research.checkpoint.com Open in urlscan Pro
209.87.209.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://research.checkpoint.com/uncovering-drupalgeddon-2
Effective URL:
https://research.checkpoint.com/uncovering-drupalgeddon-2/
Submission: On August 19 via manual (August 19th 2018, 10:36:28 pm UTC) from US

Summary HTTP 63 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 63 HTTP transactions. The main IP is 209.87.209.103, located in Irving, United States and belongs to ZONEALARM-COM - Check Point Software Technologies, Inc., US. The main domain is research.checkpoint.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 22nd 2018. Valid for: 2 years.

This is the only time research.checkpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 31	209.87.209.103 209.87.209.103	31997 (ZONEALARM...) (ZONEALARM-COM - Check Point Software Technologies)
8	2.19.39.174 2.19.39.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.158.160 13.32.158.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.43.112 104.244.43.112	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	74.201.198.92 74.201.198.92	13789 (INTERNAP-...) (INTERNAP-BLK3 - Internap Network Services Corporation)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8086:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	52.216.105.171 52.216.105.171	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	104.111.242.254 104.111.242.254	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	192.28.144.228 192.28.144.228	53580 (MARKETO) (MARKETO - MARKETO)
63	19

31 209.87.209.103 (Irving, United States) 2 redirects

ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US)

research.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.19.39.174 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-39-174.deploy.static.akamaitechnologies.com

sc1.checkpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.160 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-160.fra56.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.43.112 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.201.198.92 (United States)

ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US)

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8086:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.105.171 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

gtrk.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:10:101::b93f:9105 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.254 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-254.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.228 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)
PTR: monitor-test-ab17.mktoresp.com

750-dqh-528.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	checkpoint.com 2 redirects research.checkpoint.com sc1.checkpoint.com	2 MB
5	google-analytics.com www.google-analytics.com	45 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	3 KB
2	marketo.net munchkin.marketo.net	6 KB
2	amazonaws.com gtrk.s3.amazonaws.com	774 B
2	facebook.com www.facebook.com	440 B
2	google.de www.google.de	487 B
2	google.com 2 redirects www.google.com	636 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	513 B
2	facebook.net connect.facebook.net	31 KB
1	mktoresp.com 750-dqh-528.mktoresp.com	623 B
1	twitter.com analytics.twitter.com	659 B
1	t.co t.co	368 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net dnn506yrbagrg.cloudfront.net	4 KB
1	bizographics.com sjs.bizographics.com	4 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
63	18

	Domain	Requested by
31	research.checkpoint.com	2 redirects research.checkpoint.com
8	sc1.checkpoint.com	research.checkpoint.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com research.checkpoint.com
3	px.ads.linkedin.com	2 redirects research.checkpoint.com
2	munchkin.marketo.net	research.checkpoint.com munchkin.marketo.net
2	gtrk.s3.amazonaws.com	research.checkpoint.com
2	www.facebook.com	research.checkpoint.com
2	www.google.de	research.checkpoint.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	connect.facebook.net	research.checkpoint.com connect.facebook.net
1	750-dqh-528.mktoresp.com	munchkin.marketo.net
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	t.co	research.checkpoint.com
1	amplifypixel.outbrain.com	research.checkpoint.com
1	tr.outbrain.com	research.checkpoint.com
1	amplify.outbrain.com	research.checkpoint.com
1	static.ads-twitter.com	www.googletagmanager.com
1	dnn506yrbagrg.cloudfront.net	www.googletagmanager.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googletagmanager.com	research.checkpoint.com
63	22

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
www.facebook.com
plus.google.com
www.linkedin.com
twitter.com
threatemulation.checkpoint.com
www.cpcheckme.com
threatmap.checkpoint.com
www.drupal.org
bit.ly
blog.checkpoint.com

Subject Issuer	Validity	Valid
research.checkpoint.com DigiCert SHA2 Secure Server CA	`2018-06-22` - `2020-06-22`	2 years	crt.sh
*.checkpoint.com Symantec Class 3 Secure Server CA - G4	`2017-09-24` - `2018-12-24`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-06-28` - `2019-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-02-12` - `2019-02-12`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-08-16` - `2018-10-06`	2 months	crt.sh
t.co DigiCert SHA2 Extended Validation Server CA	`2017-07-25` - `2018-11-05`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2017-09-22` - `2019-01-03`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2017-06-06` - `2019-06-11`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-07-19` - `2019-08-28`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-02-22` - `2019-02-22`	a year	crt.sh
*.mktoresp.com Go Daddy Secure Certificate Authority - G2	`2015-12-02` - `2018-12-02`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Frame ID: 11A6E96BB1D9CCF79BDACC6E8133AE31
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://research.checkpoint.com/uncovering-drupalgeddon-2 HTTP 302
https://research.checkpoint.com/uncovering-drupalgeddon-2 HTTP 301
http://research.checkpoint.com/uncovering-drupalgeddon-2/ HTTP 307
https://research.checkpoint.com/uncovering-drupalgeddon-2/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^CE2$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i
env /^Munchkin$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

63
Requests

100 %
HTTPS

45 %
IPv6

18
Domains

22
Subdomains

19
IPs

4
Countries

2244 kB
Transfer

2533 kB
Size

8
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/
Title: CheckPoint.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/checkpointsoftware

Search URL Search Domain Scan URL

URL: https://plus.google.com/+checkpoint/posts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/check-point-software-technologies

Search URL Search Domain Scan URL

URL: https://twitter.com/checkpointsw

Search URL Search Domain Scan URL

URL: https://threatemulation.checkpoint.com/
Title: SandBlast File Analysis

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/urlcat/
Title: URL Categorization

Search URL Search Domain Scan URL

URL: http://www.cpcheckme.com/checkme/
Title: Instant Security Assessment

Search URL Search Domain Scan URL

URL: https://threatmap.checkpoint.com/ThreatPortal/livemap.html
Title: Live Threat Map

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/support-services/threatcloud-incident-response/

Search URL Search Domain Scan URL

URL: https://www.drupal.org/sa-core-2018-002
Title: Drupalgeddon 2

Search URL Search Domain Scan URL

URL: https://bit.ly/2v7R1Wx
Title: Dofinity

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0192.html
Title: IPS signatures

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/defense/advisories/public/smartdefense_atomz.xml

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/index.html
Title: Check Point Update Services Advisories

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0844.html
Title: Zyxel EMG2926 Router OS Command Injection (CVE-2017-6884)

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0845.html
Title: Network Weathermap Persistent Cross-Site Scripting (CVE-2013-2618)

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0840.html
Title: Adobe Acrobat and Reader Out-of-bounds write (APSB18-29: CVE-2018-12808)

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0822.html
Title: Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8389)

Search URL Search Domain Scan URL

URL: http://www.checkpoint.com/defense/advisories/public/2018/cpai-2018-0836.html
Title: Adobe Flash Player Out-of-bounds read (APSB18-25: CVE-2018-12826)

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/advisories/
Title: IPS ADVISORIES

Search URL Search Domain Scan URL

URL: http://blog.checkpoint.com/
Title: CHECK POINT BLOG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://research.checkpoint.com/uncovering-drupalgeddon-2 HTTP 302
https://research.checkpoint.com/uncovering-drupalgeddon-2 HTTP 301
http://research.checkpoint.com/uncovering-drupalgeddon-2/ HTTP 307
https://research.checkpoint.com/uncovering-drupalgeddon-2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&gjid=1064208563&_gid=1005462149.1534718177&_u=aGDAgEADQ~&z=1513159605 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605&slf_rd=1&random=3150253091

Request Chain 43

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&gjid=975623149&_gid=1005462149.1534718177&_u=aGDAgEADQ~&z=18283839 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839&slf_rd=1&random=1504673822

Request Chain 57

https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ref=&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ref=&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1534718177179%26pid%3D51830%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%252Funcovering-drupalgeddon-2%252F%26pageUrl%3Dhttps%253A%252F%252Fresearch.checkpoint.com%252Funcovering-drupalgeddon-2%252F%26ref%3D%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ref=&fmt=js&s=1&cookiesTest=true&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
research.checkpoint.com/uncovering-drupalgeddon-2/
Redirect Chain

http://research.checkpoint.com/uncovering-drupalgeddon-2
https://research.checkpoint.com/uncovering-drupalgeddon-2
http://research.checkpoint.com/uncovering-drupalgeddon-2/
https://research.checkpoint.com/uncovering-drupalgeddon-2/

24 KB
25 KB

526ms
526ms

Document
text/html

209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

b0fe6e14d8045a1d4df924dc4521dfffee1d12cfad86dcecc276a0371ec9317e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: research.checkpoint.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: ROUTEID=.1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 11A6E96BB1D9CCF79BDACC6E8133AE31

Response headers

Date: Sun, 19 Aug 2018 22:36:14 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Link: <http://research.checkpoint.com/?p=18639>; rel=shortlink
Cache-Control: private, max-age=600, must-revalidate
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

Location: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK style.css
research.checkpoint.com/wp-content/themes/research/ 15 KB
16 KB 470ms
161ms Stylesheet
text/css 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

a11e610622346f64d0570a52423284dc6866e300331b2b7b81963cca06b4854b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Tue, 14 Aug 2018 07:26:01 GMT
Server: Apache
ETag: "3c2d-573601f325440"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: public,max-age=600000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15405
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
research.checkpoint.com/wp-content/themes/research/css/ 137 KB
138 KB 620ms
158ms Stylesheet
text/css 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/css/bootstrap.min.css?ver=4.1.0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:10 GMT
Server: Apache
ETag: "22485-57201cd647580"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: public,max-age=600000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 140421
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.min.css
research.checkpoint.com/wp-content/themes/research/css/ 2 KB
2 KB 635ms
161ms Stylesheet
text/css 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/css/flickity.min.css?ver=1.0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:10 GMT
Server: Apache
ETag: "71d-57201cd647580"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: public,max-age=600000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1821
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
research.checkpoint.com/wp-includes/js/jquery/ 95 KB
95 KB 643ms
165ms Script
application/javascript 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Wed, 10 May 2017 20:29:28 GMT
Server: Apache
ETag: "17ba0-54f3154305a00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: private, max-age=200000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97184
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 66 KB
67 KB 775ms
154ms Script
application/javascript 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/js/lib/bootstrap.bundle.min.js?ver=4.1.0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:12 GMT
Server: Apache
ETag: "1089e-57201cd82fa00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: private, max-age=200000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67742
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.pkgd.min.js Show response
research.checkpoint.com/wp-content/themes/research/js/lib/ 54 KB
54 KB 794ms
159ms Script
application/javascript 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/js/lib/flickity.pkgd.min.js?ver=1.0.0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:12 GMT
Server: Apache
ETag: "d7c9-57201cd82fa00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: private, max-age=200000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 55241
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK single-post.js Show response
research.checkpoint.com/wp-content/themes/research/js/ 397 B
882 B 953ms
159ms Script
application/javascript 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/js/single-post.js?ver=1.0.1

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

cbfee73101feaeb8d3fb0c18c79b5b0b953cdbd32549473339e742d96886b5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Tue, 14 Aug 2018 07:21:35 GMT
Server: Apache
ETag: "18d-573600f577dc0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: private, max-age=200000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 397
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK inc-header.js Show response
research.checkpoint.com/wp-content/themes/research/header/ 1 KB
2 KB 1115ms
161ms Script
application/javascript 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/header/inc-header.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:11 GMT
Server: Apache
ETag: "47a-57201cd73b7c0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: private, max-age=200000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1146
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
research.checkpoint.com/wp-content/themes/research/header/ 9 KB
10 KB 636ms
161ms Stylesheet
text/css 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/header/style.css

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:15 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:11 GMT
Server: Apache
ETag: "25cb-57201cd73b7c0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: public,max-age=600000, must-revalidate
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9675
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK facebook.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 262ms
16ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/facebook.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "7eb7015574801089503dd7095e1d4313:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1254

GET
H/1.1 200
OK google-plus.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 134ms
18ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/google-plus.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "eedd0b2cde10b6b1930d57a10c6d0422:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1653

GET
H/1.1 200
OK linkedin.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 121ms
6ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/linkedin.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "6789b034de6591b26bbd9b5fa6b451ca:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1416

GET
H/1.1 200
OK email.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 1 KB
2 KB 128ms
12ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/email.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "15f1e1004accdbc019365e658249f334:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1407

GET
H/1.1 200
OK rss.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 135ms
14ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/rss.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "8cc18e3677ea53cc679e33e82bf9497a:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1620

GET
H/1.1 200
OK twitter.gif
sc1.checkpoint.com/sc1/inc/html/images/social/ 2 KB
2 KB 131ms
9ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/social/twitter.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "6b05f4fc9522afa0cdbeb1a2c0bccc2c:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1608

GET
H/1.1 200
OK check-point-research-logo.gif
sc1.checkpoint.com/sc1/inc/html/images/ 3 KB
3 KB 95ms
6ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/check-point-research-logo.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 09 Jul 2018 21:15:16 GMT
Server: Apache
ETag: "c425f4400a5c9dfbaecb24275f494931:1531172224"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2901

GET
H/1.1 200
OK under-attack.gif
research.checkpoint.com/wp-content/themes/research/img/lib/ 2 KB
2 KB 154ms
153ms Image
image/gif 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/themes/research/img/lib/under-attack.gif

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

fab08b60fa81a228f3dd0eb7678669844a4de6a1fd68683a28df73007fd74efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Fri, 27 Jul 2018 21:29:12 GMT
Server: Apache
ETag: "682-57201cd82fa00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/gif
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1666
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK drupal_logo-1.png
research.checkpoint.com/wp-content/uploads/2018/04/ 6 KB
7 KB 162ms
161ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/drupal_logo-1.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

b7bef1ecb38939a37057fd14feb9e33add6ba90514ed788a76d32abcd2a2424b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 13:05:34 GMT
Server: Apache
ETag: "198d-569a669332380"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6541
X-XSS-Protection: 1; mode=block

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
37 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

54685da2e66271df0d9df074d2279ad5afea3e95a061391a5de66c201d147e1d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:16 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 38132
x-xss-protection: 1; mode=block
expires: Sun, 19 Aug 2018 22:36:16 GMT

GET
H/1.1 200
OK Fig1-1.png
research.checkpoint.com/wp-content/uploads/2018/04/ 44 KB
45 KB 161ms
161ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig1-1.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

290ce7b2dcdf8f179a5d2f272bc4f6dd7ec97bc78803e20c6623c9a2b1ba5270

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:44:06 GMT
Server: Apache
ETag: "b166-569a61c6dd180"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 45414
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig2.jpg
research.checkpoint.com/wp-content/uploads/2018/04/ 32 KB
32 KB 156ms
155ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig2.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

662d287c671c4b03cda9b790d8e9b0f8f5624fc904d767231336e367a4ce87b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:45:16 GMT
Server: Apache
ETag: "7f47-569a62099ef00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 32583
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig3.png
research.checkpoint.com/wp-content/uploads/2018/04/ 47 KB
48 KB 283ms
154ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig3.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

fa382060a9c851fcdb81df378c0d33a6606ea06e0312cd6c2255987974487007

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:46:02 GMT
Server: Apache
ETag: "bd28-569a62357d680"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 48424
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig4.png
research.checkpoint.com/wp-content/uploads/2018/04/ 42 KB
43 KB 170ms
162ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig4.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

78cbbcb61348c2c7482c1aeae9d251680d4cfe827ad64229774374eee0620274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:46:58 GMT
Server: Apache
ETag: "a910-569a626ae5480"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43280
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig5.png
research.checkpoint.com/wp-content/uploads/2018/04/ 37 KB
37 KB 302ms
155ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig5.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

7234f286e3daeee9159edefc1cb55c731b1fa6deb2f701413e2a144f817e35f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:47:28 GMT
Server: Apache
ETag: "930b-569a628781800"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 37643
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig6.jpg
research.checkpoint.com/wp-content/uploads/2018/04/ 62 KB
62 KB 168ms
160ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig6.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

a1adfb0e19ac477fcea0a6a1ffae6bc39558bdd9726871deaf420bf38245a585

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:48:19 GMT
Server: Apache
ETag: "f7a3-569a62b824ac0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 63395
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fig7.jpg
research.checkpoint.com/wp-content/uploads/2018/04/ 25 KB
26 KB 168ms
159ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/04/Fig7.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

79cb97f2029dc23f1ef46007eb3e8d2d332cb1668366d7b455788991700acc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Thu, 12 Apr 2018 12:48:41 GMT
Server: Apache
ETag: "643e-569a62cd1fc40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 25662
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK search-icon.gif
sc1.checkpoint.com/sc1/inc/html/images/ 2 KB
2 KB 100ms
10ms Image
image/gif 2.19.39.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc1.checkpoint.com/sc1/inc/html/images/search-icon.gif
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2.19.39.174 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-174.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: sc1.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/wp-content/themes/research/header/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/wp-content/themes/research/header/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Last-Modified: Mon, 25 Sep 2017 18:13:31 GMT
Server: Apache
ETag: "2e1aa25e7e77e6a393fd38efb413370f:1506366539"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1755

GET
H/1.1 200
OK din.woff
research.checkpoint.com/wp-content/themes/research/fonts/ 23 KB
24 KB 159ms
159ms Font
application/font-woff 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/fonts/din.woff

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://research.checkpoint.com
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.0
Cookie: ROUTEID=.1
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.0
Origin: https://research.checkpoint.com

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Fri, 27 Jul 2018 21:29:10 GMT
Server: Apache
ETag: "5cee-57201cd647580"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://research.checkpoint.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 23790
X-XSS-Protection: 1; mode=block

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1407
date: Sun, 19 Aug 2018 22:12:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Mon, 20 Aug 2018 00:12:49 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 13 KB
4 KB 22ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2bf::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bf::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 0e61af2bfebca120ae344dc48386bbd2b6d24486524cf98ed55327b084bf1702

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 22:17:52 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=58008
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4105

GET
H/1.1 200
OK 7614.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0041/ 10 KB
4 KB 21ms
6ms Script
application/x-javascript 13.32.158.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0041/7614.js?426310
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.160 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-160.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08a0656a7c4243a1ba263ecf410367c07cdbe1ffe768b3511bcdfa0a176b2ca7

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 Aug 2018 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 20:31:46 GMT
Server: AmazonS3
Age: 14
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 fab3f75b4ee7d58be154b12ee77e06eb.cloudfront.net (CloudFront)
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: Tw_Ex8cnBU-GW9BsK7n2CrrU2TIc4qsTsg8Jdb3eMxNe3td6yZjK8g==

GET
S 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 23ms
6ms Script
application/javascript 104.244.43.112
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.112 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:16 GMT
content-encoding: gzip
age: 81430
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-fra1-cr1-17-TWFRA1
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1534718177.561597,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 43 KB
14 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2fd8f852b0cc7f021bcc7ad1ad3e868b1e9e7934790725ac42720ce42e590915

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13550
x-xss-protection: 0
pragma: public
x-fb-debug: lqECZ5ne2tP26XVUC5X6WzZ+5ujrbZoO6bAYtp7fUTlmPaWYweCYniVw1Vbmzaqpq9Y886lA9Ck0vFHF95BvnA==
x-frame-options: DENY
date: Sun, 19 Aug 2018 22:36:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 4 KB
2 KB 22ms
6ms Script
application/x-javascript 2.18.234.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 26c9c2ffd3d4ea43b62a3ac326dc386049bf49048f038e051f684dee2e4d88ca

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jun 2018 12:03:56 GMT
Server: Apache
ETag: "41f04bc9320bf2f0fe4cc3cbd05a460c:1528718636"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1928
Expires: Sun, 19 Aug 2018 22:56:16 GMT

GET
S 200 js Show response
www.google-analytics.com/gtm/ 43 KB
17 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5L6CQT3&t=gtm1&cid=1079898971.1534718177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

873b22b059244ae283e0502017eb5a73b5b0da8908f8993bd5e67d0c308066eb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:16 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17159
x-xss-protection: 1; mode=block
expires: Sun, 19 Aug 2018 22:36:16 GMT

GET
S 200 pixel
tr.outbrain.com/ 43 B
330 B 112ms
87ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=007281ee64432ffe21cc9ba8667dd68bed&obApiVersion=1.0.10&name=PAGE_VIEW&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&bust=06145904868621748

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1534718177.602672,VS0,VE81
date: Sun, 19 Aug 2018 22:36:16 GMT
x-served-by: cache-jfk8127-JFK, cache-hhn1542-HHN
x-cache: MISS, MISS
content-type: image/gif;
status: 200
cache-control: no-cache
backend-ip: 104.156.90.27
accept-ranges: bytes, bytes
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
293 B 343ms
85ms Image
image/gif 74.201.198.92
Internap Network ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=007281ee64432ffe21cc9ba8667dd68bed&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&bust=06145904868621748

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.201.198.92 , United States, ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:16 GMT
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
S 200 1692853834349189 Show response
connect.facebook.net/signals/config/ 82 KB
17 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1692853834349189?v=2.8.25&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8c2d056f6faedb65899ca566260631e08f36e77c2d0640fe788825b8e75ad9d3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16565
x-xss-protection: 0
pragma: public
x-fb-debug: 7j8/0rzgsht3HeZt18LV0tC5vqqO298gqxZsK+dGZPyHGExWgRVMj6BDvUjLuNWnCuyLrqseZDBB6SH7JClPEA==
x-frame-options: DENY
date: Sun, 19 Aug 2018 22:36:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 adsct
t.co/i/ 43 B
368 B 125ms
124ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 118
pragma: no-cache
last-modified: Sun, 19 Aug 2018 22:36:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1f030ba7dc52efcdeba14c8c41a746e7
x-transaction: 00573bd30003e1ae
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1407
date: Sun, 19 Aug 2018 22:12:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Mon, 20 Aug 2018 00:12:49 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=738750647&t=pageview&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ul=en-us&de=UTF-8&dt=Uncovering%20Drupalgeddon%202%20-%20Check%20Point%20Research%20%3A%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=208935411&gjid=1064208563&cid=1079898971.1534718177&tid=UA-194688-1&_gid=1005462149.1534718177&gtm=G865JCRGP&z=2053891787

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 192528
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&gjid=1064208563&_gid=1005462149.1534718177&_u=aGDAgEADQ~&z=1513159605
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605&slf_rd=1&random=3150253091

42 B
109 B

27ms
16ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605&slf_rd=1&random=3150253091

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Aug 2018 22:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Aug 2018 22:36:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-1&cid=1079898971.1534718177&jid=208935411&_v=j68&z=1513159605&slf_rd=1&random=3150253091
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=738750647&t=pageview&_s=1&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ul=en-us&de=UTF-8&dt=Uncovering%20Drupalgeddon%202%20-%20Check%20Point%20Research%20%3A%20Check%20Point%20Research&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=480665591&gjid=975623149&cid=1079898971.1534718177&tid=UA-194688-3&_gid=1005462149.1534718177&gtm=G865JCRGP&z=2128434552

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 192528
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&gjid=975623149&_gid=1005462149.1534718177&_u=aGDAgEADQ~&z=18283839
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839&slf_rd=1&random=1504673822

42 B
378 B

27ms
16ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839&slf_rd=1&random=1504673822

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Aug 2018 22:36:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Aug 2018 22:36:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-194688-3&cid=1079898971.1534718177&jid=480665591&_v=j68&z=18283839&slf_rd=1&random=1504673822
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
296 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8086:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1692853834349189&ev=PageView&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&rl=&if=false&ts=1534718176615&sw=1600&sh=1200&v=2.8.25&r=stable&ec=0&o=30&it=1534718176577
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8086:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 19 Aug 2018 22:36:16 GMT

GET
H/1.1 200
OK faxploit_fax_machine_hacking.jpg
research.checkpoint.com/wp-content/uploads/2018/08/ 116 KB
117 KB 161ms
160ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/08/faxploit_fax_machine_hacking.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

1e56fc8e8e04600082375d27feffd22d4ac71ba5da54dde9fdbb5ec87ae012a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Tue, 14 Aug 2018 22:43:50 GMT
Server: Apache
ETag: "1d07f-5736cf1909580"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 118911
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Nigerian-ID-Post-Image-1021x450.jpg
research.checkpoint.com/wp-content/uploads/2017/08/ 197 KB
198 KB 155ms
155ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2017/08/Nigerian-ID-Post-Image-1021x450.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

1540ffb3207630ec550650fa18fb3f76f400c22ba8c4f8a0ada058ca892d7b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Wed, 16 Aug 2017 17:56:50 GMT
Server: Apache
ETag: "31505-556e29ec71c80"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 201989
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Italy_Spam_1021x580x.jpg
research.checkpoint.com/wp-content/uploads/2018/08/ 578 KB
579 KB 155ms
154ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/08/Italy_Spam_1021x580x.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

4c87f8c3fe25d7c8fa323684fa61ef5bd12e8a1d56942f881483d4c1ee91d021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Thu, 16 Aug 2018 17:11:36 GMT
Server: Apache
ETag: "909b4-573908916a200"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 592308
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK august_android_exploit.jpg
research.checkpoint.com/wp-content/uploads/2018/08/ 187 KB
188 KB 315ms
159ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/08/august_android_exploit.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

2e3f5d01dfe1381031447690597be39616e85aba9a769647918e0e5212503d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Tue, 14 Aug 2018 22:48:17 GMT
Server: Apache
ETag: "2ed90-5736d017aae40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 191888
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK whatsapp_fakenews_1021x580v2.jpg
research.checkpoint.com/wp-content/uploads/2018/08/ 143 KB
144 KB 160ms
159ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/08/whatsapp_fakenews_1021x580v2.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

3cef5356026b0d43875140a8d3c321fc861103f9506d87c6062fd74a485cc987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1; _ceg.s=pdqc4h; _ceg.u=pdqc4h; _mkto_trk=id:750-DQH-528&token:_mch-checkpoint.com-1534718177224-11056
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Thu, 02 Aug 2018 23:22:20 GMT
Server: Apache
ETag: "23c65-5727c1527e300"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 146533
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Ramnit_1021x580.jpg
research.checkpoint.com/wp-content/uploads/2018/08/ 89 KB
90 KB 162ms
162ms Image
image/jpeg 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2018/08/Ramnit_1021x580.jpg

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

eac96e15c282ab6aafc3f1d1d468d286964fb078db11a87b024a9e6b8e49ab37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1; _ceg.s=pdqc4h; _ceg.u=pdqc4h; _mkto_trk=id:750-DQH-528&token:_mch-checkpoint.com-1534718177224-11056
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Sun, 05 Aug 2018 08:45:50 GMT
Server: Apache
ETag: "1659d-572ac30124b80"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 91549
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK rss.png
research.checkpoint.com/wp-includes/images/ 608 B
1 KB 154ms
154ms Image
image/png 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-includes/images/rss.png

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1; _ceg.s=pdqc4h; _ceg.u=pdqc4h; _mkto_trk=id:750-DQH-528&token:_mch-checkpoint.com-1534718177224-11056
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Wed, 10 May 2017 20:29:28 GMT
Server: Apache
ETag: "260-54f3154305a00"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 608
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK check-point-research-subscribe.gif
research.checkpoint.com/wp-content/uploads/2017/07/ 19 KB
20 KB 262ms
159ms Image
image/gif 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://research.checkpoint.com/wp-content/uploads/2017/07/check-point-research-subscribe.gif

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

eddeb1c34fe435881c39d8758e17c086ec7e7764e1dccb5aae4f5887f569303f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Last-Modified: Fri, 28 Jul 2017 18:41:09 GMT
Server: Apache
ETag: "4ce4-5556506481b40"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/gif
Cache-Control: public,max-age=2500000
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 19684
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK din-light.woff
research.checkpoint.com/wp-content/themes/research/fonts/ 22 KB
22 KB 277ms
160ms Font
application/font-woff 209.87.209.103
Check Point Softw...

General

Check archive.org

Show headers Download Go to

Full URL

https://research.checkpoint.com/wp-content/themes/research/fonts/din-light.woff

Requested by

Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

209.87.209.103 Irving, United States, ASN31997 (ZONEALARM-COM - Check Point Software Technologies, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

29330ee71dee82f451d2dbd44cfc6170767326ae3b78a9755002edf6bac62401

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://research.checkpoint.com
Accept-Encoding: gzip, deflate
Host: research.checkpoint.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.0
Cookie: ROUTEID=.1; _ga=GA1.2.1079898971.1534718177; _gid=GA1.2.1005462149.1534718177; _dc_gtm_UA-194688-1=1; _dc_gtm_UA-194688-3=1
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://research.checkpoint.com/wp-content/themes/research/style.css?ver=1.0
Origin: https://research.checkpoint.com

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
Last-Modified: Fri, 27 Jul 2018 21:29:10 GMT
Server: Apache
ETag: "577c-57201cd647580"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://research.checkpoint.com
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 22396
X-XSS-Protection: 1; mode=block

GET
S 200 /
www.facebook.com/tr/ 44 B
144 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8086:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1692853834349189&ev=Microdata&dl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&rl=&if=false&ts=1534718177116&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Uncovering%20Drupalgeddon%202%20-%20Check%20Point%20Research%22%2C%22og%3Adescription%22%3A%22By%C2%A0Eyal%20Shalev%2C%20Rotem%20Reiss%20and%20Eran%20Vaknin%20Abstract%20Two%20weeks%20ago%2C%20a%20highly%20critical%20(25%2F25%20NIST%20rank)%20vulnerability%2C%20nicknamed%20Drupalgeddon%202%20(SA-CORE-2018-002%20%2F%20CVE-2018-7600)%2C%20was%20disclosed%20by%20the%20Drupal%20security%20team.%20This%20vulnerability%20allowed%20an%20unauthenticated%20attacker%20to%20perform%20remote%20code%20execution%20on%20default%20or%20common%20Drupal%20installations.%20Drupal%20is%20an%20open-source%20content%20management%20system...%20Click%20to%20Read%20More%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F%22%2C%22og%3Asite_name%22%3A%22Check%20Point%20Research%22%2C%22article%3Asection%22%3A%22Check%20Point%20Research%20Publications%22%2C%22article%3Apublished_time%22%3A%222018-04-12T06%3A18%3A57-07%3A00%22%2C%22article%3Amodified_time%22%3A%222018-04-14T23%3A47%3A38-07%3A00%22%2C%22og%3Aupdated_time%22%3A%222018-04-14T23%3A47%3A38-07%3A00%22%2C%22og%3Aimage%22%3A%22%2F%2Fresearch.checkpoint.com%2Fwp-content%2Fuploads%2F2018%2F04%2Fdrupal_logo-1.png%22%2C%22og%3Aimage%3Awidth%22%3A%221250%22%2C%22og%3Aimage%3Aheight%22%3A%22455%22%7D&cd[Meta]=%7B%22title%22%3A%22Uncovering%20Drupalgeddon%202%20-%20Check%20Point%20Research%20%3A%20Check%20Point%20Research%22%2C%22meta%3Adescription%22%3A%22Latest%20Research%20by%20our%20Team%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.25&r=stable&ec=1&o=30&it=1534718176577&es=automatic
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8086:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 19 Aug 2018 22:36:17 GMT

GET
H/1.1 200
OK s
gtrk.s3.amazonaws.com/ 32 B
387 B 411ms
102ms Image
image/gif 52.216.105.171
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrk.s3.amazonaws.com/s?u=417614&t=pdqc4h
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.105.171 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:18 GMT
Last-Modified: Tue, 09 Feb 2016 23:57:19 GMT
Server: AmazonS3
x-amz-request-id: 756104EAF5154378
ETag: "776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 32
x-amz-id-2: /3Z5UwQmE6+JKPEQifNH+LonxdGl/kdHoBCVRJh+1AyqXBvTF/4pHO6dRSKPH+ySTeTSPiZLCiY=

GET
H/1.1 200
OK u
gtrk.s3.amazonaws.com/ 32 B
387 B 413ms
105ms Image
image/gif 52.216.105.171
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrk.s3.amazonaws.com/u?u=417614&t=pdqc4h
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.105.171 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:18 GMT
Last-Modified: Tue, 09 Feb 2016 23:57:32 GMT
Server: AmazonS3
x-amz-request-id: 0A57C2BC19DCAA77
ETag: "776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 32
x-amz-id-2: pHSaSNV/E3RNmsuGyeH/pwGHYkaukdc/wvBD0LLUkWiVsIR1sZ9OlQ8gKQv0SSfHI9j+60zafrk=

GET
S

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering...
https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1534718177179%26pid%3D51830%26url%3Dhttps%253A%252F%252Fresearch.checkpoint.com%252Funcovering-d...
https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering...

0
89 B

111ms
111ms

Script
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ref=&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:17 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5-nkern
content-type: application/javascript
content-length: 20
x-li-uuid: w+I3HQ1qTBWwCNwr+n8AAA==

Redirect headers

date: Sun, 19 Aug 2018 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
vary: Accept-Encoding
content-length: 20
x-li-uuid: ZlmSFg1qTBVQnO5TyyoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
x-frame-options: sameorigin
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?time=1534718177179&pid=51830&url=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&pageUrl=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F&ref=&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 146ms
128ms Script
application/javascript 104.244.42.131
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxi3o&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fresearch.checkpoint.com%2Funcovering-drupalgeddon-2%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 Aug 2018 22:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 122
pragma: no-cache
last-modified: Sun, 19 Aug 2018 22:36:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a49c4c64d1db6bae7f7f4ed489890db3
x-transaction: 009de30f00a44805
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 25ms
6ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: research.checkpoint.com
URL: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jun 2018 01:36:41 GMT
Server: Apache
ETag: "8a1ad47bd9401d0c4cde2aab48eeb571:1528767401"
X-Serial: 1
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
X-Check-Cacheable: YES
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/154/ 8 KB
5 KB 6ms
6ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/154/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5

Request headers

Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Aug 2018 22:36:17 GMT
Content-Encoding: gzip
X-Check-Cacheable: YES
Server: Apache
ETag: "808fc844032f646c32adce24553838be:1526611527"
X-Serial: 10776
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Last-Modified: Fri, 18 May 2018 02:45:27 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3700
Expires: Tue, 27 Nov 2018 22:36:17 GMT

GET
H/1.1 200
OK visitWebPage Show response
750-dqh-528.mktoresp.com/webevents/ 43 B
623 B 570ms
95ms XHR
image/gif 192.28.144.228
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://750-dqh-528.mktoresp.com/webevents/visitWebPage?_mchNc=1534718177225&_mchCn=&_mchId=750-DQH-528&_mchTk=_mch-checkpoint.com-1534718177224-11056&_mchHo=research.checkpoint.com&_mchPo=&_mchRu=%2Funcovering-drupalgeddon-2%2F&_mchPc=https%3A&_mchVr=154&_mchHa=&_mchRe=&_mchQp=

Requested by

Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/154/munchkin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.228 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

monitor-test-ab17.mktoresp.com

Software

Apache /

Resource Hash

cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Origin: https://research.checkpoint.com

Response headers

Pragma: no-cache
Date: Sun, 19 Aug 2018 22:36:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 19 Aug 2018 17:36:17 -0500
Server: Apache
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: -1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.research.checkpoint.com/	1970-01-18 20:29:45	Name: _ceg.s Value: pdqc4h
.checkpoint.com/	1970-01-18 18:18:38	Name: _dc_gtm_UA-194688-1 Value: 1
.checkpoint.com/	1970-01-18 18:18:38	Name: _dc_gtm_UA-194688-3 Value: 1
.checkpoint.com/	1970-01-19 11:49:50	Name: _mkto_trk Value: id:750-DQH-528&token:_mch-checkpoint.com-1534718177224-11056
.checkpoint.com/	1970-01-18 18:20:04	Name: _gid Value: GA1.2.1005462149.1534718177
.research.checkpoint.com/	1970-01-18 20:29:45	Name: _ceg.u Value: pdqc4h
.checkpoint.com/	1970-01-19 11:49:50	Name: _ga Value: GA1.2.1079898971.1534718177
research.checkpoint.com/	1969-12-31 23:59:59	Name: ROUTEID Value: .1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750-dqh-528.mktoresp.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
gtrk.s3.amazonaws.com
munchkin.marketo.net
px.ads.linkedin.com
research.checkpoint.com
sc1.checkpoint.com
sjs.bizographics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.111.242.254
104.244.42.131
104.244.42.69
104.244.43.112
13.32.158.160
151.101.114.2
192.28.144.228
2.18.234.190
2.19.39.174
209.87.209.103
2a00:1450:4001:81a::2008
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2004
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9d
2a02:26f0:6c00:2bf::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8086:face:b00c:0:50fb
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
52.216.105.171
74.201.198.92
08a0656a7c4243a1ba263ecf410367c07cdbe1ffe768b3511bcdfa0a176b2ca7
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0dbe8985afa96651d09789d79f6c4f67ff6cfd4f894656e77074f16d78500ed4
0e61af2bfebca120ae344dc48386bbd2b6d24486524cf98ed55327b084bf1702
0fe8bcbcd24ab838fbbd773001253fc0353956e81c5ba9c8e23951ebdbae305a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1540ffb3207630ec550650fa18fb3f76f400c22ba8c4f8a0ada058ca892d7b0c
1998582382fbf956231d65be84b76e08c0c86e5ced8a99c703bdec416d876d76
1e56fc8e8e04600082375d27feffd22d4ac71ba5da54dde9fdbb5ec87ae012a4
26c9c2ffd3d4ea43b62a3ac326dc386049bf49048f038e051f684dee2e4d88ca
290ce7b2dcdf8f179a5d2f272bc4f6dd7ec97bc78803e20c6623c9a2b1ba5270
29330ee71dee82f451d2dbd44cfc6170767326ae3b78a9755002edf6bac62401
2e3f5d01dfe1381031447690597be39616e85aba9a769647918e0e5212503d00
2fd8f852b0cc7f021bcc7ad1ad3e868b1e9e7934790725ac42720ce42e590915
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3643b2c826a615065303aa44b8f463eb854d77934f5f25dc1f74f60d4698f9f0
3cef5356026b0d43875140a8d3c321fc861103f9506d87c6062fd74a485cc987
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4c87f8c3fe25d7c8fa323684fa61ef5bd12e8a1d56942f881483d4c1ee91d021
54685da2e66271df0d9df074d2279ad5afea3e95a061391a5de66c201d147e1d
662d287c671c4b03cda9b790d8e9b0f8f5624fc904d767231336e367a4ce87b0
7234f286e3daeee9159edefc1cb55c731b1fa6deb2f701413e2a144f817e35f3
78cbbcb61348c2c7482c1aeae9d251680d4cfe827ad64229774374eee0620274
791d8c8cb135d3d53915096e999d3857b6ee16966c20a019f38699f09f6aa2ff
79cb97f2029dc23f1ef46007eb3e8d2d332cb1668366d7b455788991700acc12
82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
873b22b059244ae283e0502017eb5a73b5b0da8908f8993bd5e67d0c308066eb
8c2d056f6faedb65899ca566260631e08f36e77c2d0640fe788825b8e75ad9d3
9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5
953d6908ab55929254e46c77e5c751a6e2df7ab84430f134edc3bb62d8f7d32f
a11e610622346f64d0570a52423284dc6866e300331b2b7b81963cca06b4854b
a1adfb0e19ac477fcea0a6a1ffae6bc39558bdd9726871deaf420bf38245a585
a22d6b8782097b7cd9588ab582e119bfd6290278275661e9d0f96b2baec0cb8e
a59bba774218f207179b30aa8bbd21bad0f7355a52321e08138bd77a308c27d5
a8da941d8a446516c824ebc9fb77b42e6b92c6deed1daed266bd821ed27bc516
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3754c54a0880a98a94c423d3e67f39b5b6f3c63516dafa33866e3e74c9f97d
b0fe6e14d8045a1d4df924dc4521dfffee1d12cfad86dcecc276a0371ec9317e
b1fd89254c5a1e26226d533849c501ce8d17f47d4271e907f0084d7a25f1f242
b7bef1ecb38939a37057fd14feb9e33add6ba90514ed788a76d32abcd2a2424b
b7cfb1c9430d90b22b3f4497543a4cfef719dc40a3cce130cad766171abe8bbe
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
cbfee73101feaeb8d3fb0c18c79b5b0b953cdbd32549473339e742d96886b5a9
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac96e15c282ab6aafc3f1d1d468d286964fb078db11a87b024a9e6b8e49ab37
eddeb1c34fe435881c39d8758e17c086ec7e7764e1dccb5aae4f5887f569303f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa382060a9c851fcdb81df378c0d33a6606ea06e0312cd6c2255987974487007
fab08b60fa81a228f3dd0eb7678669844a4de6a1fd68683a28df73007fd74efa
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe2df9f6df4b4a8d7174d259f563b8d9e28e4c03f8f4092fd9db6044e0e64c32

research.checkpoint.com Open in urlscan Pro 209.87.209.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

45 %IPv6

18 Domains

22 Subdomains

19 IPs

4 Countries

2244 kBTransfer

2533 kBSize

8 Cookies

22 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

research.checkpoint.com Open in urlscan Pro
209.87.209.103 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

45 %
IPv6

18
Domains

22
Subdomains

19
IPs

4
Countries

2244 kB
Transfer

2533 kB
Size

8
Cookies

63 HTTP transactions
0 data transactions