I just upgraded our servers to NetWitness 126.96.36.199 and noticed almost every page sends beacons to pendo.io:
Did NetWitness always do this? Is this new in 188.8.131.52?
What annoys me most about this is the referer header gives away our NetWitness URL including possible sensitive path (we use deep linking to the investigate module from other applications):
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept-Encoding: gzip, deflate, br