I just upgraded our servers to NetWitness 22.214.171.124 and noticed almost every page sends beacons to pendo.io:
Did NetWitness always do this? Is this new in 126.96.36.199?
What annoys me most about this is the referer header gives away our NetWitness URL including possible sensitive path (we use deep linking to the investigate module from other applications):
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept-Encoding: gzip, deflate, br