orca.security Open in urlscan Pro
162.159.134.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.orca.security/e/898611/new-log4j-vulnerabilities/qhhz/77750599?h=-1aY2TwwzbOrE8BD9JBTRnYhEfiYCRudQavb_ZaAYjM
Effective URL:
https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=...
Submission: On December 17 via api (December 17th 2021, 9:11:42 pm UTC) from US — Scanned from DE

Summary HTTP 117 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 32 domains to perform 117 HTTP transactions. The main IP is 162.159.134.42, located in and belongs to CLOUDFLARENET, US. The main domain is orca.security.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 18th 2021. Valid for: a year.

This is the only time orca.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES)
26	162.159.134.42 162.159.134.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8600:8:8d2f:9e00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:1bbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.22.75 13.32.22.75	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4470	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.195.187.5 34.195.187.5	14618 (AMAZON-AES) (AMAZON-AES)
10	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.22.51 13.32.22.51	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	13.32.22.85 13.32.22.85	16509 (AMAZON-02) (AMAZON-02)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	143.204.209.102 143.204.209.102	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
7	2a01:111:f100... 2a01:111:f100:2000::a83e:3309	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2 2	52.49.89.229 52.49.89.229	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.209.106 143.204.209.106	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	143.204.209.129 143.204.209.129	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.13 13.35.253.13	16509 (AMAZON-02) (AMAZON-02)
1	99.80.125.216 99.80.125.216	16509 (AMAZON-02) (AMAZON-02)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
10	100.25.249.86 100.25.249.86	14618 (AMAZON-AES) (AMAZON-AES)
1	178.128.135.233 178.128.135.233	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	52.202.69.186 52.202.69.186	() ()
117	41

4 18.232.28.189 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

go.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 162.159.134.42 (None, )

ASN13335 (CLOUDFLARENET, US)

orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8600:8:8d2f:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

ddzuuyx7zj81k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1bbe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-75.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4470 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.187.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-187-5.compute-1.amazonaws.com

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-51.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.22.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-85.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-102.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.216 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a01:111:f100:2000::a83e:3309 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

monitor.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.89.229 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-89-229.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-106.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-129.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-13.fra6.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.125.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 100.25.249.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-249-86.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.233 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.69.186 (None, )

ASN- ()

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	orca.security 2 redirects go.orca.security orca.security	447 KB
11	qualified.com js.qualified.com app.qualified.com	718 KB
10	6sc.co j.6sc.co c.6sc.co b.6sc.co	16 KB
8	clickcease.com www.clickcease.com monitor.clickcease.com	25 KB
5	wp.com i0.wp.com	108 KB
5	omappapi.com a.omappapi.com api.omappapi.com z.omappapi.com	73 KB
4	facebook.com www.facebook.com	416 B
4	google.de www.google.de	783 B
4	google.com www.google.com	783 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	66 KB
3	company-target.com 1 redirects segments.company-target.com api.company-target.com	3 KB
3	facebook.net connect.facebook.net	199 KB
3	google-analytics.com www.google-analytics.com	55 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	pardot.com pi.pardot.com	5 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	gstatic.com fonts.gstatic.com	68 KB
2	googletagmanager.com www.googletagmanager.com	107 KB
1	rlcdn.com id.rlcdn.com	66 B
1	adnxs.com secure.adnxs.com	687 B
1	demandbase.com tag.demandbase.com	19 KB
1	twitter.com analytics.twitter.com	676 B
1	t.co t.co	470 B
1	g2crowd.com tracking.g2crowd.com	1 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	cloudfront.net ddzuuyx7zj81k.cloudfront.net	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	jquery.com code.jquery.com	30 KB
0	insiderdata360online.com Failed insiderdata360online.com Failed
117	32

	Domain	Requested by
26	orca.security	orca.security
10	app.qualified.com	js.qualified.com orca.security app.qualified.com
8	b.6sc.co	orca.security
7	monitor.clickcease.com	www.clickcease.com
5	i0.wp.com	orca.security
4	www.facebook.com	orca.security
4	www.google.de	orca.security
4	www.google.com	orca.security
4	go.orca.security	2 redirects js.qualified.com pi.pardot.com
3	a.omappapi.com	www.googletagmanager.com a.omappapi.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	connect.facebook.net	orca.security connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	orca.security a.omappapi.com
2	pi.pardot.com	orca.security pi.pardot.com
2	segments.company-target.com	1 redirects orca.security
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	orca.security
1	z.omappapi.com	a.omappapi.com
1	in.hotjar.com	script.hotjar.com
1	api.omappapi.com	a.omappapi.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	orca.security
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	vars.hotjar.com	static.hotjar.com
1	tag.demandbase.com	orca.security
1	analytics.twitter.com	static.ads-twitter.com
1	script.hotjar.com	static.hotjar.com
1	t.co	orca.security
1	px4.ads.linkedin.com	orca.security
1	www.linkedin.com	1 redirects
1	j.6sc.co	orca.security
1	js.qualified.com	www.googletagmanager.com
1	www.clickcease.com	orca.security
1	static.hotjar.com	orca.security
1	tracking.g2crowd.com	orca.security
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ddzuuyx7zj81k.cloudfront.net	orca.security
1	www.googleadservices.com	www.googletagmanager.com
1	code.jquery.com	orca.security
0	insiderdata360online.com Failed	orca.security
117	46

This site contains links to these domains. Also see Links.

Domain
support.orca.security
app.orcasecurity.io
cve.mitre.org
nvd.nist.gov
logging.apache.org
orcasecurity.zendesk.com
twitter.com
www.linkedin.com
www.youtube.com
www.g2.com

Subject Issuer	Validity	Valid
orca.security Cloudflare Inc ECC CA-3	`2021-11-18` - `2022-11-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-26` - `2021-12-25`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
js.qualified.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
a.omappapi.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.clickcease.com Go Daddy Secure Certificate Authority - G2	`2021-07-20` - `2022-06-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
app.qualified.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
go.orca.security R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
z.omappapi.com R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Frame ID: 2A2A15BCA511722773365A81DBFB387C
Requests: 111 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 7E1BD160444250B602EBBDCDCB0148ED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A63E9A9F937FB18EBF2E0090EA34350A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7AA0E67D5B32D0CBFFC5EC381C7C2573
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Frame ID: 55302E4BF008592B613A8A5875261480
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instantly Detect Log4j Vulnerabilities on AWS, Azure and Google Cloud - Complete Cloud Security in Minutes | Orca Security

Page URL History Show full URLs

https://go.orca.security/e/898611/new-log4j-vulnerabilities/qhhz/77750599?h=-1aY2TwwzbOrE8BD9JBTRnYhE... HTTP 301
https://go.orca.security/new-log4j-vulnerabilities HTTP 302
https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-googl... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

97 %
HTTPS

40 %
IPv6

32
Domains

46
Subdomains

41
IPs

6
Countries

1975 kB
Transfer

6405 kB
Size

40
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://support.orca.security/
Title: Support

Search URL Search Domain Scan URL

URL: https://app.orcasecurity.io/login
Title: Login

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Title: CVE-2021-44228

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-45046
Title: CVE-2021-45046

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/index.html
Title: Log4j 2.16.0

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/security.html
Title: Apache Log4j 2.15.0

Search URL Search Domain Scan URL

URL: https://orcasecurity.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/OrcaSec

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/orca-security/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/orcasecurity

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/orca-security/reviews

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.orca.security/e/898611/new-log4j-vulnerabilities/qhhz/77750599?h=-1aY2TwwzbOrE8BD9JBTRnYhEfiYCRudQavb_ZaAYjM HTTP 301
https://go.orca.security/new-log4j-vulnerabilities HTTP 302
https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1286465%26time%3D1639775494644%26url%3Dhttps%253A%252F%252Forca.security%252Fresources%252Fblog%252Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%252F%253Futm_source%253Dorcaemail%2526utm_medium%253Demail%2526utm_campaign%253D21-Q2-Risk-Assessment-Program-Orca%2526utm_content%253Dlog4j-update%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update&liSync=true&e_ipv6=AQLKX8GJhG5MJgAAAX3KPGO-_tCvuZHINuCy1ScPyRc6hSIfKlnRWsY1urjRt07xhAyKhTjI

Request Chain 68

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog&verifyHash=3df1cbcb1f4bc8bec6a3886be3f9a7e2e172cde9

117 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/
Redirect Chain

https://go.orca.security/e/898611/new-log4j-vulnerabilities/qhhz/77750599?h=-1aY2TwwzbOrE8BD9JBTRnYhEfiYCRudQavb_ZaAYjM
https://go.orca.security/new-log4j-vulnerabilities
https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_...

108 KB
20 KB

696ms
649ms

Document
text/html

162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afbced10cf170811bd5ea25e8d37a95c166e3e8743aedc3af1485df9b6dc48f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6bf324fd4d630893-CDG
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://orca.security/wp-json/>; rel="https://api.w.org/", <https://orca.security/wp-json/wp/v2/posts/20210>; rel="alternate"; type="application/json", <https://orca.security/?p=20210>; rel=shortlink
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ki-edge: v=16.6
pragma: no-cache
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Fri, 17 Dec 2021 21:11:32 GMT
Location: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store
Expires: Fri, 17 Dec 2021 21:01:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 240
Content-Type: text/html; charset=UTF-8
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
Server: PardotServer
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
Connection: keep-alive

GET
H2 200 orca.ttf
orca.security/wp-content/themes/orca/fonts/ 4 KB
5 KB 625ms
624ms Font
application/x-font-ttf 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca/fonts/orca.ttf?vhq0nq

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bb66e1a365093548f51bc82e11d1a321cae744311958f9ff73c449d84f59aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Origin: https://orca.security
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 01 Nov 2021 12:27:07 GMT
server: cloudflare
etag: W/"617fdd1b-11e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325017dfc0893-CDG
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 43ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653025264

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae1876d0189ba7c373d5f34da1fa27191f72623c1d67fa13a76bd83f2698373e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39583
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:11:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 45 KB
2 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46a81d9eecf758da54f09983d052b2f0404104cd8bb4affeed2209c5481156d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 20:28:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 21:11:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 21:11:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
807 B 42ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&family=Manrope:wght@200;300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88e54d012a1ec7eb247e4e282cb81ef401068961aecace72f5be669f3b03c291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 21:11:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 21:11:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 21:11:33 GMT

GET
H2 200 0926cef4d245625cc4fab729131a6e75.css
orca.security/wp-content/cache/min/1/ 1 MB
136 KB 626ms
625ms Stylesheet
text/css 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/cache/min/1/0926cef4d245625cc4fab729131a6e75.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0c8952d42f1e78c14d70611224c862d91d281e917b9e2d679fff15b246b379

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 22:23:46 GMT
server: cloudflare
etag: W/"61bbbc72-21f0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325017e070893-CDG
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 58ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1639775493.dop023.ml1.t,1639775493.cds216.ml1.hn,1639775493.cds012.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 flatpickr.min.js Show response
orca.security/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
15 KB 625ms
624ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.8.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 19:49:05 GMT
server: cloudflare
etag: W/"618c2231-c205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325017e090893-CDG
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
68 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03742e65ae04095075da7f822536f6e4c7110a767047e3607543f384fc1c3f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69711
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:11:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 42ms
18ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-653025264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Dec 2021 21:11:34 GMT

GET
H3 200 scripts.min.js Show response
orca.security/wp-content/themes/orca/js/ 413 KB
113 KB 772ms
772ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca/js/scripts.min.js?ver=1.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbc0c89263ae4e2266e70ad254361c7d00978926e2924cd36eadaa7523e4ed2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Nov 2021 10:52:28 GMT
server: cloudflare
etag: W/"6196306c-6734b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fe168ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack-pro.runtime.min.js Show response
orca.security/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 705ms
704ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 18:07:38 GMT
server: cloudflare
etag: W/"6152086a-1556"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fe568ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack.runtime.min.js Show response
orca.security/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 686ms
686ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-130f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fe668ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-modules.min.js Show response
orca.security/wp-content/plugins/elementor/assets/js/ 14 KB
5 KB 694ms
693ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-36b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fea68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
orca.security/wp-content/plugins/elementor-pro/assets/js/ 58 KB
17 KB 733ms
732ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 18:07:38 GMT
server: cloudflare
etag: W/"6152086a-e60d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fec68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 waypoints.min.js Show response
orca.security/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 716ms
715ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-2fa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024fef68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.min.js Show response
orca.security/wp-includes/js/jquery/ui/ 20 KB
7 KB 224ms
223ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 20:26:11 GMT
server: cloudflare
etag: W/"615228e3-5133"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ff468ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 swiper.min.js Show response
orca.security/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
37 KB 694ms
692ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-21f91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ff668ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 share-link.min.js Show response
orca.security/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 682ms
681ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-a12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ff868ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dialog.min.js Show response
orca.security/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 704ms
702ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-2a6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ffb68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
orca.security/wp-content/plugins/elementor/assets/js/ 36 KB
11 KB 694ms
693ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-8f15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ffd68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 preloaded-elements-handlers.min.js Show response
orca.security/wp-content/plugins/elementor-pro/assets/js/ 160 KB
39 KB 704ms
703ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.3.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 18:07:40 GMT
server: cloudflare
etag: W/"6152086c-27e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325024ffe68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 preloaded-modules.min.js Show response
orca.security/wp-content/plugins/elementor/assets/js/ 32 KB
10 KB 230ms
229ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 08:43:27 GMT
server: cloudflare
etag: W/"6194c0af-7e12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf32502480068ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.sticky.min.js Show response
orca.security/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 239ms
238ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.3.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 18:07:38 GMT
server: cloudflare
etag: W/"6152086a-19c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf32502480368ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazyload.min.js Show response
orca.security/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 661ms
660ms Script
application/javascript 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 18:14:50 GMT
server: cloudflare
etag: W/"61520a1a-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325084f6268ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb0926912f20ee4034d58dd8d707fb9df28c09a56fb5ece18a60a8e8c5ee55b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17c2f9329ae03004364713035526af6f5bcc7cb61135fe8885608c0d33c6c1cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a985ba66f8d2e96fac2d515b6df72f71d7c09a0c0a51d111686ec1719206bd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 820c374f47756d6982be87dcef79081194f7c31d138d499b1894a59acbeca465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v8/ 24 KB
24 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v8/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&family=Manrope:wght@200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://orca.security
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:54:49 GMT
x-content-type-options: nosniff
age: 227805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24356
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:09:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:54:49 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7e64923c85f87a12af4649a9425badb123d58abdb70416286c47047915eb6fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4980241b89db61e0dd5e015a9fd5727a0dedef2756a69b74ed63f69f39c2717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb2eb0b3c5bc6b7ef5f5b7cf67d5f3307ef84903892963da55e2944c6b42990b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 628
date: Fri, 17 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 17 Dec 2021 23:01:06 GMT

GET
H2 200 attributionSnippet.js Show response
ddzuuyx7zj81k.cloudfront.net/1.0.0/ 6 KB
2 KB 66ms
6ms Script
application/javascript 2600:9000:206f:8600:8:8d2f:9e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:8:8d2f:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4657e065ae1064f51941fbc288c29b3413c21de65da0195d76b39f31d63e246e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: T6SAaCG1ekqkNt_l0beJwLPE6359iUIl
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 07:21:04 GMT
server: AmazonS3
age: 54507
etag: W/"ce08146942f4ad75fd339dbe0cce8a2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
date: Fri, 17 Dec 2021 06:06:24 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 7x1bsKkCB73MgdpTLqFG7BfN0izb8SCRYdgTgv_BKxgUbqSgSJATRA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 60ms
17ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16916
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 39ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100092-IAD, cache-hhn11553-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: K2q1TF5BxjWBg4kDOMtABv4zoEIyN7se4qswp9sRrGaP3DeoUn7Z3UA/QedAaVFxnzsN4a7PIN83F/meXcrlBQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 17 Dec 2021 21:11:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3724.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 166ms
135ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3724.js?p=https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&e=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: a7dc1900-2cf9-42db-b61c-def375840925
x-runtime: 0.005185
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 6bf325095d544a7f-FRA

GET
H2 200 hotjar-1785482.js Show response
static.hotjar.com/c/ 11 KB
4 KB 77ms
11ms Script
application/javascript 13.32.22.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1785482.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-75.fra56.r.cloudfront.net

Software

Resource Hash

4880fc9e4a2f11c83b249be9c2dce540f293d4ebeb55c6b471ed45cb44a67992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 18
etag: W/9437beece0d2415c7361dc20a6dd539c
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: _MCo0k3f2h1veZcJL4sN-s29O-fNjjZZvu_H-UVRuwyGGUZOicj7Qg==
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 68 KB
25 KB 78ms
39ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9335a3578fbb78eba8922527950b8773e21ebc2d28e6f72ce9d223094bfdbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123330
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 14 Mar 2021 09:24:44 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"10eb4-5bd7bb41f7cc3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sljy%2BvPr5BGPjlFDQkOopWVaey0M7C9yuHT8e7eTMBHQuFKQylr3XF%2BgotSIQJvCCfGlaS7zq6lqew6JHOliFV8KGtLxiKi03uGiADSDbkV1kAWr%2BcUzGsltvXtWL8D5%2FZAsnDsb%2FTwOOLtZm50mYHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 6bf325096b4c4a9e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Sat, 15 Jan 2022 10:56:04 GMT

GET
H/1.1 200
OK qualified.js Show response
js.qualified.com/ 222 KB
66 KB 350ms
128ms Script
text/javascript 34.195.187.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.195.187.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-187-5.compute-1.amazonaws.com

Software

nginx /

Resource Hash

14004390038502693ca7331f91a6fae60974fc3da6bad8cbd9ec445325e84f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Request-Id: 758f92dd-05b7-d1e7-d04a-2eb2c9ec7b12
X-Runtime: 0.020644
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"14004390038502693ca7331f91a6fae6"
X-Download-Options: noopen
Vary: Accept,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=0, private, must-revalidate

GET platform.js
insiderdata360online.com/service/ 0
0

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 98ms
26ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 17 Dec 2021 21:11:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
1 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1639775494586&cv=9&fst=1639775494586&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e18ca363a7e4a904fc04e852aa8ea83f1eda500d204b146b5f92d70cd0dab4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1639775494593&cv=9&fst=1639775494593&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eb556e119c53c38929485c000187c958ebabcef6041e60647571b2e1cb884f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1209
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 208134170283065 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/208134170283065?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9d0f7e12afcd2ec81c2557fae468880e8cd2e5bf2df3f489ac40879d1e8c128

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88929
x-xss-protection: 0
pragma: public
x-fb-debug: ddSmll5tT9YSkH3coo3aZ2iCHPXp/M1fhV+3FJoY7pWKCwHRxoVDf88L9uDS0f1k9wd4p04E4RA/j6ShkxyoCw==
x-frame-options: DENY
date: Fri, 17 Dec 2021 21:11:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 33ms
18ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-PWBBWC3&t=gtm7&cid=800702439.1639775495

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71cebc29b8bdae5f954a89ae022ea09d9bfb4825a771f4c827ef25450432af90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36084
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:11:34 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-clo...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1286465%26time%3D1639775494644%26url%3Dhttps%253A%252F%252Forca.security%252Freso...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-clo...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cl...

0
372 B

312ms
116ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update&liSync=true&e_ipv6=AQLKX8GJhG5MJgAAAX3KPGO-_tCvuZHINuCy1ScPyRc6hSIfKlnRWsY1urjRt07xhAyKhTjI
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: JCDkCiCnwRZgAyvsTCsAAA==

Redirect headers

date: Fri, 17 Dec 2021 21:11:34 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7F4EB2B7E0BD48AA9455CBAA9EEEB0C8 Ref B: FRAEDGE0716 Ref C: 2021-12-17T21:11:35Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1639775494644&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update&liSync=true&e_ipv6=AQLKX8GJhG5MJgAAAX3KPGO-_tCvuZHINuCy1ScPyRc6hSIfKlnRWsY1urjRt07xhAyKhTjI
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXTXfvlc4rHt/MybGqHWQ==

GET
H2 200 adsct
t.co/i/ 43 B
470 B 145ms
115ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4qyy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2c43f79e-58f0-4c6b-978a-748fca634a9d&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Fri, 17 Dec 2021 21:11:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bc49388b28e4019846dae815dd92522c5c3de0501f0497532bc0b88e1ff765fe
x-transaction: 16ae98831af78e5a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
108 B 46ms
23ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1639775494593&cv=9&fst=1639774800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=2714910587&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
108 B 47ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1639775494593&cv=9&fst=1639774800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=2714910587&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
548 B 40ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1639775494586&cv=9&fst=1639774800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=701551969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
548 B 41ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1639775494586&cv=9&fst=1639774800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=701551969&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 35ms
9ms Script
application/javascript 13.32.22.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1785482.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-51.fra56.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 797728
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SnJueOEP4-iCXtWhcIo_f6VDiEbynxw1bP8D4AbWcPM4b4QUnL-25g==

GET
H3 200 531606811287204 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/531606811287204?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9219bca0b32c0c23c27a3b2a656f186ba7f52721559e06889e52eb444eaf757

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88825
x-xss-protection: 0
pragma: public
x-fb-debug: 9oBcp9miP4uvSEFndNM9KCsQ9dcIXfD9F+tLfpB4CUw1dK3Xp6bHxhMfNv/wTdr1WQsqv8xZN3Yj6K1UF2eUDA==
x-frame-options: DENY
date: Fri, 17 Dec 2021 21:11:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=208134170283065&ev=PageView&dl=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&rl=&if=false&ts=1639775494707&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639775494705.1602072817&it=1639775494627&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 17 Dec 2021 21:11:34 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
676 B 159ms
127ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4qyy&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2c43f79e-58f0-4c6b-978a-748fca634a9d&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Fri, 17 Dec 2021 21:11:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 67249008fe9d3187f4eab18da5c2e6472098e467a15179ec37399839d68a3254
x-transaction: dfa2685d1cac4036
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 59d4f40d1d34663b.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 51ms
8ms Script
application/javascript 13.32.22.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/59d4f40d1d34663b.min.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52307fd574f1fa03351268dd2a8611b6a5e34fb66d31305835184c1a9da7878e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: ycYHCvsZvNLpXbL.x2Wwya.xfnfTyDRo
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 11:16:44 GMT
server: AmazonS3
age: 1516
etag: W/"0c7cc7d76689f9da37d2eec14bc18eff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Fri, 17 Dec 2021 20:54:21 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: kjQIazBUwLG1dD2Fm1MLEdBZjneqty3wT7xqbmJQbNnO_0yTDLcBkg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=459125293&t=pageview&_s=1&dl=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&ul=en-us&de=UTF-8&dt=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=9116476&gjid=1287630150&cid=800702439.1639775495&tid=UA-141329870-1&_gid=575168281.1639775495&_r=1&gtm=2wgc10MFH8KTP&z=277826571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 202 KB
56 KB 50ms
8ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: d40ac1a0f352815e6ac4d239970d2803b3fef1dea0f993914e4a3496db07dc16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:34 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 12/17/2021 14:41:13
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: QVDXN44PVTAT856G
x-amz-id-2: oatUJMCx9RqoyWFqZuM/TA16X5LozabNanZTrgLftcZllmXHW2AX8HtGRqhCRrngE28mHISoeR4=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Fri, 17 Dec 2021 13:40:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 89f4b79f0f2e3d6ef2e51d260676a93c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 7E1B 2 KB
1 KB 37ms
8ms Document
text/html 143.204.209.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1785482.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-102.fra53.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 23Wjqptlg0dsmJgQAbYvRtrCqixPdEZNwPYZIzEsYzET10gUnRubHQ==
age: 1315108

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
687 B 62ms
26ms XHR
application/json 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:11:35 GMT
X-Proxy-Origin: 194.36.108.19; 194.36.108.19; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cb7c5459-3cc1-4593-98d6-a87390c6a258
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://orca.security
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
369 B 64ms
18ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0545e0e27dc39d8d312f668966c6900b7f2bc16120778c1c52b7815ceeedbbb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:35 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://orca.security
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=531606811287204&ev=PageView&dl=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&rl=&if=false&ts=1639775495006&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639775494705.1602072817&it=1639775494627&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 17 Dec 2021 21:11:35 GMT

POST
H2 200 statsV2 Show response
monitor.clickcease.com/monitor/api/ 42 B
180 B 288ms
93ms XHR
application/json 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/monitor/api/statsV2?type=object
Requested by: Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:34 GMT
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vm: 10.1.0.20
content-length: 42
expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-141329870-1&cid=800702439.1639775495&jid=9116476&gjid=1287630150&_gid=575168281.1639775495&_u=aGDAAEACQAAAAC~&z=1296044290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Dec 2021 21:11:35 GMT
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog&verifyHash=3df1cbcb1f4bc8bec6a3886be3f9a7e2e172cde9

26 B
409 B

100ms
100ms

Image
image/gif

143.204.209.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog&verifyHash=3df1cbcb1f4bc8bec6a3886be3f9a7e2e172cde9
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: HTTP/1.1
Server: 143.204.209.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-106.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:35 GMT
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: d5455026673341ee
X-Amz-Cf-Id: 3vx4woR92_6TzRlnO8rKG-nBwQ2IyDo0c1Geuhj1eLRKqlvKtoDB7Q==

Redirect headers

Date: Fri, 17 Dec 2021 21:11:35 GMT
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAIhF07DefoAAEFMDrtmog&verifyHash=3df1cbcb1f4bc8bec6a3886be3f9a7e2e172cde9
Connection: keep-alive
trace-id: 0ab9aa7bc1cb6940
Content-Length: 0
X-Amz-Cf-Id: t-PW-pc3421QmeEE5itAEVXcGqn3EMmdYkbeIHARcjKaSRaJCHc0TA==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 43ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
1 KB 92ms
62ms XHR
application/json 143.204.209.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&page_title=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&src=tag&auth=wuoupyf5LR8SfP5Ve8uVF7smOhVC75FAA5WFB4YX
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/59d4f40d1d34663b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-129.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: daec8788e84fb2ce33d51b538bcec5c09a261bf108aef7a99d075effc17212c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
identification-source: CACHE
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
request-id: 2d140ca5-957d-4e19-8c09-f01d5b3a821f
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://orca.security
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t4vNltZN7HqTtxQLpLC4ag4CzxE9J1nGQg97hxxJGnhHRoet8TSeCQ==
expires: Thu, 16 Dec 2021 21:11:35 GMT

GET
H2 200 78657 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 134ms
97ms XHR
application/json 13.35.253.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/78657?d=orca.security
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-13.fra6.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: e73df7bc442af50ce30e287bc18e220aa82300cd947dfeaac221a03e6e28ce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: FRA6-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 88433
x-user-agent: standard--
last-modified: Wed, 15 Dec 2021 20:55:02 GMT
server: Pagely Gateway/1.5.1
etag: W/"14d69018abc0252f7719b963b9b97666"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: xdSzrGcnsXNvKBuc54MMR5V3MD5D6olHS6ZdK6IsF2gCOzNcezyX3Q==
expires: Fri, 17 Dec 2021 21:01:35 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 239ms
191ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A34%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:35 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1785482/ 146 B
323 B 109ms
36ms XHR
application/json 99.80.125.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1785482/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
1 KB 69ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1639775495084&cv=9&fst=1639775495084&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c811fee6d0a3e7926657248916387265b775bce327c139185e0caf9f689ec787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo-fully-white.svg
orca.security/wp-content/uploads/2021/07/ 6 KB
3 KB 195ms
194ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/07/logo-fully-white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:28 GMT
server: cloudflare
etag: W/"6151f5a0-1762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c696468ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.svg
orca.security/wp-content/uploads/2021/04/ 6 KB
3 KB 676ms
675ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/04/logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74706fc3a0764eb273029a2ca83422dd8663978130573095d48f7ed260f28671

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:12 GMT
server: cloudflare
etag: W/"6151f590-1709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c696868ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-nav-side-scanning.svg
orca.security/wp-content/uploads/2021/04/ 745 B
753 B 191ms
190ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/04/icon-nav-side-scanning.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96013f6b4e9951ddd7ae61b140725c8c7304f04678a564eb7cbcfe92c1d7907e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:12 GMT
server: cloudflare
etag: W/"6151f590-2e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c696c68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-nav-context-aware-security.svg
orca.security/wp-content/uploads/2021/04/ 1 KB
789 B 662ms
660ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/04/icon-nav-context-aware-security.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b601511092fda067306d53553d0efb2f35c4db48bb7c0fd805361ff18d1754e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:12 GMT
server: cloudflare
etag: W/"6151f590-50f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c797568ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-nav-built-in-compliance.svg
orca.security/wp-content/uploads/2021/04/ 813 B
797 B 219ms
217ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/04/icon-nav-built-in-compliance.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acbd93159ae1b4328975ed08d167c7f7b49b08da15c230ba5fe555530cea591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:12 GMT
server: cloudflare
etag: W/"6151f590-32d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c797768ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-nav-customization.svg
orca.security/wp-content/uploads/2021/04/ 1 KB
788 B 665ms
663ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/04/icon-nav-customization.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d020ea27c7d535f2801bc3dd9048c745bd01abc7c17969d65ba9a2288eef94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Sep 2021 16:47:12 GMT
server: cloudflare
etag: W/"6151f590-55d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf3250c797b68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nav-join-the-program.jpg
i0.wp.com/orca.security/wp-content/uploads/2021/07/ 17 KB
18 KB 34ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/orca.security/wp-content/uploads/2021/07/nav-join-the-program.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

23307d92dd6519d3739e24779bd4e1ffaf72fc2791638862a4fe90767e9c7557

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 14:12:26 GMT
server: nginx
etag: "20da54f8a37819b1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://orca.security/wp-content/uploads/2021/07/nav-join-the-program.jpg>; rel="canonical"
content-length: 17742
expires: Fri, 15 Sep 2023 02:12:26 GMT

GET
H2 200 nav-join-our-team_101421.jpg
i0.wp.com/orca.security/wp-content/uploads/2021/10/ 30 KB
31 KB 39ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/orca.security/wp-content/uploads/2021/10/nav-join-our-team_101421.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

722e5c73d925545f85a65c3c72ebc651ba470bf9a3e4c4a7b63b4823d16527d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 14:35:16 GMT
server: nginx
etag: "52d9eee16432ad21"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://orca.security/wp-content/uploads/2021/10/nav-join-our-team_101421.jpg>; rel="canonical"
content-length: 31168
expires: Sun, 15 Oct 2023 02:35:16 GMT

GET
H2 200 nav_resource_featured.jpg
i0.wp.com/orca.security/wp-content/uploads/2021/11/ 13 KB
13 KB 44ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/orca.security/wp-content/uploads/2021/11/nav_resource_featured.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

824e676a9cc28ecab70127f602c4ef83fd66b95d71a315bd0776f3e8d05e3497

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 14:39:26 GMT
server: nginx
etag: "acfd7e73da23e1a6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://orca.security/wp-content/uploads/2021/11/nav_resource_featured.jpg>; rel="canonical"
content-length: 13546
expires: Sun, 19 Nov 2023 02:39:26 GMT

GET
H2 200 avatar_orca_Deborah-Galea.png
i0.wp.com/orca.security/wp-content/uploads/2021/11/ 6 KB
6 KB 44ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/orca.security/wp-content/uploads/2021/11/avatar_orca_Deborah-Galea.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Nov 2021 11:04:53 GMT
server: nginx
etag: "12895cc5c9bb08ab"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://orca.security/wp-content/uploads/2021/11/avatar_orca_Deborah-Galea.png>; rel="canonical"
content-length: 6064
expires: Sun, 19 Nov 2023 23:04:53 GMT

GET
H2 200 blog_log4j-vulnerability_featured.jpg
i0.wp.com/orca.security/wp-content/uploads/2021/12/ 40 KB
40 KB 44ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/orca.security/wp-content/uploads/2021/12/blog_log4j-vulnerability_featured.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

cd7fc6de2bfe9d11a7d82be1571e0f6782d586ba1b264175b4db50b474768a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Dec 2021 19:11:29 GMT
server: nginx
etag: "46e75466971ad02d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://orca.security/wp-content/uploads/2021/12/blog_log4j-vulnerability_featured.jpg>; rel="canonical"
content-length: 41224
expires: Thu, 14 Dec 2023 07:11:29 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
31ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141329870-1&cid=800702439.1639775495&jid=9116476&_u=aGDAAEACQAAAAC~&z=831515232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-141329870-1&cid=800702439.1639775495&jid=9116476&_u=aGDAAEACQAAAAC~&z=831515232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1639775495084&cv=9&fst=1639774800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=2474820925&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1639775495084&cv=9&fst=1639774800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&tiba=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&async=1&fmt=3&is_vtc=1&random=2474820925&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 13ms
13ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 12/15/2021 02:38:46
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver: 1.02
cdn-fileserver: 162
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: b3ad6c9db87f76f1b1e90192481b0f3b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A63E 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://orca.security
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/

Response headers

content-type: text/plain
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 17 Dec 2021 21:11:35 GMT

OPTIONS
H2 204 entry2
monitor.clickcease.com/V2/recorder/ Frame 0
0 92ms
92ms Preflight 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/V2/recorder/entry2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://orca.security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:34 GMT

POST
H2 200 entry2 Show response
monitor.clickcease.com/V2/recorder/ 120 B
208 B 813ms
314ms Fetch
text/plain 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://monitor.clickcease.com/V2/recorder/entry2

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

940a38fee1931281e3241f6756471a6c3795f0545573165d8caf3ffec7ab797a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=2592000
server: Kestrel
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:35 GMT
content-type: text/plain; charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7AA0 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://orca.security
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/

Response headers

content-type: text/plain
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 17 Dec 2021 21:11:35 GMT

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/gndr1NireXGRNRuC/ Frame 5530 3 KB
2 KB 340ms
119ms Document
text/html 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-249-86.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0ba1b5b788fd5fe2ff5b04541a9f6c9e8c57160b0e46ad58ecfe72884be53016

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Dec 2021 21:11:35 GMT
Etag: W/"0ba1b5b788fd5fe2ff5b04541a9f6c9e"
Link: </packs/css/2-d29c8f89.chunk.css>; rel=preload; as=style; nopush,</packs/css/widget/sandboxed/messenger-d46acbed.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (279557a225d7)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: b3f6dd8e-44ee-2d59-e538-37fb88070e96
X-Runtime: 0.015785
X-Xss-Protection: 1; mode=block
Content-Length: 1111

GET
H/1.0 200
OK dc.js Show response
go.orca.security/dcjs/898611/14/ 46 B
638 B 198ms
197ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.orca.security/dcjs/898611/14/dc.js
Requested by: Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 7bba17b490076798f613f9b01da8d6a2eb79808ae687d3e56543ba95fff3b16c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:11:35 GMT
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 16/34/99
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 46
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
660 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 20:09:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 21:11:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 21:11:35 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://orca.security
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 248221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 00:14:34 GMT

GET
H2 200 31c89e89cc65df80be0e44e98d99b656-optin.json Show response
a.omappapi.com/app/campaign-views/16cbaba9fcb1/jnycn6iy2dhaa1tefgom/ 35 KB
7 KB 26ms
8ms XHR
application/json 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/16cbaba9fcb1/jnycn6iy2dhaa1tefgom/31c89e89cc65df80be0e44e98d99b656-optin.json
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 5405b792671a2c397f638058993306adc35ad1716cdd53cd570a76115de1db01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:35 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 12/15/2021 21:09:23
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 17:28:54 GMT
cdn-proxyver: 1.02
cdn-fileserver: 272
vary: Accept-Encoding
content-type: application/json
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: c505934fb1e61f53a154d20cd3dc7998
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 Log4Shell-icon.svg
orca.security/wp-content/uploads/2021/12/ 634 B
767 B 655ms
654ms Image
image/svg+xml 162.159.134.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/12/Log4Shell-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a618f7b15cccbfc0df5ef22619f97b022bd9d7474039e6ab301082e7defd0dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=16.6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 17:00:45 GMT
server: cloudflare
etag: W/"61b77c3d-27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6bf325113d0b68ef-FRA
x-edge-location-klb: 1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
201 B 316ms
115ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=78657&cid=jnycn6iy2dhaa1tefgom&sid=5f178b57ef8a9&rt=false&dv=desktop&cty=floating&url=resources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud&v=5
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/0.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Fri, 17 Dec 2021 21:11:36 GMT
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
Connection: keep-alive

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 189ms
189ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A34%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 2-d29c8f89.chunk.css
app.qualified.com/packs/css/ Frame 5530 20 KB
4 KB 102ms
102ms Stylesheet
text/css 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/css/2-d29c8f89.chunk.css
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 889910bd602fe775e79f9b7e78d50040c61d9494b90ebc97800b3ae7976cbb49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:54:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 3894
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger-d46acbed.chunk.css
app.qualified.com/packs/css/widget/sandboxed/ Frame 5530 5 KB
1 KB 205ms
102ms Stylesheet
text/css 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/css/widget/sandboxed/messenger-d46acbed.chunk.css
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 19450de42b740616a0ae81907248584c4129e7a46c32a0c735a56d1572b5b380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:54:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 1115
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger~runtime-dafe21483d2a4a7bd206.js Show response
app.qualified.com/packs/js/widget/sandboxed/ Frame 5530 1 KB
1 KB 299ms
99ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget/sandboxed/messenger~runtime-dafe21483d2a4a7bd206.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c0836e0ca85c352993c12e75d531b1394a2be0b679828a749c1922b9f66032a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:54:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 728
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2-48f39726a5680a1d470b.chunk.js Show response
app.qualified.com/packs/js/widget-sandboxed-chunks/ Frame 5530 1 MB
315 KB 302ms
102ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget-sandboxed-chunks/2-48f39726a5680a1d470b.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 733a1a6f4c1428f03771394f9e8fa1b509c880ff9c048e1df138fc225b77cf4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:54:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 321885
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger-a7b76f69732d4b031f26.chunk.js Show response
app.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 5530 413 KB
89 KB 206ms
102ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-a7b76f69732d4b031f26.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1ff623d8636bcdc90cc07328d3e3bac68206e2b7d898147fe3e1e35a87827400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Dec 2021 19:54:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 90794
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Inter-Regular-cd3c302ecefb19f92003ef258645c37c.woff2
app.qualified.com/packs/media/fonts/inter/ Frame 5530 115 KB
115 KB 299ms
98ms Font
font/woff2 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/media/fonts/inter/Inter-Regular-cd3c302ecefb19f92003ef258645c37c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bf1ffcb96984568b22f7a9029dd980abb5a4a47700f588a16b8ace0f7412977e

Request headers

Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Origin: https://app.qualified.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Via: 1.1 spaces-router (279557a225d7)
Last-Modified: Fri, 17 Dec 2021 19:56:33 GMT
Server: nginx
Etag: "61bceb71-1ca00"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 117248
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Inter-SemiBold-c1b3bf01f912184899dbb6fbb4029910.woff2
app.qualified.com/packs/media/fonts/inter/ Frame 5530 123 KB
123 KB 300ms
99ms Font
font/woff2 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/media/fonts/inter/Inter-SemiBold-c1b3bf01f912184899dbb6fbb4029910.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41e5c059963bd8f9bc4097f78535c3d722f4d73e75c46b2df5cc74bf864af150

Request headers

Referer: https://app.qualified.com/w/1/gndr1NireXGRNRuC/messenger?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Origin: https://app.qualified.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:36 GMT
Via: 1.1 spaces-router (279557a225d7)
Last-Modified: Fri, 17 Dec 2021 19:56:33 GMT
Server: nginx
Etag: "61bceb71-1eacc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 125644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 194ms
194ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A35%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:37 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 195ms
194ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A36%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:38 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 204 entry2
monitor.clickcease.com/V2/recorder/ Frame 0
0 93ms
93ms Preflight 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/V2/recorder/entry2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://orca.security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:37 GMT

POST
H2 200 entry2 Show response
monitor.clickcease.com/V2/recorder/ 29 B
63 B 134ms
134ms Fetch
text/plain 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://monitor.clickcease.com/V2/recorder/entry2

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6164f25f6113cc1738bb6336ab3348bde9dcf314a0e0f95c96ccb2e242d3e56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=2592000
server: Kestrel
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:37 GMT
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 197ms
197ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A37%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:39 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 191ms
190ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A38%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:40 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H/1.1 200
OK page_views
app.qualified.com/w/1/gndr1NireXGRNRuC/ Frame 0
0 298ms
99ms Preflight 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/w/1/gndr1NireXGRNRuC/page_views?uuid=638a1410-c5a2-4709-a70a-51554c4fe666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://orca.security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Access-Control-Max-Age: 7200
Date: Fri, 17 Dec 2021 21:11:40 GMT
Server: nginx
Via: 1.1 spaces-router (279557a225d7)
Content-Length: 0

POST
H/1.1 200
OK page_views Show response
app.qualified.com/w/1/gndr1NireXGRNRuC/ 286 B
1 KB 206ms
206ms XHR
application/json 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/gndr1NireXGRNRuC/page_views?uuid=638a1410-c5a2-4709-a70a-51554c4fe666

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-249-86.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c01bc20d3821397e799626d2dca52c8311d1b54741206e2b4565af0cb80cc479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json; charset=UTF-8

Response headers

Date: Fri, 17 Dec 2021 21:11:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Vary: Accept, Accept-Encoding, Origin
Content-Length: 264
X-Xss-Protection: 1; mode=block
X-Request-Id: 2d2beaa8-9954-3a14-490f-6b0791e9e535
X-Runtime: 0.049298
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"c01bc20d3821397e799626d2dca52c83"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, PUT, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 spaces-router (279557a225d7)
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 190ms
190ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A39%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%226010%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:41 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 419ms
104ms Script
application/javascript 52.202.69.186

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 -, , ASN (),
Reverse DNS
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:41 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Last-Modified: Fri, 17 Dec 2021 05:16:14 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Sun, 17 Dec 2023 21:11:41 GMT

OPTIONS
H2 204 entry2
monitor.clickcease.com/V2/recorder/ Frame 0
0 97ms
96ms Preflight 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/V2/recorder/entry2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://orca.security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:40 GMT

POST
H2 200 entry2 Show response
monitor.clickcease.com/V2/recorder/ 29 B
63 B 140ms
139ms Fetch
text/plain 2a01:111:f100:2000::a83e:3309
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://monitor.clickcease.com/V2/recorder/entry2

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:2000::a83e:3309 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6164f25f6113cc1738bb6336ab3348bde9dcf314a0e0f95c96ccb2e242d3e56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://orca.security/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=2592000
server: Kestrel
vm: 10.1.0.20
date: Fri, 17 Dec 2021 21:11:40 GMT
content-type: text/plain; charset=utf-8

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 3 KB
3 KB 305ms
305ms Script
text/javascript 52.202.69.186

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=9607&account_id=899611&title=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&referrer=&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_medium=email&utm_source=orcaemail&utm_content=log4j-update

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.69.186 -, , ASN (),

Reverse DNS

Software

PardotServer /

Resource Hash

ff81cdf3bba93dcc1f98e859939be421fec3f1d10b4fa68a874ce6afd1819d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:11:41 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp: 17/12/211
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 1444
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
go.orca.security/ 50 B
1 KB 282ms
282ms Script
text/javascript 18.232.28.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.orca.security/analytics?conly=true&visitor_id=890504191&visitor_id_sign=be854bd9b462d065200011b6d689ae09d59f3314a9ea4f767a4ad7983f19657e537fd1d8a996fe71153bc1989661246108366740&pi_opt_in=&campaign_id=9607&account_id=899611&title=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS,%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20|%20Orca%20Security&url=https://orca.security/resources/blog/instantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud/?utm_source=orcaemail&utm_medium=email&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_content=log4j-update&utm_source=orcaemail&utm_medium=email&utm_content=log4j-update&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&referrer=&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_medium=email&utm_source=orcaemail&utm_content=log4j-update
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=9607&account_id=899611&title=Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&referrer=&utm_campaign=21-Q2-Risk-Assessment-Program-Orca&utm_medium=email&utm_source=orcaemail&utm_content=log4j-update
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.232.28.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-6-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:11:42 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: e95a292e477f6214c8e77c2cf881a7d3
X-Pardot-Rsp: 16/7/213
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 191ms
191ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=64bb1002c27a000006fdbc61b90200008a3e1800&session=ab395b8f-95d6-4525-83d1-3627878a193a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2017%20Dec%202021%2021%3A11%3A41%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Orca%20helps%20customers%20find%20Log4j%20vulnerabilities%20within%20their%20cloud%20applications.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Instantly%20Detect%20Log4j%20Vulnerabilities%20on%20AWS%2C%20Azure%20and%20Google%20Cloud%20-%20Complete%20Cloud%20Security%20in%20Minutes%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Finstantly-detect-log4j-vulnerabilities-on-aws-azure-and-google-cloud%2F%3Futm_source%3Dorcaemail%26utm_medium%3Demail%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca%26utm_content%3Dlog4j-update%26utm_source%3Dorcaemail%26utm_medium%3Demail%26utm_content%3Dlog4j-update%26utm_campaign%3D21-Q2-Risk-Assessment-Program-Orca&pageViewId=6c84ebc8-d9ab-4121-8565-7278e8591b6e&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:11:42 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: insiderdata360online.com
URL: https://insiderdata360online.com/service/platform.js?ran=0.209637415500171

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.orca.security/	1970-01-23 15:05:35	Name: visitor_id898611 Value: 890504011
go.orca.security/	1970-01-23 15:05:35	Name: visitor_id898611-hash Value: f3c230680513b444cea96b60cbc80c2954a4efa656a00cd10f13e0c01d8f411fcd561605c055aa6f13caafbbe63329e00d5aa514
orca.security/	1970-01-19 23:29:37	Name: ppwp_wp_session Value: 91fa4238725a7ffc802c2e16950184a9%7C%7C1639776970%7C%7C1639776610
orca.security/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0095ef5009c6a465dc1cec4b33ca3a65
.orca.security/	1970-01-20 01:39:11	Name: _gcl_au Value: 1.1.1433654653.1639775493
.orca.security/	1970-01-20 17:00:47	Name: _ga Value: GA1.2.800702439.1639775495
.orca.security/	1970-01-19 23:31:01	Name: _gid Value: GA1.2.575168281.1639775495
.orca.security/	1970-01-20 01:39:11	Name: _fbp Value: fb.1.1639775494705.1602072817
.6sc.co/	1970-01-20 17:00:47	Name: 6suuid Value: 64bb1002c27a000006fdbc61b90200008a3e1800
tracking.g2crowd.com/	1970-01-19 23:49:45	Name: _session_id Value: d6773f4a63bab04f1aad957eab1d85fb
.g2crowd.com/	1970-01-19 23:29:37	Name: __cf_bm Value: E8.QZA6memCgCNpVl87b3icaDjtxLg6Y.vxLjs2PRTk-1639775494-0-AaM2RCdKIJxqukLsNgjhHXqomj7VajyG4t6eVW1lKHWb2ZEtO8k2KqHA1PlHBjw7eo8uR4cK4094HePfH1bQayA=
.linkedin.com/	1970-01-20 00:12:47	Name: UserMatchHistory Value: AQLINpVqyO0VzAAAAX3KPGJEenydi5oBBP30bNQyOb7SNsrcjS0hyVkSzGdZMcVESO6p60OQzmHwcg
.linkedin.com/	1970-01-20 00:12:47	Name: AnalyticsSyncHistory Value: AQLh-IMNTdZTYAAAAX3KPGJEULH4X6x2x6X0XAtVLlmUd6VteNwUFSqhl2hJTutbO3tHvdO7Q4MqvKM4wsKapA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:01:29	Name: bcookie Value: "v=2&a8241bce-9d50-4c55-8af4-ccde065c74da"
.linkedin.com/	1970-01-19 23:31:01	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2507:u=1:x=1:i=1639775494:t=1639861894:v=2:sig=AQGkXKvgqzWswUxE8iF6Fs6EYsLHx5oE"
.orca.security/	1970-01-19 23:29:35	Name: _gat_UA-141329870-1 Value: 1
.twitter.com/	1970-01-20 17:00:47	Name: personalization_id Value: "v1_fxgyIGSKDIKxNxyeHNrnSg=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:01:29	Name: bscookie Value: "v=1&202112172111345a7cb928-e699-4d1b-846a-219df3117c94AQHfJNZrm0h_lDiPBHumYvae1GbigYB3"
.linkedin.com/	1970-01-20 16:59:30	Name: li_gc Value: MTswOzE2Mzk3NzU0OTQ7MjswMjFiRGNnJIzieLJzmgu9F7kKhNQEWsv77wD8xLwDQkDBmw==
orca.security/	1970-01-23 23:28:09	Name: _omappvp Value: 9OsvIGnPflV8RDkcVcLLXhYD1x6mxcqRMzRDI0GcVKMWvY5aO1X7SLbe9TsIufPYk0WwvG2FM5jgYHZ6KPv0CHMxPxvOF2j7
orca.security/	1970-01-19 23:29:36	Name: _omappvs Value: 1639775495063
orca.security/	1970-01-19 23:39:40	Name: _an_uid Value: 0
orca.security/	1970-01-20 17:00:47	Name: _gd_visitor Value: ceef08d7-2cdf-4e45-8e2c-3f6a7370bcf2
orca.security/	1970-01-19 23:29:49	Name: _gd_session Value: ab395b8f-95d6-4525-83d1-3627878a193a
orca.security/	1970-01-20 17:00:47	Name: _gd_svisitor Value: 64bb1002c27a000006fdbc61b90200008a3e1800
.orca.security/	1970-01-20 08:15:11	Name: _hjSessionUser_1785482 Value: eyJpZCI6IjJjNThhODU0LWQxMTgtNTAwOC04NjJiLTMxNTk3NTc1Nzk0MSIsImNyZWF0ZWQiOjE2Mzk3NzU0OTQ5OTgsImV4aXN0aW5nIjpmYWxzZX0=
.orca.security/	1970-01-19 23:29:37	Name: _hjFirstSeen Value: 1
.orca.security/	1970-01-19 23:29:37	Name: _hjSession_1785482 Value: eyJpZCI6IjE3YzBlYzRhLTlhZWYtNGI2MS05MTM3LTQ0YWY4Y2Q3YzhjNyIsImNyZWF0ZWQiOjE2Mzk3NzU0OTUwNzl9
orca.security/	1970-01-19 23:29:35	Name: _hjIncludedInPageviewSample Value: 1
.orca.security/	1970-01-19 23:29:37	Name: _hjAbsoluteSessionInProgress Value: 0
orca.security/	1970-01-19 23:29:35	Name: _hjIncludedInSessionSample Value: 0
.orca.security/	1970-01-23 15:05:35	Name: __q_state_gndr1NireXGRNRuC Value: eyJ1dWlkIjoiNjM4YTE0MTAtYzVhMi00NzA5LWE3MGEtNTE1NTRjNGZlNjY2IiwiY29va2llRG9tYWluIjoib3JjYS5zZWN1cml0eSJ9
.doubleclick.net/	1970-01-20 08:51:11	Name: IDE Value: AHWqTUlL43nzbKxBB2w0rGLw5sFW82TM6RXM5q829b_Bd3y6vjOEEDM-6gbjhMYy
.bidr.io/	1970-01-20 08:58:05	Name: bito Value: AAIhF07DefoAAEFMDrtmog
.bidr.io/	1970-01-20 08:58:05	Name: bitoIsSecure Value: ok
.company-target.com/	1970-01-20 17:00:47	Name: tuuid Value: 4103dc15-6a9c-4c9c-a13c-d7e24b6d2ed1
.company-target.com/	1970-01-20 17:00:47	Name: tuuid_lu Value: 1639775495
.orca.security/	1970-01-20 08:15:11	Name: _omra Value: %7B%22jnycn6iy2dhaa1tefgom%22%3A%22view%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://insiderdata360online.com/service/platform.js?ran=0.209637415500171 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
analytics.twitter.com
api.company-target.com
api.omappapi.com
app.qualified.com
b.6sc.co
c.6sc.co
code.jquery.com
connect.facebook.net
ddzuuyx7zj81k.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.orca.security
googleads.g.doubleclick.net
i0.wp.com
id.rlcdn.com
in.hotjar.com
insiderdata360online.com
j.6sc.co
js.qualified.com
match.prod.bidr.io
monitor.clickcease.com
orca.security
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
tracking.g2crowd.com
vars.hotjar.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
z.omappapi.com
insiderdata360online.com
100.25.249.86
104.111.233.140
104.244.42.5
104.244.42.67
108.174.10.14
13.32.22.51
13.32.22.75
13.32.22.85
13.35.253.13
143.204.209.102
143.204.209.106
143.204.209.129
162.159.134.42
178.128.135.233
18.232.28.189
185.33.220.216
192.0.77.2
199.232.136.157
2001:4de0:ac18::1:a:3b
216.58.212.130
2600:9000:206f:8600:8:8d2f:9e00:21
2606:4700:20::ac43:4470
2606:4700::6812:1bbe
2620:1ec:21::14
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9d
2a01:111:f100:2000::a83e:3309
2a02:26f0:6c00::210:ba0a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.195.187.5
35.244.174.68
52.202.69.186
52.49.89.229
89.187.169.47
99.80.125.216
03742e65ae04095075da7f822536f6e4c7110a767047e3607543f384fc1c3f36
0545e0e27dc39d8d312f668966c6900b7f2bc16120778c1c52b7815ceeedbbb0
0ba1b5b788fd5fe2ff5b04541a9f6c9e8c57160b0e46ad58ecfe72884be53016
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14004390038502693ca7331f91a6fae60974fc3da6bad8cbd9ec445325e84f53
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
17c2f9329ae03004364713035526af6f5bcc7cb61135fe8885608c0d33c6c1cf
19450de42b740616a0ae81907248584c4129e7a46c32a0c735a56d1572b5b380
1ff623d8636bcdc90cc07328d3e3bac68206e2b7d898147fe3e1e35a87827400
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23307d92dd6519d3739e24779bd4e1ffaf72fc2791638862a4fe90767e9c7557
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2c347d58c696d6e371b92485f7705ffe574ed5eff3758f6fd919e6241caf19f2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
41e5c059963bd8f9bc4097f78535c3d722f4d73e75c46b2df5cc74bf864af150
4657e065ae1064f51941fbc288c29b3413c21de65da0195d76b39f31d63e246e
46a81d9eecf758da54f09983d052b2f0404104cd8bb4affeed2209c5481156d4
4880fc9e4a2f11c83b249be9c2dce540f293d4ebeb55c6b471ed45cb44a67992
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4acbd93159ae1b4328975ed08d167c7f7b49b08da15c230ba5fe555530cea591
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e8b062018e10f9da5279f7ea03eb0f229a656ba1f82016ed76a82ae1e70cf6d
52307fd574f1fa03351268dd2a8611b6a5e34fb66d31305835184c1a9da7878e
52adbaf8b7004e3e0ef2b06be5492748eeef0bdfbc2d91b4aa3aa7ddd7028703
5405b792671a2c397f638058993306adc35ad1716cdd53cd570a76115de1db01
587e022b442a0d7013a27f5fd2db035e28a74318d44dac1ac431f124c615bb37
5bb66e1a365093548f51bc82e11d1a321cae744311958f9ff73c449d84f59aab
6164f25f6113cc1738bb6336ab3348bde9dcf314a0e0f95c96ccb2e242d3e56d
6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6eb556e119c53c38929485c000187c958ebabcef6041e60647571b2e1cb884f6
6f0c8952d42f1e78c14d70611224c862d91d281e917b9e2d679fff15b246b379
71cebc29b8bdae5f954a89ae022ea09d9bfb4825a771f4c827ef25450432af90
722e5c73d925545f85a65c3c72ebc651ba470bf9a3e4c4a7b63b4823d16527d8
733a1a6f4c1428f03771394f9e8fa1b509c880ff9c048e1df138fc225b77cf4b
74706fc3a0764eb273029a2ca83422dd8663978130573095d48f7ed260f28671
785c1179e9138a30fccbcd502d81ad2920049a12fd3d83fae433052e9be4c62f
7bba17b490076798f613f9b01da8d6a2eb79808ae687d3e56543ba95fff3b16c
820c374f47756d6982be87dcef79081194f7c31d138d499b1894a59acbeca465
824e676a9cc28ecab70127f602c4ef83fd66b95d71a315bd0776f3e8d05e3497
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
889910bd602fe775e79f9b7e78d50040c61d9494b90ebc97800b3ae7976cbb49
88e54d012a1ec7eb247e4e282cb81ef401068961aecace72f5be669f3b03c291
897ebbdf379aeb2c751275f083d298f15b094902c6bd6a66405ffb0604c64124
8dc8923fc00490445ececc0094581e4ce7238371b2ecff7a573497c934608e9f
940a38fee1931281e3241f6756471a6c3795f0545573165d8caf3ffec7ab797a
96013f6b4e9951ddd7ae61b140725c8c7304f04678a564eb7cbcfe92c1d7907e
97d020ea27c7d535f2801bc3dd9048c745bd01abc7c17969d65ba9a2288eef94
9af6cc766bb30e9809acc21d253b1c5bb67d998583cbb33d24d18b95f658b18d
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a4980241b89db61e0dd5e015a9fd5727a0dedef2756a69b74ed63f69f39c2717
a618f7b15cccbfc0df5ef22619f97b022bd9d7474039e6ab301082e7defd0dc6
a985ba66f8d2e96fac2d515b6df72f71d7c09a0c0a51d111686ec1719206bd5a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae1876d0189ba7c373d5f34da1fa27191f72623c1d67fa13a76bd83f2698373e
afbced10cf170811bd5ea25e8d37a95c166e3e8743aedc3af1485df9b6dc48f7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f
b601511092fda067306d53553d0efb2f35c4db48bb7c0fd805361ff18d1754e3
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bf1ffcb96984568b22f7a9029dd980abb5a4a47700f588a16b8ace0f7412977e
c01bc20d3821397e799626d2dca52c8311d1b54741206e2b4565af0cb80cc479
c07872c94137c75eff810332cf06d85a8a5c82b5c3bf803a616c8079abfaa9d4
c0836e0ca85c352993c12e75d531b1394a2be0b679828a749c1922b9f66032a9
c811fee6d0a3e7926657248916387265b775bce327c139185e0caf9f689ec787
c9d0f7e12afcd2ec81c2557fae468880e8cd2e5bf2df3f489ac40879d1e8c128
cb0926912f20ee4034d58dd8d707fb9df28c09a56fb5ece18a60a8e8c5ee55b6
cd7fc6de2bfe9d11a7d82be1571e0f6782d586ba1b264175b4db50b474768a8f
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d40ac1a0f352815e6ac4d239970d2803b3fef1dea0f993914e4a3496db07dc16
d7e64923c85f87a12af4649a9425badb123d58abdb70416286c47047915eb6fa
daec8788e84fb2ce33d51b538bcec5c09a261bf108aef7a99d075effc17212c8
dbc0c89263ae4e2266e70ad254361c7d00978926e2924cd36eadaa7523e4ed2c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31
e18ca363a7e4a904fc04e852aa8ea83f1eda500d204b146b5f92d70cd0dab4ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855
e73df7bc442af50ce30e287bc18e220aa82300cd947dfeaac221a03e6e28ce2c
e9219bca0b32c0c23c27a3b2a656f186ba7f52721559e06889e52eb444eaf757
eb2eb0b3c5bc6b7ef5f5b7cf67d5f3307ef84903892963da55e2944c6b42990b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46e86368c01cffc9a55e4ae44acbe6f5366913c4cb3af0ef90fad6210bbe29
f9335a3578fbb78eba8922527950b8773e21ebc2d28e6f72ce9d223094bfdbdc
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff81cdf3bba93dcc1f98e859939be421fec3f1d10b4fa68a874ce6afd1819d02

orca.security Open in urlscan Pro 162.159.134.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

97 %HTTPS

40 %IPv6

32 Domains

46 Subdomains

41 IPs

6 Countries

1975 kBTransfer

6405 kBSize

40 Cookies

11 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orca.security Open in urlscan Pro
162.159.134.42 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

97 %
HTTPS

40 %
IPv6

32
Domains

46
Subdomains

41
IPs

6
Countries

1975 kB
Transfer

6405 kB
Size

40
Cookies

117 HTTP transactions
9 data transactions