2023 17:36:06 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
w3eZ8nE7wK2a8DglXa4ukiRzxhVP0cCF2yKbfbBwJQQazssznHV4Gg==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id
SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
553324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Fri, 30 Jun 2023 16:16:08 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bIySH-CfiTDlldi5MQSdrEYbEt267J7y36vdT9I5jH4YaIF9qM1kNA==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id
IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3840251
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Fri, 26 May 2023 19:24:42 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-YpvPACKfHt0kl94mCN4ms7xv5P_J4JrzMTYJUf4XchMAk0j6KHvAQ==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id
4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1367113
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Mon, 26 Jun 2023 20:12:19 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
eUPiajmWfUX9U_03lPoQ0NMGzg9k2MRhsx8yETUDtyp9phcnT_S0kw==
49.f7274268.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/49.f7274268.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
100
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
P5mSGDCIeRw2_gk-8sJ69pYLTvxSc4xNjPnu2X3M2O-MkznqKF_D-Q==
40.31ef8dbf.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id
d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4215214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
44
last-modified
Wed, 24 May 2023 17:52:54 GMT
server
istio-envoy
etag
W/"b0793fa46e8c0ae1846b7be8a833da35"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5BF7OtRKO6DSUsX4QJmWKMlDiLKcXhoTLOdikKUSou1AMGSTiZEtvA==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Fri, 16 Jun 2023 20:26:55 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
s4xl2Pbn8EbiGKOIx17qanDAkS4qj-fuVOlRRE9Z3iCDMZPcqvMoxg==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id
VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3327745
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
72
last-modified
Wed, 31 May 2023 20:40:09 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
E2MGRDTVbOuclcnB5kgTrf4EGvJvzdNybucZe9y9TZbAY7BYQwQdjw==
8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id
a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2055544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
50
last-modified
Fri, 16 Jun 2023 14:07:10 GMT
server
istio-envoy
etag
W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
g8X2IWDAjt2R-hZfmlPVwQQtMxR79AJK9QIEIzmu9a0vEFWSffycuQ==
8.4f36d6d3.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/8.4f36d6d3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
OvTTtuWZAdZ_8FikHg8oq2SJobSEIlCt
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
27
last-modified
Thu, 29 Jun 2023 18:36:40 GMT
server
istio-envoy
etag
W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qxZRd7rhqz1O7nGtuSAVe8qzTWxLG1jqFZ1_38hLWxw4Tt8xnrQKGA==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		24 B
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id
C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P5
age
5387853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
content-length
24
last-modified
Thu, 11 May 2023 20:21:34 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
FfcmzGCvuS7zIgvJ0dEjqYtil4cYvhVFgUrvyQ4wvw-l0qrLPj1uDA==
16.d21cfb1d.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/16.d21cfb1d.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
288a9ccd9b1eeefd3dbb1472e44e1de6b28ce3cc808b7f89745f3e6caaefd3b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
d.6IKrCAQiM3_pBacs73GiOdIbiSZpjT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Thu, 29 Jun 2023 18:36:38 GMT
server
istio-envoy
etag
W/"ca720b81e8f86c6b2257cdf1343f755c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xzpG_dOK12N5QYmCsunm4vlUDiKAOzxpigp0ISgdFH9IvUIXqxWVmw==
24.b3a2b2ff.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/24.b3a2b2ff.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
801d37a3e3ca1817d45173f1b2991f9f8b576714436fae4bfdf13adc926b8654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
Ragnb6AMJHLJxZu7pxAUKeTDlhYQ2C70
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
25
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"36d9e825bfd0b9d778f826ff1802ad0c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9rzfoyvEIYzUxfOwMgQRcU0tUxFcHABZHfQO_Hj5vgCvqRsP07Hz4w==
17.643e5310.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/17.643e5310.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3ab024f4b3bee687327d55fcb3791e699f903744ef30a6b13160cd0204656db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:48 GMT
x-amz-version-id
lgRtz1DdpvQS6RXsMQb3Dti7IikLYChH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Thu, 29 Jun 2023 18:36:38 GMT
server
istio-envoy
etag
W/"8ec0c6ca6900325b3aec6c54db564bac"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5XGzyHBSOqsUf6-hrdtj3n23HTolzhDYjQICzCF2viKt-lWe4OYG8Q==
148.1a20d5fe-1.236.0.min.js
js-agent.newrelic.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEGCSGC0W9EB60VT
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3249
x-amz-id-2
RnX/69X59j0YEmOJZIej61dk2R6E0i47JxJl2JtlBTegNG/hLBJslK0O+SoecA24IzWGVFxnPg0=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.040671,VS0,VE0
etag
"bed1f74897d091a7dfc2b06e8a1e29a3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5933
page_view_event-aggregate.06482edd-1.236.0.min.js
js-agent.newrelic.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEG0G20JAAY1G1GR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4102
x-amz-id-2
ZmI1+PZGzHgg/9HTiUZurwSqPtQNpHBccTB2Chdf6IKRzVHz3wtddTZoDy1FX7PpqNnW+ncvqWc=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.040905,VS0,VE0
etag
"553d27144d4f9fbe7e31b802107a2071"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1012
page_view_timing-aggregate.bd6de33a-1.236.0.min.js
js-agent.newrelic.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=300
x-amz-request-id
QEG9E846R1QCFG8V
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5367
x-amz-id-2
VXMN1ilK2pe4fta289xr7NSuAjTDPPdDBLrxuZ6WNJ2P9qLnLApxA5pESOv4R5er+ii418WL2hI=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.041460,VS0,VE0
etag
"01e96e9ff5c360298d13581ad38e60a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1012
metrics-aggregate.3dc53903-1.236.0.min.js
js-agent.newrelic.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js
Requested by
Host: blogs.infoblox.com
URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=300
x-amz-request-id
T9WATCNZXDW4W0PE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2880
x-amz-id-2
JlOL3h6YW9l3T5Wv3UIKced+6cWRgJjfCT3Vya4XA1nU1Xlf0KKGjRI7kguETxTd+dI2djlaEAs=
x-served-by
cache-fra-eddf8230057-FRA
last-modified
Tue, 27 Jun 2023 17:17:41 GMT
server
AmazonS3
x-timer
S1689284824.042198,VS0,VE0
etag
"a912f1cb80b2d3cf15f10d9d022b6188"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5533
NRJS-6edc3240d96015af6f2
bam.nr-data.net/1/ 		40 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-6edc3240d96015af6f2?a=564313520&v=1.236.0&to=bwEDMBNWWUICWkxeW1ZLIAcVXlhfTEpRWVNUAQ%3D%3D&rst=3480&ck=0&s=bdb0bf4c9aa6838a&ref=https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/&ap=766&be=1103&fe=1914&dc=590&at=Q0YARltMSkw%3D&perf=%7B%22timing%22:%7B%22of%22:1689284820597,%22n%22:0,%22dn%22:1,%22dne%22:25,%22c%22:25,%22s%22:64,%22ce%22:108,%22rq%22:108,%22rp%22:1103,%22rpe%22:1146,%22di%22:1656,%22ds%22:1656,%22de%22:1693,%22dc%22:2998,%22l%22:3010,%22le%22:3017%7D,%22navigation%22:%7B%7D%7D&fp=1673&fcp=1673
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://blogs.infoblox.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230102-FRA
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 24 May 2023 04:23:57 GMT
x-amz-version-id
GhA8rzRSUOsszJIxxjXIx4g.f98pPnBY
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4382587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Tue, 23 May 2023 23:00:49 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qLhj1cqHoPeixw9iRJPlI2vXEgvW9Qlplobr1XWbWMtN8zACA1ovPQ==
27.01c2bea5.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 02:02:59 GMT
x-amz-version-id
nle0j8birQ7TqZcCTCj2_Aiuc4PU4FBJ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2058245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
37
last-modified
Fri, 16 Jun 2023 14:07:13 GMT
server
istio-envoy
etag
W/"04a233a42dcf8c50a83bfecea8ba552d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
79LnAKrk-pjPLzKPLQuSrWNCpZJ4zQkenFEcgXBbUM5EW9MUFh-7tA==
28.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 776D 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/28.9bf46b67.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 03:39:57 GMT
x-amz-version-id
6lL5RAKv.3W6LARvL8dkmwjhs74xFC1K
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2052427
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
27
last-modified
Fri, 16 Jun 2023 14:07:10 GMT
server
istio-envoy
etag
W/"4f21faf2ba450e5fcdf7eda90813e185"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GWJJSbVbMoLM2lDWl3N_AJ4diPCStjYQ7IX7LMdipjh4eQ7XAJnsMA==
28.bdd92ff2.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id
FN2mK9FP.1iG0EPXu5GaP7vFrDcTGt2G
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Tue, 20 Jun 2023 14:23:09 GMT
server
istio-envoy
etag
W/"260fbabe310bd2cae5c44538f3d833ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9O7tdxau6SyxAopfcqEqARfRdgsS3JeCnwGLn-dP96V_vg_UJl69FQ==
25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 776D 		365 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/25.c695453b.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id
ZuuQmAv287PLv09x8YJDQ63ijAfFLcLS
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P5
age
2010317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
content-length
365
last-modified
Tue, 20 Jun 2023 14:23:06 GMT
server
istio-envoy
etag
"06b2963b029c0824382815165bfea73e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ia6k1DRQ_DnHV7MF57k_Qf8WY8j9NhTn2rYEK7DB3Emw_V34PhISFg==
25.afef3be0.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/25.afef3be0.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8c7f57de0d28efc5119de35f1fbca187f933e86f66fb76d9d0d31d1ab317c6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id
S6nBo_XZPGSh2l1p_Jh0Esw_QLOW7CS8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
22
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"8143a01fcadcee27b5755c3249aeb2f2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
n8B-TOSSvB9GpLSAFZFpvvKnrwT69l_IyYnFsJCa6dMA5MhRCBViMg==
37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 00:43:49 GMT
x-amz-version-id
6S9dem0QqRNKdsXJa9pt.hiZoFHo8G8.
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
680595
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
58
last-modified
Fri, 30 Jun 2023 16:16:07 GMT
server
istio-envoy
etag
W/"87532c4db85f1429fa6d759bc3332f36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
DGfG9y2ESySpfgFMDcleoE8mzFF_PiBuxizKA0wsTYRPqtDRyhDnxg==
37.298cbb69.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 04:59:35 GMT
x-amz-version-id
Fv09MwZ9_aib0TbI3DWT7N_8oqF8DxL_
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2047649
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Fri, 16 Jun 2023 14:07:13 GMT
server
istio-envoy
etag
W/"86b289eeb2bf9d30034f30d9794e8041"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5JF9x015lQFSiVTEtaxnPvHe4QvqEP_WSCalumLZVPweQ4lQRq7J2g==
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 24 May 2023 04:23:57 GMT
x-amz-version-id
GhA8rzRSUOsszJIxxjXIx4g.f98pPnBY
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4382587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Tue, 23 May 2023 23:00:49 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
obGwKhYF-aJHzTgYAa8CEpS-tged_JkjrG9B5LORTsyb3dkeYpcnkw==
3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 26 May 2023 01:55:58 GMT
x-amz-version-id
mj1uBZn49IegQv8DQD1iQuBHBtNoawj8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4218666
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
136
last-modified
Wed, 24 May 2023 17:36:04 GMT
server
istio-envoy
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5j_Zyax04lKAVs48XR2XN-_xYLUwGz98l1WAQHVYz-NayuQhZ0b8Vw==
3.f50b964b.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 29 May 2023 23:15:04 GMT
x-amz-version-id
FE5y8IPJ04Yp7NIoBaxWwnwnvwyWwyRX
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3882720
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
116
last-modified
Fri, 26 May 2023 19:24:43 GMT
server
istio-envoy
etag
W/"1ac37bf2b93050f29058b66a9ad43e10"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
nbPSOSv6XfZYbYWYQW2b76rQ9G2EoYEnuzJ1-AqECVcd3THtbv9wIA==
1.573fce08.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/1.573fce08.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6ca4f32f43694ee56dda6581a83ef02225af274dc0aee381e86284c091911913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:59:03 GMT
x-amz-version-id
XdFniRGgVHIu8.3BmgbjhB8YM7.t.OSn
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2357281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 16 Jun 2023 14:07:10 GMT
server
istio-envoy
etag
W/"21db740ef8d5ab04f559239c11897518"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
oaoF1DZFDhBwCHQ-C35WFQ-9fyKpqbT9vTTkRE8d_6gidlBnQ1zpXg==
1.be8346b1.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/1.be8346b1.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id
PLfb_l_4aFe.aYN3FEG.I5zIcM2Rb4sy
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Thu, 29 Jun 2023 18:36:38 GMT
server
istio-envoy
etag
W/"c2bd45f4e9f02db923342d39137bf141"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
TFZVxW3KMIAebaHn3glB5BpUN2aLvbaMDZRlAGL3XUjDrIjnIPO58w==
4.9157d420.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/4.9157d420.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6882bb97b25bf71ecd9de333bcaa4eea46fd9f6763b383d07eff4c73b9c7ba30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id
eBDiuofq2HCcTp2YJVFhjc9KFdMxPH5F
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"714f93293759e579de42cfdc6c40fe53"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
L7pX2kQwNY2jFJeVfJndPVFIbUVFW9_-AZnn3c-gGRgQVaiwxVPMQQ==
34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame B16D 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id
Y0eUMP8TZIUm_xphXPO8Cb7kobR8Sp8P
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
22
last-modified
Thu, 29 Jun 2023 18:36:37 GMT
server
istio-envoy
etag
W/"95b017fb41a8751bd7175f8a73f035f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
s2tRN6J6oY2xTi0CNF7XW_ie9ImNjV3Z3QgTrPyjegLsJZ_rt3cYRw==
34.26535e57.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/34.26535e57.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id
pP4ZKQ0wl7_jYctuYheBxCj9PF_v.ESa
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1219215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Thu, 29 Jun 2023 18:36:39 GMT
server
istio-envoy
etag
W/"d1f726d8d49e4c3e218775f6ce78039f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-f9zRdl7xmpzBV15RHzSyeseiEdYegBIMVjoc1P7aVtk5FBzhBqeZw==
v2
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 776D 		147 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.api.drift.com/widget_bootstrap/ping/v2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
71eed4d64598fe01390202c892a197df84d9b8517ac56d5770258c3750b42ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
f74acf76c15f1a6a
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
147
v3
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 776D 		25 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v3
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
5c87141073519a25
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
widget_bootstrap
bootstrap.api.drift.com/ Frame 776D 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.api.drift.com/widget_bootstrap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
886e3a6b29d54a13c92c072d748ed1c071b6b5124cb6e6b05148835e78f032ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 21:47:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
2013b8392a311d84
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
213
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
img.gif
b.6sc.co/v1/beacon/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A03%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222129%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:05 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
track
event.api.drift.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.api.drift.com/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 13 Jul 2023 21:47:05 GMT
requestid
drifte279f6247ee900050f2e7124f6c
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
track
event.api.drift.com/ Frame 776D 		726 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.api.drift.com/track
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
06bf2d2f43dba6bed615cd6eccbf0c2f03ed50640748bd7f6036a3797e6279c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODgzMzc4OTkyMCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjQ5OTEiLCJleHAiOjE3MjA5MDcyMjQsImlhdCI6MTY4OTI4NDgyNH0.q7jssmnan99h1x0f1TMsfEwNzk1eXV8BHudWwu4d7OiAd8qCh_ZvWAmdtX2bfu5QsWeiuKZE-4enSVvsCNU7rA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
66db17fe532277f0
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
726
evaluate_with_log
targeting.api.drift.com/targeting/ Frame 776D 		2 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/targeting/evaluate_with_log
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
724082f8555b7f4f0f910805b33a4627ee0ff012584428372b8c063fe4704860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODgzMzc4OTkyMCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjQ5OTEiLCJleHAiOjE3MjA5MDcyMjQsImlhdCI6MTY4OTI4NDgyNH0.q7jssmnan99h1x0f1TMsfEwNzk1eXV8BHudWwu4d7OiAd8qCh_ZvWAmdtX2bfu5QsWeiuKZE-4enSVvsCNU7rA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
1548de53d5272f58
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
799
evaluate_with_log
targeting.api.drift.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/targeting/evaluate_with_log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 13 Jul 2023 21:47:05 GMT
requestid
drift1aa349f437bbc9f9c6f98d92fb1
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
img.gif
b.6sc.co/v1/beacon/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A04%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223129%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:06 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
render_initial_v3
flow.api.drift.com/flows/ Frame 776D 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://flow.api.drift.com/flows/render_initial_v3
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
d2a063faa1b1c2f2619cf818e329d08015c5d1f30cb1f8a4312ef1206967bc5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODgzMzc4OTkyMCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjQ5OTEiLCJleHAiOjE3MjA5MDcyMjQsImlhdCI6MTY4OTI4NDgyNH0.q7jssmnan99h1x0f1TMsfEwNzk1eXV8BHudWwu4d7OiAd8qCh_ZvWAmdtX2bfu5QsWeiuKZE-4enSVvsCNU7rA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
istio-envoy
requestid
3339227194b41987
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
160
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
1997
render_initial_v3
flow.api.drift.com/flows/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://flow.api.drift.com/flows/render_initial_v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 13 Jul 2023 21:47:06 GMT
requestid
drift286db034327bb826f133cb5b21f
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
widget
targeting.api.drift.com/impressions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/impressions/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 13 Jul 2023 21:47:06 GMT
requestid
driftfddcccc434db4b2a3f8ea42146a
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
widget
targeting.api.drift.com/impressions/ Frame 776D 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.api.drift.com/impressions/widget
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODgzMzc4OTkyMCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjQ5OTEiLCJleHAiOjE3MjA5MDcyMjQsImlhdCI6MTY4OTI4NDgyNH0.q7jssmnan99h1x0f1TMsfEwNzk1eXV8BHudWwu4d7OiAd8qCh_ZvWAmdtX2bfu5QsWeiuKZE-4enSVvsCNU7rA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jul 2023 21:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
ef7df47256366bd3
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=737372412&t=event&ni=1&_s=3&dl=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&ul=en-us&de=UTF-8&dt=The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202672331&_u=aDDACEABBAAAACAAI~&jid=&gjid=&cid=1758246770.1689284823&tid=UA-1234994-1&_gid=1186114541.1689284823&gtm=45He37c0n61F7RMF&z=1864831824
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jul 2023 02:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70379
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
57.28dde8ce.chunk.js
js.driftt.com/core/assets/js/ Frame 776D 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=42wt2pyhpc8v&eId=42wt2pyhpc8v&region=US&forceShow=false&skipCampaigns=false&sessionId=9ad22a71-8f59-4f56-960b-4a924d5571eb&sessionStarted=1689284823.598&campaignRefreshToken=f6694070-790b-463b-bc5e-c245c92b7d37&hideController=false&pageLoadStartTime=1689284821744&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id
gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1413055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Mon, 26 Jun 2023 20:12:20 GMT
server
istio-envoy
etag
W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
CT_oCvD1Q3jQf9cMbNUQH7N1ZNlZjsgurBP4PjTha2FmWeyt7imIoA==
57.28dde8ce.chunk.js
js.driftt.com/core/assets/js/ Frame B16D 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.02ef51f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1689284821744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id
gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1413055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Mon, 26 Jun 2023 20:12:20 GMT
server
istio-envoy
etag
W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
smAbG-j08m6TPk0hQCjZZO9ol5X6yyfGh3YPgLIIs-LDkNXCRDq6TA==
https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F5063868%252F9ceabc1fe6cbcbd07e27d88fb3b61f725r5epexse94p%3Ffit%3Dmax%26fm%3Dpng%26h...
driftt.imgix.net/ Frame 776D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.us-east-1.amazonaws.com%252Fcustomer-api-avatars-prod%252F5063868%252F9ceabc1fe6cbcbd07e27d88fb3b61f725r5epexse94p%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D505f124d92012cee1b593d8f15a313c9?fit=max&fm=png&h=200&w=200&s=1a828830c0eab0925b17d98bea092086
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4bc2b92b3230fa2f59f2e25290aed4d250400575bdb1af31105811090c4a9380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:07 GMT
x-content-type-options
nosniff
age
5653111
x-cache
HIT, HIT
x-imgix-id
5922e2234780a3782359c93526802fe1aaf53452
cross-origin-resource-policy
cross-origin
content-length
9254
x-served-by
cache-sjc1000145-SJC, cache-fra-eddf8230083-FRA
x-imgix-render-farm
01.8752
last-modified
Tue, 09 May 2023 11:28:37 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
3.ee35dea2.chunk.js
js.driftt.com/conductor/assets/ 		158 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/conductor/assets/3.ee35dea2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1689285000000/42wt2pyhpc8v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 30 May 2023 19:32:00 GMT
x-amz-version-id
Ykc8yZVDKecPjoyiIijYgVP0DP252kJS
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P5
age
3809707
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
26
content-length
158
last-modified
Tue, 30 May 2023 18:44:04 GMT
server
istio-envoy
etag
"e6714addd36102488fb27a980401fd36"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
RV0_BjCxDHpNOHMw6dnV6uQSgwcdjTgrf_WhTzDK8Lj4-mUEVY1pzg==
img.gif
b.6sc.co/v1/beacon/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A05%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224130%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:07 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
bulk
metrics.api.drift.com/monitoring/metrics/event3/ Frame 776D 		25 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.api.drift.com/monitoring/metrics/event3/bulk
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-113-164.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Jul 2023 21:47:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
99467f59101e1108
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
21
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
img.gif
b.6sc.co/v1/beacon/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A06%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225131%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:08 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=65a5821f1ffef41888301786d2737e6c&svisitor=null&session=f9d6675c-9a3c-4993-8b66-c93e37af6db1&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2013%20Jul%202023%2021%3A47%3A07%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226131%22%7D&isIframe=false&m=%7B%22description%22%3A%22Infoblox%20provides%20the%20following%20list%20of%20indicators%20of%20compromise%20(IOCs)%20related%20to%20Log4j%20exploitation%20activity.%20This%20list%20will%20be%20updated%20as%20new%20indicators%20are%20discovered.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Complete%20List%20of%20Log4j%20Indicators%20of%20Compromise%20(IOC)%20to%20Date%20%7C%20Infoblox%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fblogs.infoblox.com%2Fcyber-threat-intelligence%2Fcyber-campaign-briefs%2Flog4j-indicators-of-compromise-to-date%2F&pageViewId=8c4171b5-3f39-4b33-853e-398b09db3186&d=1&an_uid=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-251.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 21:47:09 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
des8qu5llanad.cloudfront.net
URL
https://des8qu5llanad.cloudfront.net/js/tracker/pix.js
Domain
blogs.infoblox.com
URL
blob:https://blogs.infoblox.com/4c20cad8-e48a-414e-99b5-fc4d70c29a72

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| onbeforetoggle object| onscrollend object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery number| windWidth string| animateWidth number| defaultAnimateWidth function| csbwfsSetCookie function| csbwfsGetCookie function| csbwfsCheckCookie function| getlicensekeysform object| dataLayer function| readMore function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| searchbar object| wp_ulike_params function| ga_skiplinks object| genesis_responsive_menu object| genesisSample function| lity object| Typekit object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| animateHeight number| defaultAnimateHeight object| __dispatched__ undefined| __i__ string| GoogleAnalyticsObject function| ga object| _rctfl function| processEpsilonData string| epsilonName boolean| enabled function| callback number| version object| _6si object| scriptTrustArc function| drift undefined| driftt string| _linkedin_data_partner_id boolean| llcookieless object| formalyze number| ziq_domainid boolean| ziq_install_tracker object| techtargetic function| onYouTubeIframeAPIReady object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| truste function| shouldRepop function| shouldResolveConsent string| userType object| gaplugins object| gaData object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| lintrk boolean| _already_called_lintrk undefined| _ string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL boolean| _storagePopulated object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| _rctfl_track object| drift_sentry_config function| gtag string| thisTabID

30 Cookies

Domain/Path Name / Value
.techtarget.com/ Name: __cf_bm
Value: yjU4Gno3CFU6E_ASg5Zrlfuu3p55nnjBR7Tr8oKnub8-1689284822-0-AY0L4QmpuTu6RRlWdiz5uQ70qTfo+XDtXGCtRHIy9TfFsbjloHqoc4UkuvJ2u/HREYtPV4OOlBb9y8uhDBKTzOI=
.infoblox.com/ Name: _ga_D4JXVXQTYG
Value: GS1.1.1689284822.1.0.1689284822.0.0.0
.infoblox.com/ Name: TAsessionID
Value: efee9f0c-8231-4610-8182-4cfc5f98727d|NEW
.infoblox.com/ Name: notice_behavior
Value: implied,eu
.infoblox.com/ Name: _ga
Value: GA1.2.1758246770.1689284823
.infoblox.com/ Name: _gid
Value: GA1.2.1186114541.1689284823
.infoblox.com/ Name: _gat_UA-1234994-1
Value: 1
.infoblox.com/ Name: _biz_uid
Value: 324ef3d4d05945baabad41192eb63af6
.infoblox.com/ Name: _biz_sid
Value: 14c87e
.infoblox.com/ Name: _biz_nA
Value: 1
.bizible.com/ Name: _BUID
Value: 324ef3d4d05945baabad41192eb63af6
.bizibly.com/ Name: _BUID
Value: 9e2221de6392df032af96e20721a8391
.infoblox.com/ Name: _biz_pendingA
Value: %5B%5D
.blogs.infoblox.com/ Name: _rtfl_s_handshake_guid
Value: 9e69a89e-d96c-4c81-ab01-ad42fe91d2af
blogs.infoblox.com/ Name: ln_or
Value: eyIzMjM0NiI6ImQifQ%3D%3D
.linkedin.com/ Name: bcookie
Value: "v=2&83353c30-e48b-403d-8673-8b03daa4f75b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODkyODQ4MjM7MjswMjFtu+7j/7ZpelJsYxfTh7p+RrxyTBN/U6vvh8syvtmpog==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2548:u=1:x=1:i=1689284823:t=1689371223:v=2:sig=AQG7KsxZgKS_pIT4MFhLOl1F-EtcG8qC"
.infoblox.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.infoblox.com/ Name: cebs
Value: 1
.infoblox.com/ Name: _ce.clock_event
Value: 1
blogs.infoblox.com/ Name: drift_campaign_refresh
Value: f6694070-790b-463b-bc5e-c245c92b7d37
.infoblox.com/ Name: _ce.clock_data
Value: 38%2C80.255.7.105%2C1%2Cdc0a08e416cd7f8471c71ad711523ca3
.infoblox.com/ Name: cebsp_
Value: 1
.infoblox.com/ Name: _ce.s
Value: v~3ec6e19790fedbd94a83f15321f59a6a5c476fd4~lcw~1689284823268~vpv~0~v11.rlc~1689284823705~lcw~1689284823705
.infoblox.com/ Name: _rtfl_s_247745_specific_site_session
Value: X3BEQ3RNeTY0dTA3UE16M0xybTBtanZfYjEzMDc3ZGUzMTNhZDg4YjA2OTJjYzMxMjI4MzVkZjQ2MmEzMTc5Zg==
.infoblox.com/ Name: _rtfl_s_unique_visitor_session
Value: X0dNUzE5TnJmR1lFRWdFUUhhdEtjb2hfMmFkMDhkODk0NWUwOGEyMTIzMzdiNzRhZDlhMzQ0OTU4ZWUxMmEwZQ==
blogs.infoblox.com/ Name: _rtfl_s_specific_site_sessions_count
Value: 1
blogs.infoblox.com/ Name: drift_aid
Value: bdcecc32-40b3-498c-ad01-596dde81b613
blogs.infoblox.com/ Name: driftt_aid
Value: bdcecc32-40b3-498c-ad01-596dde81b613

4 Console Messages

Source Level URL
Text
network error URL: https://des8qu5llanad.cloudfront.net/js/tracker/pix.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://lltrck.com/scripts/lt-v3.js?llid=10235
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Message:
Refused to load the image 'blob:https://blogs.infoblox.com/4c20cad8-e48a-414e-99b5-fc4d70c29a72' because it violates the following Content Security Policy directive: "img-src 'self' https: data: *.jsdelivr.net *.infoblox.com https://infoblox.com *.bing.com *.adsymptotic.com *.googleusercontent.com *.gstatic.com *.pantheonsite.io *.infoblox.local *.linkedin.com *.drift.com *.eloqua.com *.typekit.net *.google-analytics.com *.google.com *.doubleclick.net *.gravatar.com https://play.vidyard.com https://cdn.vidyard.com https://i.ytimg.com *.vimeocdn.com https://share.vidyard.com/ *.googletagmanager.com https://lltrck.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com *.google.co.in *.snaproute.com snaproute.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io".
security error URL: https://blogs.infoblox.com/cyber-threat-intelligence/cyber-campaign-briefs/log4j-indicators-of-compromise-to-date/
Message:
Refused to load media from 'https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3' because it violates the following Content Security Policy directive: "media-src 'self' mediastream: blob: filesystem: *.driftqa.com *.kaltura.com *.js.driftt.com https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.jsdelivr.net *.infoblox.com *.pantheonsite.io *.infoblox.local *.vimeo.com *.addthis.com *.typekit.net *.driftt.com *.drift.com *.google-analytics.com *.eloqua.com *.nr-data.net *.doubleclick.net *.linkedin.com *.vidyard.com *.google.com *.captivate.fm *.soundcloud.com *.youtube.com *.6sense.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.pathfactory.com *.mktoresp.com *.google.co.in *.adnxs.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ *.use.fontawesome *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com cdn.bizible.com cdn.linkedin.oribi.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: filesystem: *.google.com *.addthis.com *.addthisedge.com *.moatads.com *.cookielaw.org *.driftt.com *.bidr.io *.cloudfront.net *.bing.com *.linkedin.com *.licdn.com *.typekit.net *.googletagmanager.com js.driftt.com *.googleadservices.com *.doubleclick.net *.google-analytics.com *.newrelic.com *.nr-data.net *.vidyard.com *.captivate.fm *.soundcloud.com https://cdnjs.cloudflare.com *.jobvite.com *.jsdelivr.net *.infoblox.com *.lltrck.com lltrck.com https://lltrck.com https://ajax.googleapis.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.adnxs.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; style-src 'self' 'unsafe-inline' 'unsafe-eval' filesystem: *.google.com *.googleapis.com *.typekit.net *.gstatic.com *.googleusercontent.com https://info.infoblox.com/js/forms2/css/ *.jsdelivr.net *.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.bootstrapcdn.com *.google.co.in https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.trustarc.com; img-src 'self' https: data: *.jsdelivr.net *.infoblox.com https://infoblox.com *.bing.com *.adsymptotic.com *.googleusercontent.com *.gstatic.com *.pantheonsite.io *.infoblox.local *.linkedin.com *.drift.com *.eloqua.com *.typekit.net *.google-analytics.com *.google.com *.doubleclick.net *.gravatar.com https://play.vidyard.com https://cdn.vidyard.com https://i.ytimg.com *.vimeocdn.com https://share.vidyard.com/ *.googletagmanager.com https://lltrck.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com *.google.co.in *.snaproute.com snaproute.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io ; font-src 'self' https: data: filesystem: use.typekit.net *.use.fontawesome.com; media-src 'self' mediastream: blob: filesystem: *.driftqa.com *.kaltura.com *.js.driftt.com https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3; frame-ancestors 'self' https: data: http://*.jsdelivr.net *.infoblox.com https://*.jsdelivr.net *.infoblox.com https://sites.google.com/infoblox.com https://sites.google.com/infoblox.com/salesworkspace/ https://infoblox.litmos.com/ http://infoblox.litmos.com/ https://infoblox.mindtickle.com/ https://infobloxpartners.mindtickle.com/ https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com cdn.bizible.com cdn.linkedin.oribi.io; frame-src 'self' https://www.youtube-nocookie.com https://play.vidyard.com https://www.google.com *.youtube.com *.vimeo.com https://w.soundcloud.com/ https://player.captivate.fm/ jobs.jobvite.com info.infoblox.com *.jsdelivr.net *.infoblox.com *.crazyegg.com *.youtube.com *.reactful.com *.6sc.co *.lookbookhq.com *.facebook.net *.techtarget.com *.marketo.net *.facebook.com https://infoblox.litmos.com/ *.use.fontawesome.com *.info.infoblox.com https://internetidentity.com https://widgets.itcentralstation.com *.kaltura.com *.hotjar.com *.trustarc.com https://js.driftt.com/ https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3 *.js.driftt.com cdn.bizible.com cdn.linkedin.oribi.io
Strict-Transport-Security max-age=300
X-Content-Type-Options
X-Frame-Options allow-from <URI>
X-Xss-Protection

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-tracking.crazyegg.com
b.6sc.co
bam.nr-data.net
blogs.infoblox.com
bootstrap.api.drift.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
consent.trustarc.com
des8qu5llanad.cloudfront.net
driftt.imgix.net
epsilon-cloudfront.6sense.com
epsilon.6sense.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
ibc-flow.techtarget.com
j.6sc.co
js-agent.newrelic.com
js.driftt.com
live-infoblox-blog.pantheonsite.io
lltrck.com
metrics.api.drift.com
p.typekit.net
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
targeting.api.drift.com
tracking.crazyegg.com
tracking.reactful.com
trk.techtarget.com
use.typekit.net
visitor.reactful.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
blogs.infoblox.com
des8qu5llanad.cloudfront.net
108.138.17.53
13.107.42.14
13.225.78.26
151.101.130.137
152.195.15.58
162.247.243.29
18.158.110.93
18.66.112.55
18.66.122.57
18.66.97.85
2001:4860:4802:34::36
23.185.0.2
23.53.42.251
2600:9000:20eb:2600:2:53b2:240:93a1
2606:4700::6812:c9f
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:808::2013
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200a
2a00:1450:400c:c00::9a
2a02:26f0:480:f::213:7ec6
2a02:26f0:780::210:a423
2a02:26f0:780::210:a469
2a04:4e42:600::485
2a04:4e42:8d::720
2a04:4e42:8d::765
34.111.208.231
34.193.113.164
37.252.172.123
52.202.186.11
54.77.174.140
021c286db194430940a06d70452b439863e85bdb35cd755a5c7507ebd7f3c38a
06bf2d2f43dba6bed615cd6eccbf0c2f03ed50640748bd7f6036a3797e6279c4
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
16cce560fa71db9564d2563c6fde2d1fa9b7a25e1e3e4f9532ff3a675ac2b0c4
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
288a9ccd9b1eeefd3dbb1472e44e1de6b28ce3cc808b7f89745f3e6caaefd3b4
2a8557df2a0828ad5ae25a6fbc74f60ea9e2e47122bcbb432675e4684cf30cc5
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
2d629f289895461e21d84586f22c3f13ec967a94db43dcb98f18f224bc464ac4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3005a54fc57fc2d8c70cc41e4ca7fcaaed7514b03f28581082c454e6a2d11f3b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34988554893009eb1f64d49b96d6dd472699ad46e71557eab757bcfcecee4342
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3984e363ce3748ca098da7e3e751be94cea316a4246b39c3b7768c66ac453856
3ab024f4b3bee687327d55fcb3791e699f903744ef30a6b13160cd0204656db0
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
3ea04b8b3bd61287ef6d9241dab1b94924accc38651f973f9897828b4f60e738
3ee78e5545394c3859e04444ccd5c917f4595bfe124f224fde2f2399ecbb2225
40b87680850d61dff26f2280eaac2487e2261e8771cca1f4eba69dc366cd1fe2
47bb48dbb60985f6c3925bcf32c14d6c586edcad7b629b9c97fe3705d1660279
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4bc2b92b3230fa2f59f2e25290aed4d250400575bdb1af31105811090c4a9380
4d71e28edcd31a762462d68b69b58c84965188c5f19c64f9d55fe0520e33985d
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
526d676a40f3d7b45aa46213e63602a7ea7e2906505a99df3bd593c94e94e1cc
576e529ab8a4f6521f8aff687e04e47ca0e165585dfe6b82d1758fd99ff03336
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5ae44b29a07f543b7a144557b1bd07d18d2bb506283eb34c4decf6af582adfef
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5df5e8a29e365d5d26d39b742710c2debd1a910b19a89fda1f965385d7f2f17a
5e532f2001bd715ac2458b017f00e83297416f11297bb68a50d13e84f497b16b
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
5eb019e359fbb25ee979392549a9b4218b5908dfab4856b8c79c10d78e7e80bf
5f27ff5fc0da5cefdc57dd9e79a91efdd46903e83bd6c86643aafd686430ffb0
658414418ebba65bb3d94f37b93ce4245b29d3b900897c923eeffd56ace0d381
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6882bb97b25bf71ecd9de333bcaa4eea46fd9f6763b383d07eff4c73b9c7ba30
6a5dffe58ffe8be12c8da54d26b190ef6722f90318b0be0e3ccf0ce43443e002
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6ca4f32f43694ee56dda6581a83ef02225af274dc0aee381e86284c091911913
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
6fd951519999c4f446db71f347635025addb27c21d3b5915d498732ea1eec927
708ac71ed8728392391eb1d7c3fdb816dedb96bfcd4a1ab9238647623b9528c6
71eed4d64598fe01390202c892a197df84d9b8517ac56d5770258c3750b42ec6
724082f8555b7f4f0f910805b33a4627ee0ff012584428372b8c063fe4704860
72b513696b20be52ebf90b45f9c4a26603040cbdf47f7c1066818374e1999dc2
746f92201abc63d71f4bf1a7271eba568c0710b2677379826bdcd943faeecc2c
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
77dfd44bcef56675f5716a9c5585aeeea6f527bf1d0c6623eb8f60a9ea43045e
780929714861ca223c2893799ec20e113d5cd9d3dcae15be3aca5db440ea1db2
7ad349f95df1a4ebdbb59f61db8b27d14fdb228dfb43849ae4f9039997f89160
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d2f997d3abc6d5c182b7826ea43636c26196a2a42273c875096cb1ad62f6c7e
801d37a3e3ca1817d45173f1b2991f9f8b576714436fae4bfdf13adc926b8654
81584aa37e1b82faaea55445c87f2c3c29abff2f3b0937435d5ae08646425bb0
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8496c14880dfce9254e5af1745ed45dcfbfb440bb0db0af0a3f6cd4e4ce3be18
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
868503219c7ca2afd9cab62a466011d4e99684a725dd287e55b1b57fbe78febd
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
88057ddacc1543613b0ee53043ce9abda8c2fa8bf584df3c8da2ed9ffdb08f93
886e3a6b29d54a13c92c072d748ed1c071b6b5124cb6e6b05148835e78f032ef
8b691b68ce2b648677ff1bb637d09e0a0005ecbc2ef054f1c3b118e96a3debf5
8c7f57de0d28efc5119de35f1fbca187f933e86f66fb76d9d0d31d1ab317c6bd
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
913eba8f73d4feff3ad28bb0eaab998afe9a90ad4df397b38da8f905a062a133
926eccb79b21d631b8f6b7924395e71270aae4b56ebb1f102691e34bedd40a27
945c284f98ebab78bcdccb6711ebc2340756345a312a8fcad4da1871505029bf
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9f826be9a2bdd52bec6a2688bd18becc4ec823f9cb77debcbc8eda105dac83ef
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629
a1c4a7fc8d5baa9d1b5e4d8c55c3229442dbf98430024e9b008cd3cd99c72fbb
a224dfc1e1af0259dd16f2fbc3033f2d43c30eb02ce760a3333d86c01dc1e942
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a4feacf07f26856360c14267fa1d8edd0459996feb8ad471da273cbf7510e4cb
a757ff2d599debf54d686dbdef9b3086f6960f809f79a6ae212e92085cbf53c6
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b1c67ef1f94af13cc299f9143d69a95eb253555b0888fb6e08599b295de59847
b53e5f3408771e8cf79666bc1466cd55c0314d4191ce9c2f7a75dfc20aa57589
b663370b2ecf34db611eaba1d1064a9c0f08f8047c18c59f5ffd16caf58ef6b7
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bd76efc3e1ff9ca9393375426f6b29d09d11f6835f4bc2d311965b3589978eff
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c36ca8cd5566c156e23f38dde55efa9767270c732ddcb7ed915ea44b2295601e
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c6649c0813396097d5f49f416055ce6d104b260f8d9ce9f70ee300703c1cb797
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
cddede585f1ce388062b874c8ed32e1bbe2a0ffa258e85ff334ec7d1b673200f
ce6c568bcf951e8d9abeb0858e492c3b41c769b190fbfe5cfe5fd76932008ef0
cf8646fc48648f5a6d806df8f757007e6398a55ddccc3d8c2046a4c014cf1b56
d0ff37ec6455fc98cf29d6e3d6a6117c260e2623f9f8238519a6570b7081daaf
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065
d2a063faa1b1c2f2619cf818e329d08015c5d1f30cb1f8a4312ef1206967bc5c
d43c60fba3f2e7d415f0ca36e8393741a49416d4a3fed260cc51c28368e699a2
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d80f9badc08b8777ce9133f8bfa898576eaac335a195355a410f34e83c26311d
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
db2ccc051fd7633008012ea29d2598c95d84c9a9c985db4359eb1982bd6f2b8b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddef9b3daec625719558594a045592a53c1b4b1e3c1360fa9e985a075b928c7a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de56d33adf5dd4c396874042c2878637bb6b68ca76f54331646bde61f17a32d6
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
eba72b1c1e3e44d5dabff914f59eb15876ae97cef296ddee4afe4821a54f2633
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ef668120a2df876d90bbe0667a69db1e27b958aced171feb3d391b17bfde11
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9c360b205a6c1873b37e98ccb81b1c40cb06b01e0d8b2d3657382c4eced41a2
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fc51849c29a9165262605b94f6fca7d7a1ae1b7047da6aa84e19758381cd3c95
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e