URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Submission: On September 10 via api from IN — Scanned from US

Summary

This website contacted 52 IPs in 2 countries across 35 domains to perform 211 HTTP transactions. The main IP is 50.112.230.199, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is blog.lumen.com.
TLS certificate: Issued by E5 on September 2nd 2024. Valid for: 3 months.
This is the only time blog.lumen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
78 50.112.230.199 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
1 23.45.193.134 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
32 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 3 52.201.11.167 14618 (AMAZON-AES)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 3.212.100.34 14618 (AMAZON-AES)
4 63.140.39.35 14618 (AMAZON-AES)
1 1 54.175.40.253 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 63.140.39.15 14618 (AMAZON-AES)
2 13.226.34.79 16509 (AMAZON-02)
2 23.204.6.193 16625 (AKAMAI-AS)
2 208.89.12.153 11054 (LIVEPERSON)
1 192.28.144.124 15224 (OMNITURE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3 3.226.18.227 14618 (AMAZON-AES)
3 3 35.244.154.8 15169 (GOOGLE)
1 3.171.139.9 16509 (AMAZON-02)
2 208.89.12.91 11054 (LIVEPERSON)
5 34.120.154.120 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.60 16509 (AMAZON-02)
1 2600:9000:261... 16509 (AMAZON-02)
2 4 142.251.40.102 15169 (GOOGLE)
2 142.250.80.102 15169 (GOOGLE)
1 5 52.36.126.81 16509 (AMAZON-02)
1 146.75.36.157 54113 (FASTLY)
2 2a04:4e42:400... 54113 (FASTLY)
1 18.173.219.87 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 151.101.65.140 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 13.225.63.60 16509 (AMAZON-02)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
1 2600:9000:251... 16509 (AMAZON-02)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.26.109.104 16509 (AMAZON-02)
3 57.151.77.234 8075 (MICROSOFT...)
3 54.210.200.198 14618 (AMAZON-AES)
211 52
Apex Domain
Subdomains
Transfer
82 lumen.com
blog.lumen.com
ametrics.lumen.com — Cisco Umbrella Rank: 686995
1 MB
32 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 521
297 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
10006467.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
2 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
161 KB
9 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 6145
33 KB
8 storygize.net
www.storygize.net — Cisco Umbrella Rank: 10018
assets.storygize.net — Cisco Umbrella Rank: 86815
35 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
c.clarity.ms — Cisco Umbrella Rank: 1838
d.clarity.ms — Cisco Umbrella Rank: 216295
29 KB
7 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 6739
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 6365
283 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
www.linkedin.com — Cisco Umbrella Rank: 914
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
4 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
495 KB
5 company-target.com
api.company-target.com — Cisco Umbrella Rank: 9578
s.company-target.com — Cisco Umbrella Rank: 2669
segments.company-target.com — Cisco Umbrella Rank: 3589
3 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
centurylink.demdex.net — Cisco Umbrella Rank: 762584
adobedc.demdex.net — Cisco Umbrella Rank: 9446
3 KB
4 clinch.co
cdn.clinch.co — Cisco Umbrella Rank: 7005
trk.clinch.co — Cisco Umbrella Rank: 5915
4 KB
4 d41.co
ecf.d41.co — Cisco Umbrella Rank: 26105
cdn-0.d41.co — Cisco Umbrella Rank: 66951
vid7120.d41.co
28 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1352
908 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 14344
tag-logger.demandbase.com — Cisco Umbrella Rank: 13079
19 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 6305
165 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 8471
6 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
726 B
1 t.co
t.co — Cisco Umbrella Rank: 979
622 B
1 c212.net
cdn.c212.net — Cisco Umbrella Rank: 51814
1 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
1 mktoresp.com
926-hyv-740.mktoresp.com — Cisco Umbrella Rank: 712109
318 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 2184
503 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
305 B
1 gstatic.com
fonts.gstatic.com
19 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 5742
754 B
211 35
Domain Requested by
78 blog.lumen.com blog.lumen.com
assets.adobedtm.com
32 assets.adobedtm.com blog.lumen.com
assets.adobedtm.com
10 cdn.cookielaw.org blog.lumen.com
cdn.cookielaw.org
9 static.addtoany.com blog.lumen.com
static.addtoany.com
7 www.storygize.net 1 redirects www.storygize.net
6 www.googletagmanager.com blog.lumen.com
assets.adobedtm.com
www.googletagmanager.com
5 lpcdn.lpsnmedia.net lptag.liveperson.net
5 px.ads.linkedin.com 3 redirects snap.licdn.com
4 10006467.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 ametrics.lumen.com assets.adobedtm.com
3 trk.clinch.co cdn.clinch.co
3 d.clarity.ms www.clarity.ms
3 id.rlcdn.com 3 redirects
3 td.doubleclick.net www.googletagmanager.com
3 dpm.demdex.net 1 redirects blog.lumen.com
2 c.clarity.ms 1 redirects
2 segments.company-target.com 1 redirects
2 www.clarity.ms blog.lumen.com
www.clarity.ms
2 www.redditstatic.com blog.lumen.com
www.redditstatic.com
2 ad.doubleclick.net
2 www.youtube.com assets.adobedtm.com
www.youtube.com
2 accdn.lpsnmedia.net lptag.liveperson.net
2 ecf.d41.co 1 redirects blog.lumen.com
2 lptag.liveperson.net blog.lumen.com
2 munchkin.marketo.net assets.adobedtm.com
munchkin.marketo.net
2 api.company-target.com assets.adobedtm.com
tag.demandbase.com
2 snap.licdn.com www.googletagmanager.com
blog.lumen.com
1 c.bing.com 1 redirects
1 tag-logger.demandbase.com tag.demandbase.com
1 analytics.twitter.com
1 t.co
1 s.company-target.com tag.demandbase.com
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 cdn.c212.net assets.adobedtm.com
1 assets.storygize.net
1 static.ads-twitter.com blog.lumen.com
1 cdn.clinch.co blog.lumen.com
1 tag.demandbase.com blog.lumen.com
1 vid7120.d41.co cdn-0.d41.co
1 cdn-0.d41.co assets.adobedtm.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 926-hyv-740.mktoresp.com munchkin.marketo.net
1 adobedc.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 centurylink.demdex.net assets.adobedtm.com
1 px4.ads.linkedin.com blog.lumen.com
1 www.linkedin.com 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.gstatic.com fonts.googleapis.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com blog.lumen.com
1 players.brightcove.net blog.lumen.com
211 54
Subject Issuer Validity Valid
blog.lumen.com
E5
2024-09-02 -
2024-12-01
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1
2024-04-19 -
2025-04-18
a year crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
static.addtoany.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
cookielaw.org
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-09 -
2025-08-09
a year crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
geolocation.onetrust.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-08-27 -
2025-02-27
6 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
ametrics.lumen.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-03-28
a year crt.sh
adobedc.demdex.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-22 -
2024-11-21
a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2
2024-08-13 -
2025-09-14
a year crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-08 -
2024-12-11
a year crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA
2023-11-28 -
2024-11-27
a year crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-07 -
2024-10-07
a year crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-15 -
2025-02-14
a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA
2023-11-15 -
2024-11-14
a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2
2024-08-27 -
2025-09-28
a year crt.sh
*.clinch.co
Amazon ECDSA 256 M02
2024-02-25 -
2025-03-26
a year crt.sh
*.storygize.net
Amazon RSA 2048 M02
2024-02-05 -
2025-03-04
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-23 -
2024-11-18
6 months crt.sh
*.c212.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-14 -
2024-12-14
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-05-30 -
2024-11-26
6 months crt.sh
*.company-target.com
R11
2024-08-15 -
2024-11-13
3 months crt.sh
t.co
E6
2024-07-31 -
2024-10-29
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-11-05
a year crt.sh
*.demandbase.com
Amazon RSA 2048 M02
2024-06-10 -
2025-07-08
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 15 frames:

Primary Page: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Frame ID: 9DF9A0400E0D0200F6D1247687801E61
Requests: 196 HTTP requests in this frame

Frame: https://centurylink.demdex.net/dest5.html?d_nsid=0
Frame ID: B13D92045BEBB2C1FDFC0875F3A7F7AD
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 10D3C4639776E31A459F6B410C033C96
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-31B649S3RB&gacid=1964492800.1725943358&gtm=45je4940v897930332za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1591053724
Frame ID: E64FF47EEE4EAC7008506601DE16A7EB
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.html?loc=https%3A%2F%2Fblog.lumen.com&site=43906703&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: B80AC0F81E6D63C48B47A714194E04C0
Requests: 1 HTTP requests in this frame

Frame: https://10006467.fls.doubleclick.net/activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Frame ID: D2EF8148B77F8E72C7A3BCBA2F5EAE8F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Frame ID: F099BBE8863171E9057A2EF19B2A45B9
Requests: 1 HTTP requests in this frame

Frame: https://10006467.fls.doubleclick.net/activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Frame ID: 4DD360693E92C68B6E447B75131CA3BB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Frame ID: 3F7F5CB2BADC3376453FBB7BDD7C5181
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: EBF410B73AB474DB3EE76A93AD893B0E
Requests: 1 HTTP requests in this frame

Frame: https://www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/cs.html
Frame ID: E66AC26377285FBDF77DCD66B5A025D2
Requests: 1 HTTP requests in this frame

Frame: https://www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/pm.html
Frame ID: A0A0F0BB660058A73DCC68FF4D2ED442
Requests: 1 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364198
Frame ID: 816DB9769C610CE0037944B58C2A7ED7
Requests: 1 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=conv&stype=All_SiteVisits_PerSession&ids=&params=%7B%22subType%22%3A%22All_SiteVisits_PerSession%22%7D&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364450
Frame ID: A0680EF354581E17233FD405DF1372BF
Requests: 1 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=conv&stype=All_SiteVisits_Unique&ids=&params=%7B%22subType%22%3A%22All_SiteVisits_Unique%22%7D&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364547
Frame ID: 769EA456F5229A1A98F6AF6D3DC1AEB9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Taking the Crossroads: The Versa Director Zero-Day Exploitation - Lumen

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

96 %
HTTPS

39 %
IPv6

35
Domains

54
Subdomains

52
IPs

2
Countries

2789 kB
Transfer

7905 kB
Size

80
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052
Request Chain 92
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D512484%26time%3D1725943359185%26li_adsId%3D3311a3b4-290f-45ac-b6ce-164bcb39d789%26url%3Dhttps%253A%252F%252Fblog.lumen.com%252Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&cookiesTest=true&liSync=true&e_ipv6=AQL4FTgDmbMNnQAAAZHaPahpSY-rD__mpGusGZyJa8E08Rudr4UFOrSNKQSBF8HmDJk0maTuO9A
Request Chain 96
  • https://cm.everesttech.net/cm/dd?d_uuid=26036904132095689741232845387221143829 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zt-OPwAAAGDs3AN_
Request Chain 136
  • https://ecf.d41.co/sync/ HTTP 302
  • https://id.rlcdn.com/712087.gif?cparams=3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CJe7KxoNCMCc_7YGEgUI6AcQAEIASkozYTY1Y2RjNDc0ZDI0YmUxYTNhMDVmMjNjMjdhZDkxYy01MDk0NTBmODQ5YTI0NWI1OTIwNTJjMGZjZTMzNzliYi0xLTM3LWVjZg HTTP 307
  • https://ecf.d41.co/sync/3?RampID=Xc6491bwFZpqJ7O89KZmTep6erTDs_fagPuYUs21o7uTsjq40&3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf
Request Chain 162
  • https://10006467.fls.doubleclick.net/activityi;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F HTTP 302
  • https://10006467.fls.doubleclick.net/activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Request Chain 164
  • https://10006467.fls.doubleclick.net/activityi;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F HTTP 302
  • https://10006467.fls.doubleclick.net/activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Request Chain 173
  • https://www.storygize.net/a/bd888e20-e3dc-4219-b5ff-a6789987aa90/abdo.js HTTP 302
  • https://assets.storygize.net/engagement/28858/multiCompanyEngagement.min.js?a=bd888e20-e3dc-4219-b5ff-a6789987aa90
Request Chain 191
  • https://id.rlcdn.com/464526.gif HTTP 307
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4 HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4&verifyHash=4b7a0d60fde1f18cff266db867d5de89d2a585c9
Request Chain 199
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&RedC=c.clarity.ms&MXFR=331B0A4F17A062B60B5D1EB913A06CA6 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&MUID=22288E4FA2F661EB146D9AB9A33460BF

211 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
179 KB
32 KB
Document
General
Full URL
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0fedb2a922407f3802a41dc176eaed5e3f471f307b65233873abec43a39ba186

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
31629
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Sep 2024 04:42:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Link
<https://blog.lumen.com/wp-json/>; rel="https://api.w.org/", <https://blog.lumen.com/wp-json/wp/v2/posts/17616>; rel="alternate"; title="JSON"; type="application/json", <https://blog.lumen.com/?p=17616>; rel=shortlink
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
253 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W2FJHBFJEY
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
035e774c3388287a29b5089878b1c8b5bf475f44377cdf8d5efb4b7d09af3d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91162
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 10 Sep 2024 04:42:37 GMT
style.min.css
blog.lumen.com/wp-includes/css/dist/block-library/
110 KB
15 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:28:34 GMT
Server
Apache
ETag
"1b723-6202197e43faa-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14835
front.css
blog.lumen.com/wp-content/plugins/authors-list/backend/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/authors-list/backend/assets/css/front.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7d66f4d38ab9672c22c1f60bc2260a21bd9eae814c19e5eba57ce4641f89f801

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Jan 2024 18:55:39 GMT
Server
Apache
ETag
"f0c-60fddd79ad4a5-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
786
jquery-ui.css
blog.lumen.com/wp-content/plugins/authors-list/backend/assets/css/
35 KB
9 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/authors-list/backend/assets/css/jquery-ui.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Jan 2024 18:55:39 GMT
Server
Apache
ETag
"8d03-60fddd79ad4a5-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8406
dashicons.min.css
blog.lumen.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-includes/css/dashicons.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 18:46:15 GMT
Server
Apache
ETag
"e688-5c85ba25aebc0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
35730
frontend.min.css
blog.lumen.com/wp-content/plugins/post-views-counter/css/
1 KB
760 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/post-views-counter/css/frontend.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jul 2024 21:43:04 GMT
Server
Apache
ETag
"422-61c4a99393cb9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
440
uaf.css
blog.lumen.com/wp-content/uploads/useanyfont/
512 B
595 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5bf9f151e1a2d47b524c0c64e241a36ecc1bf76e3b1322303ff27a3bf698d4cb

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jul 2024 21:43:28 GMT
Server
Apache
ETag
"200-61c4a9aaea72e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
275
frontend.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/css/
102 KB
15 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8c0d1ddb17510639cc14e2f251206d5c8984d85e23b8e7dc13438c81bf5ce985

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"19624-620219d92f8b0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15220
flatpickr.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/
14 KB
3 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"3601-620219d930850-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2795
select2.min.css
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/
15 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"3a75-620219d9375b1-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1995
reset.css
blog.lumen.com/wp-content/themes/grandnews/css/
547 B
644 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/reset.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f0c7be55f463c02bbd134c6e2afd2e4137a16468073856266042151fb8057609

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"223-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
325
wordpress.css
blog.lumen.com/wp-content/themes/grandnews/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/wordpress.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
27bd3b47f7d1b9adb2575bbf0e960d25fdb28b2e1610d335bf42c62177a32a28

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"bfd-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1018
animation.css
blog.lumen.com/wp-content/themes/grandnews/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/animation.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0edd6b41260434bd366c0aa048e8f33fdf659603f62f1a997ca64c03b3f004be

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1d9b-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
927
ilightbox.css
blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/
7 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cbe20461a1710866e2834c9ce87f0f31d61ef09ba3db1d9eca72b957dfc066b9

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1dee-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1520
custom.css
blog.lumen.com/wp-content/themes/grandnews/css/jqueryui/
19 KB
4 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/jqueryui/custom.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
80ccff5d5ffccfb54d9645d87ee2def16f0dbc4354edee193f87f7156088fdd7

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"4d50-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3747
flexslider.css
blog.lumen.com/wp-content/themes/grandnews/js/flexslider/
5 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/flexslider/flexslider.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
85b3833b74166fdd5117d2932dfd70194654224487768a33450ac6fae2eaabf2

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"13bc-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1621
tooltipster.css
blog.lumen.com/wp-content/themes/grandnews/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/tooltipster.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0c75d452f31db2e3597de899da1030a5482b121f6bbad925606c6acc7e4f6190

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"2300-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1647
screen.css
blog.lumen.com/wp-content/themes/grandnews/css/
150 KB
23 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9f2ae0cd6aba41f079d3ee56c0518081cafd8704bf8f6336df2553c48ea0f52b

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"25859-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
23387
left-align.css
blog.lumen.com/wp-content/themes/grandnews/css/menu/
1 KB
772 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/menu/left-align.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b52cc4be6a05df6efda2ceb5ecdf84f34f97a70ebc8c65751cb4b3bf97030ea2

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"481-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
453
font-awesome.min.css
blog.lumen.com/wp-content/themes/grandnews/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"7187-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
6666
videojs-pip.css
players.brightcove.net/videojs-pip/1/
913 B
754 B
Stylesheet
General
Full URL
https://players.brightcove.net/videojs-pip/1/videojs-pip.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.193.134 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-134.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
aecfebb58655e1607358f9701c36c07299d6c5d0f619bc78080d073683043d5a

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
WMGcm7sYw.eQeC68.dxwoyTBFV87VYmx
content-encoding
gzip
date
Tue, 10 Sep 2024 04:42:37 GMT
x-amz-request-id
PQ7CZM349DHWJSV0
x-amz-replication-status
COMPLETED
content-length
323
x-amz-id-2
w74ZtRhEu7sLdnueRAvw0RXfEpebjyzKQ5hkw4NTgDZ4ZKfCWRMfRI2vgIQHxWtWyqMR7Ta3EXU=
x-bcov-response-mode
1
x-served-by
cache-iad-kiad7000164-IAD
last-modified
Thu, 11 Aug 2022 17:08:52 GMT
server
AmazonS3
x-timer
S1661789022.214466,VS0,VE0
etag
"2a536ec50ae8c14c76f9177e52fc9c11"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=18
accept-ranges
bytes
x-cache-hits
33
brightcove_playlist.min.css
blog.lumen.com/wp-content/plugins/brightcove-video-connect/assets/css/
615 B
578 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/brightcove-video-connect/assets/css/brightcove_playlist.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0e174386ba0beab286ea1bf943e6c1ae8846f5ee6010d0cf786b82ebf957c3ad

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2024 00:03:04 GMT
Server
Apache
ETag
"267-618af31371734-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
259
wp-review.css
blog.lumen.com/wp-content/plugins/wp-review/public/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-review/public/css/wp-review.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 19:04:55 GMT
Server
Apache
ETag
"92f1-5c85be51cc3c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5976
addtoany.min.css
blog.lumen.com/wp-content/plugins/add-to-any/
2 KB
853 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/add-to-any/addtoany.min.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:29:22 GMT
Server
Apache
ETag
"644-620219ac32db1-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
534
2a7eb8dd-5d7c-47cb-8f1a-5c29019d6b6b
https://blog.lumen.com/ Frame
0
0

css
fonts.googleapis.com/
55 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A800%2C700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CRaleway%3A700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58b446aaa1dcf041362b1504b688cb2020ac76efbad0eccb7b2064e01a8bbef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 04:42:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 04:42:38 GMT
kirki-styles.css
blog.lumen.com/wp-content/themes/grandnews/modules/kirki/assets/css/
0
263 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/modules/kirki/assets/css/kirki-styles.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"0-5ae561720cf80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
0
grid.css
blog.lumen.com/wp-content/themes/grandnews/css/
45 KB
7 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/grid.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
69f06f02087358cfdf71ea8c1db996682a2b35ff4cadc602c00c3f4d20071fd9

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"b5d6-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
7003
left-align-grid.css
blog.lumen.com/wp-content/themes/grandnews/css/menu/
1 KB
704 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/menu/left-align-grid.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5012972953bac6293f8af3138102e6870b5aa9e04a8385c00f629063222639c4

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"59f-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
385
admin-ajax.php
blog.lumen.com/wp-admin/
1 KB
1 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-admin/admin-ajax.php?action=grandnews_custom_css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
36f49c3349b36ba14678127a8cd6c90108b403a591824c0266d5cc1da2a8f10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=97
Content-Length
588
Expires
Wed, 11 Jan 1984 05:00:00 GMT
frontend-gtag.min.js
blog.lumen.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/
11 KB
3 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Aug 2024 20:50:37 GMT
Server
Apache
ETag
"2da9-62037b1ba0db3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3245
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8896
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"b57737a151d7fd411c90e2eb8cdb171e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2F5UkSxHlHBesRCdpaSLQocTj2rxJGAdAjrWXQHUrT%2BAm4II7ZE7V54VTbr7uD4uJPQU3er0eoWuGNzNdiBSL6mi3FirA6zhz78QgNBCbazBqcRdVO1z%2FIfhDW6UpAPfygl1y2Yj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8c0cc0a94d3942ad-EWR
jquery.min.js
blog.lumen.com/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Nov 2023 20:54:35 GMT
Server
Apache
ETag
"15601-60aafcf64f7ea-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
30368
jquery-migrate.min.js
blog.lumen.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Aug 2023 20:25:55 GMT
Server
Apache
ETag
"3509-602fbfc758b7c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4872
addtoany.min.js
blog.lumen.com/wp-content/plugins/add-to-any/
129 B
458 B
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/add-to-any/addtoany.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:29:22 GMT
Server
Apache
ETag
"81-620219ac32db1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
126
flatpickr.min.js
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/
49 KB
14 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"c5a4-620219d930850-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14441
select2.min.js
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/
69 KB
20 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"114c3-620219d9375b1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
19904
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
47206
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:12 GMT
server
cloudflare
etag
0x8DCCD749DA8FD23
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
771b698c-901e-00ec-41c4-ff9bf3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0a3ce80c3ee-EWR
launch-22e49494a283.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/
964 KB
244 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d09dccc6c776bf1c462dc13db1d0b2777b694478b2c2700f44c77bdb9171b175

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:49 GMT
server
AkamaiNetStorage
etag
"adb6bb0ffde5203723b66b40c0d6d8f5:1724956729.459454"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
249617
expires
Tue, 10 Sep 2024 05:42:38 GMT
Lumen-Logo.png
blog.lumen.com/wp-content/uploads/2020/09/
2 KB
2 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2020/09/Lumen-Logo.png
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
96c76a7af27cb509867c24dc39e493bf5d3a3c7abcabc7c1ee56a3907a495cf2

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 14 Sep 2020 02:10:56 GMT
Server
Apache
ETag
"6df-5af3c8b72ac00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1759
BLL-Square-No-Border-65x65.png
blog.lumen.com/wp-content/uploads/2021/01/
1005 B
1 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2021/01/BLL-Square-No-Border-65x65.png
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
72e1f4b24380d6707ac1181f875e255dd37b71628602b59523f854b63b619429

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 25 Jan 2021 23:11:16 GMT
Server
Apache
ETag
"3ed-5b9c1a7a52d00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1005
BLL-Final-Blog-Image_Crossroads.jpg
blog.lumen.com/wp-content/uploads/2024/08/
123 KB
124 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/BLL-Final-Blog-Image_Crossroads.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
11ccb220082d08be5a4cb05ebeeab230a19591b4fb2d235b3c066b6e8900b4e1

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Thu, 22 Aug 2024 19:39:49 GMT
Server
Apache
ETag
"1ed5e-6204ad25ef315"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
126302
Versa1.1.jpg
blog.lumen.com/wp-content/uploads/2024/08/
115 KB
116 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/Versa1.1.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
22156d1750ac273851df53510e6e82ed6ca50bb10549a7a720ab5e2766e03df3

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 19 Aug 2024 19:21:58 GMT
Server
Apache
ETag
"1cd7d-6200e38fd9951"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
118141
Versa2.jpg
blog.lumen.com/wp-content/uploads/2024/08/
63 KB
63 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/Versa2.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0c3220cadfa663515f79dee387edf403959f4963ea2e28099c3127ab33a5c119

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 19 Aug 2024 19:22:52 GMT
Server
Apache
ETag
"fc3f-6200e3c3601c2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
64575
BLL-Square-No-Border-300x300.png
blog.lumen.com/wp-content/uploads/2021/01/
7 KB
7 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2021/01/BLL-Square-No-Border-300x300.png
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5a87da688bb4ee5a5fc733416d7200546ca989356bee3bf24765bbb9eed111c1

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 25 Jan 2021 23:11:16 GMT
Server
Apache
ETag
"1aba-5b9c1a7a52d00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
6842
BLL-Final-Blog-Image_Crossroads-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/08/
84 KB
84 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/BLL-Final-Blog-Image_Crossroads-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e216a2e4c8ec23a5ca1754df6c353520069e0f95a73a5db65219fad4b740da1d

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Thu, 22 Aug 2024 19:39:52 GMT
Server
Apache
ETag
"14f1a-6204ad28cb9eb"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
85786
UDS-Customer-Story-Blog-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/08/
68 KB
69 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/UDS-Customer-Story-Blog-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fa71494df231d3c2ddfac216288f8d2e91e77f79c68405cda94934738145a94e

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Tue, 13 Aug 2024 20:59:15 GMT
Server
Apache
ETag
"111d8-61f96e1dfd2d9"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
70104
Lumen-Defender-Final-Blog-Image-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/08/
50 KB
50 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/Lumen-Defender-Final-Blog-Image-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d3bf457568c0dd8169d2d61ab015fc63162ed279bb7da3e8eea78f7d08f0818e

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Mon, 15 Jul 2024 19:32:01 GMT
Server
Apache
ETag
"c89d-61d4e488811f3"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
51357
image-bll-cuttlefish-malware-848x566-1-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/05/
74 KB
74 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/05/image-bll-cuttlefish-malware-848x566-1-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
deecf7e07dad2be43a72d446d545581d045be8096f92fa479c2a350ab8e3b41d

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Tue, 23 Apr 2024 21:51:20 GMT
Server
Apache
ETag
"1261d-616ca8de5070d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
75293
BLL-blog-image-TheMoon-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/03/
68 KB
69 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/03/BLL-blog-image-TheMoon-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d4ed483198b4c6aa8eda708c45d954557e85a41af7b548ba8c7a7a3f32361207

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Thu, 21 Mar 2024 16:46:21 GMT
Server
Apache
ETag
"1112a-6142e7272aa58"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
69930
Blog-CS-ProStratus-Hero-700x466.jpg
blog.lumen.com/wp-content/uploads/2024/08/
54 KB
55 KB
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2024/08/Blog-CS-ProStratus-Hero-700x466.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e8b93f317f6fedf1f871405cef5e5f9ed9f5740e7082c17cacee9c45a4d5a9b1

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Last-Modified
Fri, 16 Aug 2024 18:01:53 GMT
Server
Apache
ETag
"d905-61fd0c11bd6b2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
55557
related.css
blog.lumen.com/wp-content/plugins/yet-another-related-posts-plugin/style/
307 B
496 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Mar 2024 19:53:47 GMT
Server
Apache
ETag
"133-61481881da28f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
177
core.min.js
blog.lumen.com/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:28:34 GMT
Server
Apache
ETag
"53d8-6202197e604cb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
7106
mouse.min.js
blog.lumen.com/wp-includes/js/jquery/ui/
3 KB
1 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/jquery/ui/mouse.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:28:34 GMT
Server
Apache
ETag
"d64-6202197e5f52b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
1098
slider.min.js
blog.lumen.com/wp-includes/js/jquery/ui/
11 KB
3 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/jquery/ui/slider.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d9b268266af74b5c0834e2a519303ca97c5427c5fb7abb3b89ad29e07664be14

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:28:34 GMT
Server
Apache
ETag
"2a07-6202197e604cb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3138
front.js
blog.lumen.com/wp-content/plugins/authors-list/backend/assets/js/
4 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/authors-list/backend/assets/js/front.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
98a9b7c4677be1ddce09e432eded727223274d7de6ff4be6f66d34d28bf238c9

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Jan 2024 18:55:39 GMT
Server
Apache
ETag
"f25-60fddd79ad4a5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1202
frontend.min.js
blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/js/
19 KB
5 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Aug 2024 18:30:09 GMT
Server
Apache
ETag
"4ae9-620219d9375b1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
4478
ilightbox.packed.js
blog.lumen.com/wp-content/themes/grandnews/js/
50 KB
22 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/ilightbox.packed.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fd96d9b3f117bd211bf9c6450e287560b6bcc50871852a51b46271c6bb26c520

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"c939-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
22699
jquery.easing.js
blog.lumen.com/wp-content/themes/grandnews/js/
8 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.easing.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1fa1-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
1986
jquery.sticky-kit.min.js
blog.lumen.com/wp-content/themes/grandnews/js/
3 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.sticky-kit.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"aee-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
1295
jquery.lazy.min.js
blog.lumen.com/wp-content/themes/grandnews/js/
4 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.lazy.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6829c1878e43fdd02c7244b48260f1ff88f6fcac41d1c301ba0ae1377e73a445

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"f48-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1765
jquery.cookie.js
blog.lumen.com/wp-content/themes/grandnews/js/
3 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.cookie.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"c44-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
1395
jquery.tooltipster.min.js
blog.lumen.com/wp-content/themes/grandnews/js/
17 KB
5 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/jquery.tooltipster.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
da1ba35a2a2d6ce67672b81a8bd061e3eb6cfdb6d7369252c89b059150631787

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"420c-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
4701
custom_plugins.js
blog.lumen.com/wp-content/themes/grandnews/js/
7 KB
2 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/custom_plugins.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a21b30b2a786682f0d591c7efecd653f038607546881ada1af46a9a25850e789

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1c36-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1685
custom.js
blog.lumen.com/wp-content/themes/grandnews/js/
13 KB
3 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/js/custom.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e701b8c32867d0e3d7421103495316d2b3709ca3568a83bfad9ea816f12aaf6d

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Sep 2020 20:49:55 GMT
Server
Apache
ETag
"3594-5ae8302d4c2c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
3209
js.cookie.min.js
blog.lumen.com/wp-content/plugins/wp-review/public/js/
2 KB
1 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-review/public/js/js.cookie.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 19:04:55 GMT
Server
Apache
ETag
"69f-5c85be51cc3c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
866
underscore.min.js
blog.lumen.com/wp-includes/js/
18 KB
7 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/underscore.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2022 21:31:07 GMT
Server
Apache
ETag
"4991-5ed9d30be9cc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
7311
wp-util.min.js
blog.lumen.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/wp-util.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2022 21:31:07 GMT
Server
Apache
ETag
"592-5ed9d30be9cc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
756
main.js
blog.lumen.com/wp-content/plugins/wp-review/public/js/
3 KB
1 KB
Script
General
Full URL
https://blog.lumen.com/wp-content/plugins/wp-review/public/js/main.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 19:04:55 GMT
Server
Apache
ETag
"bdb-5c85be51cc3c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1158
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W2FJHBFJEY&gtm=45je4940v9162857838za200&_p=1725943357920&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101403290&gdid=dZGIzZG&cid=1964492800.1725943358&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725943358&sct=1&seg=0&dl=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&dt=Taking%20the%20Crossroads%3A%20The%20Versa%20Director%20Zero-Day%20Exploitation%20-%20Lumen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2FJHBFJEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/dark-skin/
7 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/dark-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1c79-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1319
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/light-skin/
7 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/light-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a7ed0f85261e7d594171e2dfd5032c23abae12d922850af74bcd002a03ae540c

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1d1b-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1321
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/parade-skin/
2 KB
907 B
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/parade-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f5d5326d6927dde6e8e78e6ed65e9c46377c37ec06d33a4e9e0dd41510b12bdc

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"8dd-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
588
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/metro-black-skin/
6 KB
1 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/metro-black-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dc0ef59613f66c6d0a0a9f0148af554b20c9fee2d2b2c7a77420dfa3dfb4d465

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"171f-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1203
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/metro-white-skin/
8 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/metro-white-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
96aa559762b01f8a7df365a53a910608c469864ab29802f65e0cf9341b82ce38

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1f16-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1340
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/mac-skin/
11 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/mac-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a35fb774ab8d09d31653f620e21d7d138bbdfaff9f43380ac378d012594d7433

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"2d77-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1721
skin.css
blog.lumen.com/wp-content/themes/grandnews/css/smooth-skin/
7 KB
2 KB
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/smooth-skin/skin.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0de8e20a4a65fc8b808389eaf798844bba4f75b4a55d3e92367d130b595aee97

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/ilightbox/ilightbox.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"1cce-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1425
reset.css
blog.lumen.com/wp-content/themes/grandnews/css/
547 B
0
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/reset.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f0c7be55f463c02bbd134c6e2afd2e4137a16468073856266042151fb8057609

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"223-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
325
wordpress.css
blog.lumen.com/wp-content/themes/grandnews/css/
3 KB
0
Stylesheet
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/css/wordpress.css
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
27bd3b47f7d1b9adb2575bbf0e960d25fdb28b2e1610d335bf42c62177a32a28

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/screen.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"bfd-5ae561720cf80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1018
e733a0d8-63ff-4a39-b870-9ef50b603bcf.json
cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/
7 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/e733a0d8-63ff-4a39-b870-9ef50b603bcf.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af8e8d9884758fe1d6479d06d2cfeb589301903050a3b26a1b47741a28fd520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
23704
content-md5
Zl3NmdcFrTtfjntJ1IsLww==
content-length
2128
x-ms-lease-status
unlocked
last-modified
Fri, 05 Jan 2024 15:31:48 GMT
server
cloudflare
etag
0x8DC0E036E813C23
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ac5b1779-e01e-0018-2aed-3fe6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0a928a3c327-EWR
expires
Wed, 11 Sep 2024 04:42:38 GMT
gtm.js
www.googletagmanager.com/
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLWF636
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfc2c011cebf652a4a97f9c052d0fc4e7c43b2f1a142c7707622b5d9adc70dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68566
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Sep 2024 04:42:38 GMT
Lumen-Logo.png
blog.lumen.com/wp-content/uploads/2020/09/
2 KB
0
Image
General
Full URL
https://blog.lumen.com/wp-content/uploads/2020/09/Lumen-Logo.png
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
96c76a7af27cb509867c24dc39e493bf5d3a3c7abcabc7c1ee56a3907a495cf2

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Mon, 14 Sep 2020 02:10:56 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"6df-5af3c8b72ac00"
Content-Length
1759
Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A800%2C700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CRaleway%3A700%2C700%2C800%2C400%2C900%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 20:46:33 GMT
x-content-type-options
nosniff
age
374165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Sep 2025 20:46:33 GMT
fontawesome-webfont.woff2
blog.lumen.com/wp-content/themes/grandnews/fonts/
70 KB
70 KB
Font
General
Full URL
https://blog.lumen.com/wp-content/themes/grandnews/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://blog.lumen.com/wp-content/themes/grandnews/css/font-awesome.min.css
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Wed, 02 Sep 2020 15:14:22 GMT
Server
Apache
ETag
"118d8-5ae561720cf80"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
71896
190628074915MaisonNeue.woff
blog.lumen.com/wp-content/uploads/useanyfont/
29 KB
30 KB
Font
General
Full URL
https://blog.lumen.com/wp-content/uploads/useanyfont/190628074915MaisonNeue.woff
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7e29c072a03e9825f54a07dbecb8cbd7f1fc934fa4886692717e18b3d393f8ff

Request headers

Referer
https://blog.lumen.com/wp-content/uploads/useanyfont/uaf.css
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:38 GMT
Last-Modified
Fri, 28 Jun 2019 19:49:15 GMT
Server
Apache
ETag
"757c-58c6792be04c0"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
30076
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
69 B
305 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8c0cc0aa18884cb4-PHL
access-control-allow-headers
Content-Type
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWF636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:25::1721:2ac6 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 11:06:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=10631
accept-ranges
bytes
content-length
14628
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052
370 B
914 B
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Server
52.201.11.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-11-167.compute-1.amazonaws.com
Software
/
Resource Hash
1ca46f52ee05cc513b9533fb90c4dee29c68cd0fa957c0d94cfd53c539b76335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v064-0e6dad10b.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
Fl8+AfNwS90=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
312
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v064-04ee40480.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
qsjdUsfkSng=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AA683BC75245B3880A490D4D%40AdobeOrg&d_nsid=0&ts=1725943359052
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
34 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 10 Sep 2024 05:42:39 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Tue, 10 Sep 2024 05:42:39 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202312.1.0/
428 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
omr+ywUvfLiKRTWN9kGq4A==
age
28910
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106367
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:28:15 GMT
server
cloudflare
etag
0x8DCA5D5D2845E0F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
edaa6736-801e-00d1-4ac0-d72ed5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0aacb43c3ee-EWR
attribution_trigger
px.ads.linkedin.com/
2 B
761 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=512484&time=1725943359185&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 726F81614DF14AF3B52AEB90AC827F7F Ref B: PHL30EDGE0215 Ref C: 2024-09-10T04:42:39Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYhvIDVd4HSJjAxofor1g==
x-fs-uuid
000621bc80d57781d2263031a1fa2bd6
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-directo...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-directo...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D512484%26time%3D1725943359185%26li_adsId%3D3311a3b4-290f-45ac-b6ce-164bcb39d789%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-directo...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-direct...
0
705 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&cookiesTest=true&liSync=true&e_ipv6=AQL4FTgDmbMNnQAAAZHaPahpSY-rD__mpGusGZyJa8E08Rudr4UFOrSNKQSBF8HmDJk0maTuO9A
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 32ABB51614094165992F8F047BA564CC Ref B: PHL30EDGE0406 Ref C: 2024-09-10T04:42:39Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYhvIDdbHqShxcEKflgXA==

Redirect headers

date
Tue, 10 Sep 2024 04:42:38 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9AF64E12D4AE44C9A1F2CB02990C17A4 Ref B: PHL30EDGE0106 Ref C: 2024-09-10T04:42:39Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=512484&time=1725943359185&li_adsId=3311a3b4-290f-45ac-b6ce-164bcb39d789&url=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&cookiesTest=true&liSync=true&e_ipv6=AQL4FTgDmbMNnQAAAZHaPahpSY-rD__mpGusGZyJa8E08Rudr4UFOrSNKQSBF8HmDJk0maTuO9A
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYhvIDZoYR5Y8uqTNL3oQ==
en.json
cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/868df972-0965-461a-87a6-bb8d247d1268/
62 KB
16 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/e733a0d8-63ff-4a39-b870-9ef50b603bcf/868df972-0965-461a-87a6-bb8d247d1268/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d6fd9136567b298e845184f766394af7a2a2beceeb72d22a0dc4657115cbb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
48089
content-md5
nRuIN+d4DvvhYq6v2RstFA==
content-length
15865
x-ms-lease-status
unlocked
last-modified
Fri, 05 Jan 2024 15:33:02 GMT
server
cloudflare
etag
0x8DC0E039AFAC969
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7468ca3c-501e-00a4-0b77-793025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0ab897fc327-EWR
expires
Wed, 11 Sep 2024 04:42:39 GMT
dest5.html
centurylink.demdex.net/ Frame B13D
0
0
Document
General
Full URL
https://centurylink.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.100.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-100-34.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 10 Sep 2024 04:42:39 GMT
dcs
dcs-prod-va6-2-v064-07e36812e.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 19 Aug 2024 12:41:44 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
KWyqpkZfShU=
id
ametrics.lumen.com/
48 B
456 B
XHR
General
Full URL
https://ametrics.lumen.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AA683BC75245B3880A490D4D%40AdobeOrg&mid=34240208115298584081926775598105098931&ts=1725943359297
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
26934b4899c27185c45eaf81a780ff380d83b8b0128cd1d6a41324edbe02ccd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Zt-OPwAAAGDs3AN_
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=26036904132095689741232845387221143829
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zt-OPwAAAGDs3AN_
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zt-OPwAAAGDs3AN_
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Server
52.201.11.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-11-167.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v064-01d815503.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
mkdeXys4ShA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zt-OPwAAAGDs3AN_
Date
Tue, 10 Sep 2024 04:42:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
sm.25.html
static.addtoany.com/menu/ Frame 10D3
0
0
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
15905
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8c0cc0ac7ac5c334-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 10 Sep 2024 04:42:39 GMT
last-modified
Tue, 10 Sep 2024 00:17:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUi4s5AwYsEsKKmDNo%2B4ziMU%2BkmNHmLlJEN%2BVEaQTLfKMD%2BXDGVXId8b1d0AVmWRePCtMXSsH0CrKVeYwIdmxfaBt71jU219%2BtWRnC2xCxAoRwk5pPmLfkSqZY%2BbKf7EWx9OiKeW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.D0Uc7kY6.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6679
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"6fea96ea56ee4fff557b8776f9c8c3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ztTcB49S12%2BINoEkZ6yZ41bG7MjtsI1lhT9cR7SoWJqpCf80DFzJpqcsr8bMhVr1kTIWY5mGj%2FmxdtXZc9mc1g4VNr6AR8dgnzxwvCuHoRcRkBXiRd4aLnWrq2rm7WcS%2BhlB4MffxBYARvoOL08ueze"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8c0cc0ac7a3e4252-EWR
wp-emoji-release.min.js
blog.lumen.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://blog.lumen.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Apr 2024 14:33:07 GMT
Server
Apache
ETag
"4926-615d308a2e421-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
5062
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
10 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tWGrzE0MO5VvWFyQOt36oA==
age
23704
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2627
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:28:08 GMT
server
cloudflare
etag
0x8DCA5D5CE727ED2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
217e6eee-901e-00ce-6248-d8f5c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0acf9ebc327-EWR
otPcPanel.json
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/
64 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
badf35905761263dade3a1d625565f9ab8329d92bdf4f16894d0e54399c6ab58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
32poMsp3Qt8pBHJvGwvC/w==
age
23704
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12861
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:28:09 GMT
server
cloudflare
etag
0x8DCA5D5CEE4967F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6689bfc1-501e-001f-5031-d8489a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0acf9eec327-EWR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202312.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
23703
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 20:28:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e7584123-501e-0097-7404-d8f043000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0cc0acf9efc327-EWR
facebook.js
static.addtoany.com/menu/svg/icons/
429 B
837 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28001
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"68925fa8e347041c6006837e73c518bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjpGjli%2FhZjTkKvk0NkFDWHYE4BBCvQ8d7h8qA8w1b5ELRZwOw%2FQBh9lrsuGhQD4oH48UZM6%2FdMCGZThmDdNcrAQpW4Nbmfm5ifesLQwcO79zFJ887V7BVhVzQCktpuv8nb31csLqccYOMrKie0qCP5P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2ab74252-EWR
twitter.js
static.addtoany.com/menu/svg/icons/
645 B
920 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28001
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"af2b829f9b79fabec7c0148a8b7e444b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2jsCOoowqSAVkYLVaJLSkNck5iK0qKNaP9G0SgjrwFZ4Sh%2BHvQoAoklrdyXLVs%2BaxqrXssbB99JNa7m4QBc0ar%2BdOuLfeH%2FGcMGXgRoCjKqm9uT7%2FDJ2bUF2kS8JlQbH9W3GvW2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2aba4252-EWR
linkedin.js
static.addtoany.com/menu/svg/icons/
435 B
820 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/linkedin.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5dbb2cdb85126fdc9d774971a56f8848dbee977a382bd512a5f8b49ea8c727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28001
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"00b1b78053ab07c79bfea2e5a1db9d70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRBoZs4YyNJ1KEyMT9cNHO1O0Rsi8tFACWQ4E982nCYENtASwb2zrg6mPHkLPiKfHJj%2FmmoeD20aFz1mSCVTYCUgoxa3lW3iMI7NfiYR%2BiDFFxQ7kAtbBtYoz6TTQzI3JrnIMvE%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2abc4252-EWR
pinterest.js
static.addtoany.com/menu/svg/icons/
892 B
1 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/pinterest.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28001
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"b83511f1e536e2440b4e06f3278d8a84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CXckDwHfd0MbQPR2eo7hOpGUPbAaIw4c1OEBhOEr6Pw49Up7IidTO6jRtmwDiv0TWTuVSfasZ6%2FOIsrTrWP0OkNzR9sI%2B1k7hxnMl1mxpymiY2f9edkZRCiorYIk8xIzLpk0qgc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2abd4252-EWR
email.js
static.addtoany.com/menu/svg/icons/
415 B
816 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/email.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28001
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"eb2119ad4221a9d01abc336e06962867"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlXWh6KfrG9Jb3sComxTIQfQZpQJowRs22vIkfo3PVSzrLjuVJKWUc3O94urWSRnHEZ%2Bp7DKuHt0Ulh3LMVxRf0TukRUKgASJDbhJJnO%2F6XffKruwOU%2Ft%2Bmo3nhx17cA0Hqgoj9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2ac04252-EWR
a2a.js
static.addtoany.com/menu/svg/icons/
182 B
679 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/a2a.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.D0Uc7kY6.js
Origin
https://blog.lumen.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22897
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEbXyZq7Py7bRfTm3D5Z9RNyrq496zoHgErzJ%2F0GEfu4X01kI9sv0p13qPIaDZry%2BhkWl%2Bnnk5hIE6V2RBZ9AtEDNQivnKidytafrLkLqmI35A%2Ffrfgpwb%2FBDD0MwfYp1tltQSG%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
8c0cc0ad2ac24252-EWR
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
494 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
16743
x-ms-lease-status
unlocked
last-modified
Mon, 09 Sep 2024 02:35:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
016a962a-a01e-00c6-646c-02eeb6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0cc0adba3fc327-EWR
Lumen_Logo_Blue_Black.jpg
cdn.cookielaw.org/logos/1ae347be-af44-49ef-af44-e59c45658fb2/3a143470-7ab9-43d3-b76b-5d5b598ece46/5a5af10f-616c-4b7b-b559-43dd8ab9df29/
9 KB
10 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/1ae347be-af44-49ef-af44-e59c45658fb2/3a143470-7ab9-43d3-b76b-5d5b598ece46/5a5af10f-616c-4b7b-b559-43dd8ab9df29/Lumen_Logo_Blue_Black.jpg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71161e2cb344e1c97d9fcd6d0942c9cbe0bff345ac3a0de2d1bacee0413d8ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cjcWjL8BP98sWvO//OY3Fg==
age
29638
content-length
9569
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Thu, 20 Aug 2020 19:55:08 GMT
server
cloudflare
etag
0x8D84542F0A36EB6
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
95663d1c-401e-00a8-5f61-23a72d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8c0cc0aded1ec3ee-EWR
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 04:42:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
38377
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2de5db3-801e-001d-04ce-ff4a60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8c0cc0aded20c3ee-EWR
set-consent
adobedc.demdex.net/ee/v1/privacy/
918 B
966 B
Fetch
General
Full URL
https://adobedc.demdex.net/ee/v1/privacy/set-consent?configId=d3bbafd3-c7c6-43c8-8ae9-5abb7541e128&requestId=a34893e8-7726-433b-8dfb-6a527655fd34
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.15 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-15.data.adobedc.net
Software
jag /
Resource Hash
92a062cefa851ef129a155691bce953d88df8851d190ecbaac28b77d10805de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
a34893e8-7726-433b-8dfb-6a527655fd34
ip.json
api.company-target.com/api/v2/
472 B
970 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?key=X21DJyPPSD2khkfyb6OTTMVruEPF4o8f8IMnhLWR&page=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&referrer=&page_title=Taking%20the%20Crossroads%3A%20The%20Versa%20Director%20Zero-Day%20Exploitation%20-%20Lumen&src=adobelaunch
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-79.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
b908c82f874eb057ad9f3d89b49fe67cdde5a47df18613afb5612f6f11b8b2cf

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
request-id
af0b9f5c-3657-4990-935e-71c87e93092c
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
access-control-expose-headers
x-amz-cf-id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Sb0Vgus0zpc0cLURRwqTaOwCyGknH4KOiccnyb_W8lBVMuMVfI4Suw==
expires
Mon, 09 Sep 2024 04:42:39 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-6-193.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
RC53e40d3ebba04484811e28f976856310-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
298 B
442 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC53e40d3ebba04484811e28f976856310-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15e636d8ca96cccad65511c80fa1de7860e445226a53962ecffdb195d9eeed4c

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
186
expires
Tue, 10 Sep 2024 05:42:39 GMT
RC8fd80d29a27b4bd2934e0c97947ba711-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC8fd80d29a27b4bd2934e0c97947ba711-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb2065e2e15ad8488f030bd4904081d6a7a14c2f4f40be362ca7c4de258a06d7

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
885
expires
Tue, 10 Sep 2024 05:42:39 GMT
RC8c8e48dc5cca4fe480d9adc9314235b8-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
5 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC8c8e48dc5cca4fe480d9adc9314235b8-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b38c00fe897899e8d432ee4fa0fb4fe777f73f9c7d885c3c270219081e7a246e

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1463
expires
Tue, 10 Sep 2024 05:42:39 GMT
tag.js
lptag.liveperson.net/tag/
27 KB
10 KB
Script
General
Full URL
https://lptag.liveperson.net/tag/tag.js?site=43906703
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Thu, 30 May 2024 01:00:50 GMT
server
ws
etag
"6657cfc2-253d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
9533
js
www.googletagmanager.com/gtag/
310 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-31B649S3RB
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a0222001e90b2444b45b2fb9c4365447e36019196981c0bd15573c28ab58337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 10 Sep 2024 04:42:39 GMT
RCe9cf63601c5b40a78bc583a2e2d2f9b7-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
662 B
635 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCe9cf63601c5b40a78bc583a2e2d2f9b7-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5acfbc532b09ff1ffb02278a78479645ab30c6af419a07e23e7f3806c5dc8f73

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
379
expires
Tue, 10 Sep 2024 05:42:39 GMT
RC30eb811764284d4fb02f2aabdf8919d1-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
8 KB
3 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC30eb811764284d4fb02f2aabdf8919d1-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bbf5b58ac6a955f023fde933097422f9b147927cf67a6eec34c349d8bd49c3ad

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2463
expires
Tue, 10 Sep 2024 05:42:39 GMT
RC69a3e1ea139c4f159fff31061224750c-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
3 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC69a3e1ea139c4f159fff31061224750c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d89cda7795ef50e3775bd05088bdbabf51cec9f0a0cdd7e5078206a2d33b8ae6

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1017
expires
Tue, 10 Sep 2024 05:42:39 GMT
RCccfdf6cb571845babeb2e0be4022ef01-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
38 KB
11 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCccfdf6cb571845babeb2e0be4022ef01-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
760b45f59ef1b1c99364b5c3c3949f65b21971aff3b16f55aa1b5336cbc81230

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
11040
expires
Tue, 10 Sep 2024 05:42:39 GMT
/
px.ads.linkedin.com/wa/
0
198 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: CC8AD4DDD63C4769AEA988324B89BC6B Ref B: PHL30EDGE0106 Ref C: 2024-09-10T04:42:39Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
access-control-allow-origin
https://blog.lumen.com
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYhvIDelEqD8DdqmHPGKA==
munchkin.js
munchkin.marketo.net/163/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-6-193.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Thu, 19 Dec 2024 04:42:39 GMT
visitWebPage
926-hyv-740.mktoresp.com/webevents/
2 B
318 B
Ping
General
Full URL
https://926-hyv-740.mktoresp.com/webevents/visitWebPage?_mchNc=1725943359959&_mchCn=&_mchId=926-HYV-740&_mchTk=_mch-lumen.com-1725943359958-37500&_mchHo=blog.lumen.com&_mchPo=&_mchRu=%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=AA683BC75245B3880A490D4D%40AdobeOrg%3A7%3A34240208115298584081926775598105098931&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:40 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
5a4e7088-1ec3-4256-8a0c-dbbb5fa4397b
destination
www.googletagmanager.com/gtag/
227 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-123XYZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2FJHBFJEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f37f5c0a5f740d2480903af71069f1ce94d20b328136cff5cd8a2057bf6afac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84645
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Sep 2024 04:42:40 GMT
js
www.googletagmanager.com/gtag/
215 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2FJHBFJEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
beb7d18a63dd227080a6e353d91135413c07ab7dff122eacfd5d9e2d2b65291a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78923
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Sep 2024 04:42:40 GMT
js
www.googletagmanager.com/gtag/
215 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10006467
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb23db3601d322f46662a3bc0e1af715c31c616e46a7d45db0cdc651c11bfbc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78838
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Sep 2024 04:42:40 GMT
RC08d875bcb9274d78b402ce70f0d163ca-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
18 KB
3 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC08d875bcb9274d78b402ce70f0d163ca-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a767f9df2dfa54fa9d5905b55951371945c6d93f3595637b86aba08957af999e

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
3049
expires
Tue, 10 Sep 2024 05:42:40 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/
518 KB
155 KB
Script
General
Full URL
https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.153 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lptag.liveperson.net
Software
ws /
Resource Hash
31c51b25731146695a2a6c9aa64b33872cb91c3ba51980f68690f52accffd32e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript;charset=UTF-8
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-31B649S3RB&gtm=45je4940v897930332za200&_p=1725943357920&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&gdid=dZGIzZG&cid=1964492800.1725943358&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&sid=1725943360&sct=1&seg=0&dt=Taking%20the%20Crossroads%3A%20The%20Versa%20Director%20Zero-Day%20Exploitation%20-%20Lumen&en=page_view&_fv=1&_ss=1&_ee=1&ep.page_type=category_topic&ep.adobe_page_name=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation&ep.page_category=Blog%20-%20Article&ep.content_name=Taking%20the%20Crossroads%3A%20The%20Versa%20Director%20Zero-Day%20Exploitation%20-%20Lumen&ep.content_category=APT%7CBLACK%20LOTUS%20LABS%7CSUPPLY%20CHAIN&ep.author_name=Black%20Lotus%20Labs&ep.publish_date=Tue%20Aug%2027%202024&up.google_client_id=1964492800.1725943358&up.amc_visitor_id=34240208115298584081926775598105098931&up.ad_blocker=false&tfd=3041
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31B649S3RB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-31B649S3RB&cid=1964492800.1725943358&gtm=45je4940v897930332za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31B649S3RB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame E64F
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-31B649S3RB&gacid=1964492800.1725943358&gtm=45je4940v897930332za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1591053724
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31B649S3RB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
RCc79daa79d0ad45feb9ef0c14d509604b-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCc79daa79d0ad45feb9ef0c14d509604b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
18ae49d355c6e95b5785230e3697c9b98549590c13ca69e55e915bf463a39bcf

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
821
expires
Tue, 10 Sep 2024 05:42:40 GMT
3
ecf.d41.co/sync/
Redirect Chain
  • https://ecf.d41.co/sync/
  • https://id.rlcdn.com/712087.gif?cparams=3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf
  • https://id.rlcdn.com/1000.gif?memo=CJe7KxoNCMCc_7YGEgUI6AcQAEIASkozYTY1Y2RjNDc0ZDI0YmUxYTNhMDVmMjNjMjdhZDkxYy01MDk0NTBmODQ5YTI0NWI1OTIwNTJjMGZjZTMzNzliYi0xLTM3LWVjZg
  • https://ecf.d41.co/sync/3?RampID=Xc6491bwFZpqJ7O89KZmTep6erTDs_fagPuYUs21o7uTsjq40&3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf
0
583 B
Script
General
Full URL
https://ecf.d41.co/sync/3?RampID=Xc6491bwFZpqJ7O89KZmTep6erTDs_fagPuYUs21o7uTsjq40&3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Server
3.226.18.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-18-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
expect-ct
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://blog.lumen.com
cache-control
no-store
access-control-allow-credentials
true
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 10 Sep 2024 04:42:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ecf.d41.co/sync/3?RampID=Xc6491bwFZpqJ7O89KZmTep6erTDs_fagPuYUs21o7uTsjq40&3a65cdc474d24be1a3a05f23c27ad91c-509450f849a245b592052c0fce3379bb-1-37-ecf
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dnb_coretag_v5.min.js
cdn-0.d41.co/tags/
74 KB
25 KB
Script
General
Full URL
https://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-9.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 5f9847e2035814141303960526e10e26.cloudfront.net (CloudFront)
Date
Tue, 10 Sep 2024 04:27:03 GMT
Last-Modified
Thu, 18 Nov 2021 14:57:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P8
Age
938
ETag
W/"13bc1e6c74c25b3098a3b54b58b70b3c"
Transfer-Encoding
chunked
Vary
accept-encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
uv1zHZv6WVvY0ACQ8kP1l6-849ebfleTO_IgOX5ht72Ug93co4wS6A==
/
accdn.lpsnmedia.net/api/account/43906703/configuration/setting/accountproperties/
7 KB
3 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/43906703/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cf80753fbfec5122304e4b38f1de84de9ac45a9721b10c5a0c912ee8fae0313d
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 10 Sep 2024 04:43:10 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/
38 KB
12 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/ui-framework.js?version=10.39.0-release_1402625749
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 03:58:07 GMT
via
1.1 google
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
2673
x-guploader-uploadid
AD-8ljvdazJ77gqo6nSaGMKMEMc3HGQq2j0vHYmhNpdwzzotLKR8QzLQCW3SKXjOb3EjjLhxHvs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11797
last-modified
Fri, 16 Aug 2024 01:04:11 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1723770251794933
x-goog-hash
crc32c=oKNHqQ==, md5=BYdG3qhck64DJvVkVcqFTw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-goog-stored-content-length
39335
accept-ranges
bytes
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/
8 KB
2 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/surveylogicinstance.min.js?version=10.39.0-release_1402625749
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:02:59 GMT
via
1.1 google
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
2381
x-guploader-uploadid
AD-8ljt82DjdZblqhOny-Sxw5Wlq7OccloAdP6RWmZYeLE9QFf0Fnz7u45-vbByaaCSNfJH8NcWXEoXypQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2275
last-modified
Fri, 16 Aug 2024 01:04:11 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1723770251798234
x-goog-hash
crc32c=Qyp3Rw==, md5=paUQAgyh/ZCObtCdJZmPqw==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-goog-stored-content-length
7794
accept-ranges
bytes
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
zones
accdn.lpsnmedia.net/api/account/43906703/configuration/le-campaigns/
54 KB
8 KB
Script
General
Full URL
https://accdn.lpsnmedia.net/api/account/43906703/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
5fb99508236d3ed2ebe7460c3475d0d56fea2b399a802b4f4db68f9cc8191360
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 10 Sep 2024 04:43:10 GMT
api
vid7120.d41.co/
1 KB
2 KB
Fetch
General
Full URL
https://vid7120.d41.co/api?req=vid7120&form=json
Requested by
Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.18.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-18-227.compute-1.amazonaws.com
Software
/
Resource Hash
d35adc59c67fbc87c28cbbab20122293a6506bb2425c7ef4697e9ef8dcf8570c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
expect-ct
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://blog.lumen.com
cache-control
no-store
access-control-allow-credentials
true
content-length
1356
x-xss-protection
1; mode=block
RC6cf4a6a38c964003b4c3804377123820-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
3 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC6cf4a6a38c964003b4c3804377123820-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
acf5f4ae77414f264da6bdeadb59b23b72e5568dce38378797854a0675175921

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1078
expires
Tue, 10 Sep 2024 05:42:40 GMT
interact
ametrics.lumen.com/ee/va6/v1/
490 B
603 B
Fetch
General
Full URL
https://ametrics.lumen.com/ee/va6/v1/interact?configId=d3bbafd3-c7c6-43c8-8ae9-5abb7541e128&requestId=d0725332-d48e-4856-9bff-a0c4371e0462
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
0275175f8b9aed73eb5860c46d90ff86be02d28c94c2007539c6cc93e27272e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
d0725332-d48e-4856-9bff-a0c4371e0462
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/
43 KB
15 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.js?loc=https%3A%2F%2Fblog.lumen.com&site=43906703&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8637a49c03e14812f879ff37a81e18684bf001dbd57b50f2979d3da548a9c710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:00:05 GMT
via
1.1 google
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
2555
x-guploader-uploadid
AD-8ljtURX3YC1mtjRjr6XNII8RBITo5ljSIk_y55epa-QOmZwdhKzQFHOanMzNTyH96OtowdfqRYpDHqw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
last-modified
Wed, 04 Sep 2024 01:30:43 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1725413443361128
x-goog-hash
crc32c=FIZQ9g==, md5=0KOg156UvS3nvUpch5oB8Q==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-goog-stored-content-length
44277
accept-ranges
bytes
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/ Frame B80A
0
0
Document
General
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.30.1-release_1430893787/storage.secure.min.html?loc=https%3A%2F%2Fblog.lumen.com&site=43906703&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
15740
content-type
text/html
date
Tue, 10 Sep 2024 03:58:32 GMT
last-modified
Wed, 04 Sep 2024 01:30:43 GMT
server
UploadServer
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-goog-generation
1725413443383826
x-goog-hash
crc32c=q+dfQA== md5=B2c9V1IeikQWRHGSV/6emA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
48187
x-guploader-uploadid
AD-8ljvckY9XzV9CRWNIF1mh18fJZBWH8akB3SwTPRNdGSDs8DVkfndJa_JdgWlw8BlLNF50kDUEKK_vmA
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/
1 MB
243 KB
Script
General
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.39.0-release_1402625749/desktopEmbedded.js?version=10.39.0-release_1402625749
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/43906703/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b266355a37d38e01b52f108bc931b6e511414e5739d243fb0f870f98ab09b6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:11:20 GMT
via
1.1 google
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
1880
x-guploader-uploadid
AD-8lju9UJLQeZAHV6tV_2DEwPTsShch-qYF-RUFl17KrHccKk7uyiEljvOek_j-u9xQBKkBsvItMKSJGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248821
last-modified
Fri, 16 Aug 2024 01:04:11 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1723770251398485
x-goog-hash
crc32c=ziTJ8g==, md5=dXKCCduhr1zdkNaKEilmtA==
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-goog-stored-content-length
1057535
accept-ranges
bytes
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62d46bd19914a6662719761126830278933d1c7ef0dcac88e81ad9175af487bf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script'
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 10 Sep 2024 04:42:41 GMT
RC1b68b161112e4cd9bf2e514fd379da52-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
626 B
642 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC1b68b161112e4cd9bf2e514fd379da52-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
20c4a72e420f30494b7ce208b46b6cae6f01d9a444dce4363766b7570648017a

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
386
expires
Tue, 10 Sep 2024 05:42:40 GMT
RC3db9cc6f16734504bc417728daa18514-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
890 B
805 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC3db9cc6f16734504bc417728daa18514-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4341b9a298a50447f4414fda96f0adb763984ae83681157887062133e9c4f288

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
549
expires
Tue, 10 Sep 2024 05:42:40 GMT
RC45278c19747f40d9b8351fa3802e4ed4-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
2 KB
1006 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC45278c19747f40d9b8351fa3802e4ed4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
12308a385b9ba093085438046e35b400b2ac5b577d1759e9374f36e0d4884521

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
750
expires
Tue, 10 Sep 2024 05:42:40 GMT
RCbbb2bfa723484964abb9e0006fd38e5d-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
934 B
749 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCbbb2bfa723484964abb9e0006fd38e5d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d18bd5f20c37ec5ea28f3b5fd1a506d09277a78555345aa7f589677d01e02ced

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
493
expires
Tue, 10 Sep 2024 05:42:40 GMT
RCe80cf275bc2647ab94f8a33dbd19d244-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
899 B
767 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCe80cf275bc2647ab94f8a33dbd19d244-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4c9cf95b8c142239735287c57b9252ec39c9ca8483813914b2f47446f2287583

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
512
expires
Tue, 10 Sep 2024 05:42:40 GMT
RC676a6923a9884711809fef9107051129-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
974 B
792 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC676a6923a9884711809fef9107051129-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
593df2ab679b99df1eaef63558344eb7e9063c2b74eb79c42d073d382c347ee8

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
536
expires
Tue, 10 Sep 2024 05:42:40 GMT
RCeb185449833346029cb77dc781058164-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
928 B
785 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCeb185449833346029cb77dc781058164-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1b2df075225b6af05b9e04fb446c8118b28bcd431e295454aac268bb66e2b5e1

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
529
expires
Tue, 10 Sep 2024 05:42:40 GMT
RC1e6711f45c8d4f8eb6b49440f4555c89-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
588 B
614 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC1e6711f45c8d4f8eb6b49440f4555c89-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2c641b081387cd191e0d35e3f4fb293c84cc9aac433b6a78284a6ffdb00ec86d

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
358
expires
Tue, 10 Sep 2024 05:42:40 GMT
RC578db5a6f8904759ab51380c6d450237-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
1 KB
810 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC578db5a6f8904759ab51380c6d450237-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dce7d2bdbd7bd17e63a944e148a277924f18fc318dc93866d3c93dc5bc52ebf6

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
554
expires
Tue, 10 Sep 2024 05:42:40 GMT
RCa324d9377d6c483cb08844d754d94306-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
1 KB
733 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCa324d9377d6c483cb08844d754d94306-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
53b8716a7f0568c0037f41d647c414322b37e64f0674d687a19ecb4c5ae3a3e2

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
477
expires
Tue, 10 Sep 2024 05:42:40 GMT
favicon.png
blog.lumen.com/wp-content/uploads/2020/09/
212 B
479 B
Other
General
Full URL
https://blog.lumen.com/wp-content/uploads/2020/09/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8ec70ea440b3e01944d84bc5c66ca20c97fcea374edf700d80e12c34f99043e5

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:41 GMT
Last-Modified
Mon, 14 Sep 2020 21:18:05 GMT
Server
Apache
ETag
"d4-5af4c91f9dd40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
212
EeqIvelK.min.js
tag.demandbase.com/
63 KB
18 KB
Script
General
Full URL
https://tag.demandbase.com/EeqIvelK.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-60.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ea42aa294a4649b3ff204ea2c5e66f517fe0d7ac99ed28a7223bea036a7a8ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
evT51NlvKwUS3E90Xb8I7Z5Ejv5fRwVh
content-encoding
gzip
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
date
Tue, 10 Sep 2024 04:03:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
EWR53-P1
age
2347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Aug 2024 19:15:23 GMT
server
AmazonS3
etag
W/"f3f2263714700d433c38c1815dfcd2f8"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
q6Qew0CuFrQDSf1QQW2QAKkkU9h3AoEW0o44UbtqivAjysTJsv3yPQ==
script.min.js
cdn.clinch.co/a_js/client_pixels/clq/
10 KB
4 KB
Script
General
Full URL
https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:2e00:12:6a04:c9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fc4720be9dd52f078260881f9cb4d2c9d786bd686a1e8456268c57d85643c6b

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 03:02:32 GMT
content-encoding
br
via
1.1 a363b826ba48f4e79f7e95839a3bcf3a.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2024 14:49:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P3
age
6010
x-amz-server-side-encryption
AES256
etag
W/"65aff82e00be411774b8dedc93e96b79"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
xmdk6PMVwGfcYBPhZZnSGXDZwEt0AZjV6vloqBxOwVV6vYgsN6DeBg==
activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-dire...
10006467.fls.doubleclick.net/ Frame D2EF
Redirect Chain
  • https://10006467.fls.doubleclick.net/activityi;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-d...
  • https://10006467.fls.doubleclick.net/activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2...
0
0
Document
General
Full URL
https://10006467.fls.doubleclick.net/activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
504
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Tue, 10 Sep 2024 04:42:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10006467.fls.doubleclick.net/activityi;dc_pre=CKXdyIfIt4gDFU60WgUdbbkBtA;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitatio...
td.doubleclick.net/td/fls/rul/ Frame F099
0
0
Document
General
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the...
10006467.fls.doubleclick.net/ Frame 4DD3
Redirect Chain
  • https://10006467.fls.doubleclick.net/activityi;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-...
  • https://10006467.fls.doubleclick.net/activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog....
0
0
Document
General
Full URL
https://10006467.fls.doubleclick.net/activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.102 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
494
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Tue, 10 Sep 2024 04:42:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10006467.fls.doubleclick.net/activityi;dc_pre=CL3cyIfIt4gDFZSNWgUd9FI1Sw;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-...
td.doubleclick.net/td/fls/rul/ Frame 3F7F
0
0
Document
General
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10006467&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day...
ad.doubleclick.net/
0
24 B
Image
General
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10006467;type=larry0;cat=sitev0;ord=m0vy44j7;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u2=Not%20Provided;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;u16=;gdid=dZGIzZG;ps=1;pcor=1896360432;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"5228366532330519599"}],"aggregatable_trigger_data":[{"filters":[{"14":["12604505"]}],"key_piece":"0x3dabf7068bfd73e4","source_keys":["12","13","14","15","16","17","18","19","20","21","16754124","16754125","16754126","16754127","20456332","20456333","20456334","20456335","20463424","20463425","20463426","20463427","20508496","20508497","20508498","20508499","638476816","638476817","638476818","638476819","638485668","638485669","638485670","638485671","638542864","638542865","638542866","638542867","638570084","638570085","638570086","638570087","640957568","640957569","640957570","640957571"]},{"key_piece":"0x542fbaecb060cb4f","not_filters":{"14":["12604505"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16754124","16754125","16754126","16754127","20456332","20456333","20456334","20456335","20463424","20463425","20463426","20463427","20508496","20508497","20508498","20508499","638476816","638476817","638476818","638476819","638485668","638485669","638485670","638485671","638542864","638542865","638542866","638542867","638570084","638570085","638570086","638570087","640957568","640957569","640957570","640957571"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16754124":46,"16754125":46,"16754126":46,"16754127":4540,"17":65,"18":6356,"19":65,"20":65,"20456332":93,"20456333":93,"20456334":93,"20456335":9081,"20463424":131,"20463425":131,"20463426":131,"20463427":12713,"20508496":46,"20508497":46,"20508498":46,"20508499":4540,"21":6356,"638476816":81,"638476817":81,"638476818":81,"638476819":7946,"638485668":81,"638485669":81,"638485670":81,"638485671":7946,"638542864":54,"638542865":54,"638542866":54,"638542867":5297,"638570084":50,"638570085":50,"638570086":50,"638570087":4889,"640957568":43,"640957569":43,"640957570":43,"640957571":4237},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18270636482661297305","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5228366532330519599","filters":[{"14":["12604505"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5228366532330519599","filters":[{"14":["12604505"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5228366532330519599","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5228366532330519599","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10006467"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;register_conversion=1;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-direct...
ad.doubleclick.net/
0
24 B
Image
General
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10006467;type=uniqu0;cat=all_s0;ord=1;num=5296702787176;npa=0;auiddc=821028891.1725943360;u1=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F;u3=lumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation;u4=34240208115298584081926775598105098931;u5=1964492800.1725943358;u6=id%3A926-HYV-740%20token%3A_mch-lumen.com-1725943359958-37500;gdid=dZGIzZG;ps=1;pcor=431512151;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190790960za200zb9162857838;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"14881777104937413882"}],"aggregatable_trigger_data":[{"filters":[{"14":["13548778"]}],"key_piece":"0xa3831e19058059b2","source_keys":["12","13","14","15","16","17","18","19","20","21","16754124","16754125","16754126","16754127","20456332","20456333","20456334","20456335","20463424","20463425","20463426","20463427","20508496","20508497","20508498","20508499","638476816","638476817","638476818","638476819","638485668","638485669","638485670","638485671","638542864","638542865","638542866","638542867","638570084","638570085","638570086","638570087","640957568","640957569","640957570","640957571"]},{"key_piece":"0xc2514654259d7f50","not_filters":{"14":["13548778"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16754124","16754125","16754126","16754127","20456332","20456333","20456334","20456335","20463424","20463425","20463426","20463427","20508496","20508497","20508498","20508499","638476816","638476817","638476818","638476819","638485668","638485669","638485670","638485671","638542864","638542865","638542866","638542867","638570084","638570085","638570086","638570087","640957568","640957569","640957570","640957571"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16754124":46,"16754125":46,"16754126":46,"16754127":4540,"17":65,"18":6356,"19":65,"20":65,"20456332":93,"20456333":93,"20456334":93,"20456335":9081,"20463424":131,"20463425":131,"20463426":131,"20463427":12713,"20508496":46,"20508497":46,"20508498":46,"20508499":4540,"21":6356,"638476816":81,"638476817":81,"638476818":81,"638476819":7946,"638485668":81,"638485669":81,"638485670":81,"638485671":7946,"638542864":54,"638542865":54,"638542866":54,"638542867":5297,"638570084":50,"638570085":50,"638570086":50,"638570087":4889,"640957568":43,"640957569":43,"640957570":43,"640957571":4237},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11565596898835850170","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14881777104937413882","filters":[{"14":["13548778"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14881777104937413882","filters":[{"14":["13548778"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14881777104937413882","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14881777104937413882","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10006467"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bd888e20-e3dc-4219-b5ff-a6789987aa90
www.storygize.net/l/
35 B
365 B
Image
General
Full URL
https://www.storygize.net/l/bd888e20-e3dc-4219-b5ff-a6789987aa90?ctu=78e07329-bd9a-4f78-a5a9-88b93da4960a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.36.126.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-126-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
content-type
image/gif
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
content-length
58
expires
0
bd888e20-e3dc-4219-b5ff-a6789987aa90
www.storygize.net/l/
35 B
363 B
Image
General
Full URL
https://www.storygize.net/l/bd888e20-e3dc-4219-b5ff-a6789987aa90?ctu=5461c1b4-3e69-46a4-800f-0be260268b9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.36.126.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-126-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
content-type
image/gif
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
content-length
58
expires
0
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
0
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:25::1721:2ac6 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 11:06:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=10631
accept-ranges
bytes
content-length
14628
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kcgs7200148-IAD
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
multiCompanyEngagement.min.js
assets.storygize.net/engagement/28858/
Redirect Chain
  • https://www.storygize.net/a/bd888e20-e3dc-4219-b5ff-a6789987aa90/abdo.js
  • https://assets.storygize.net/engagement/28858/multiCompanyEngagement.min.js?a=bd888e20-e3dc-4219-b5ff-a6789987aa90
142 KB
33 KB
Script
General
Full URL
https://assets.storygize.net/engagement/28858/multiCompanyEngagement.min.js?a=bd888e20-e3dc-4219-b5ff-a6789987aa90
Protocol
H2
Server
18.173.219.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6e72b73357c506e5be067cd56b05d20320efd5eb50fa798b530ddf3732afa62

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 17:11:22 GMT
content-encoding
gzip
via
1.1 619f2eec0ea05d2ce0279df117eb9a0c.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 20:47:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
79366
x-amz-server-side-encryption
AES256
etag
W/"75367f509dfb63ebbd0ad33cf283056d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/plain
x-amz-cf-id
Gb11wY6lXWkIaJ1IRVG1YW5bCHq8a5_gm16yx4yQE5l7ZmQ1-u6YvA==

Redirect headers

location
https://assets.storygize.net/engagement/28858/multiCompanyEngagement.min.js?a=bd888e20-e3dc-4219-b5ff-a6789987aa90
pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
content-length
0
expires
0
c.min.js
cdn.c212.net/
747 B
1 KB
Script
General
Full URL
https://cdn.c212.net/c.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:1a00:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 23:28:21 GMT
via
1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 19:12:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
18861
etag
"9f5634a151b9e5ecb2adec9462f783d6"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
747
x-amz-cf-id
cv1DPvOkg9NvVnSJCU_-p6qO_pplIxVNZQdcjOy9CV8kbnOgJm9Juw==
RC508b38fe4de746ebaf1e02c60c072265-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
528 B
580 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC508b38fe4de746ebaf1e02c60c072265-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d2511112bfa773c8cd56888fda573f1e11c9fdd950c781de5bbebfd1b91eadc6

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
324
expires
Tue, 10 Sep 2024 05:42:41 GMT
/
blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
179 KB
0
Fetch
General
Full URL
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.112.230.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-230-199.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Sep 2024 04:42:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Link
<https://blog.lumen.com/wp-json/>; rel="https://api.w.org/", <https://blog.lumen.com/wp-json/wp/v2/posts/17616>; rel="alternate"; title="JSON"; type="application/json", <https://blog.lumen.com/?p=17616>; rel=shortlink
Content-Length
31629
Keep-Alive
timeout=5, max=87
Expires
Thu, 19 Nov 1981 08:52:00 GMT
RC67a207d8d62d49adb98bd0c0ca79d5c3-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
719 B
627 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC67a207d8d62d49adb98bd0c0ca79d5c3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3a43f4e20cda8b1375708085d0521154ec8a877fed1259db881f03cb76542cff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
371
expires
Tue, 10 Sep 2024 05:42:41 GMT
RCd7afdc6f5aca475abf74d3a313363c45-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
751 B
655 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCd7afdc6f5aca475abf74d3a313363c45-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ffac50821fcb363c635aaab1d0adf05274bfe91d91201eec6d7fd39a30155f1

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
400
expires
Tue, 10 Sep 2024 05:42:41 GMT
RC581460e5f2954d52b78125ad47c0dbd4-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
454 B
545 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC581460e5f2954d52b78125ad47c0dbd4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
83d3203d3161e171253607bedb25b0e014016d200e0c23fa7656008bf1606dff

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
290
expires
Tue, 10 Sep 2024 05:42:41 GMT
RCca114cbaa092424eb42e5bab9a536a91-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
367 B
481 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCca114cbaa092424eb42e5bab9a536a91-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8274e24baee6d8a1bbbc2d9f287c5d3cff746f8807ded01b3dfdc73cc5cb2891

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
226
expires
Tue, 10 Sep 2024 05:42:41 GMT
www-widgetapi.js
www.youtube.com/s/player/5f8f5b0f/www-widgetapi.vflset/
31 KB
11 KB
Script
General
Full URL
https://www.youtube.com/s/player/5f8f5b0f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 01:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
10036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10546
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 04:14:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 10 Sep 2025 01:55:25 GMT
RCcf3b62d2d4e64b6b8cb190de8f4a469a-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
856 B
712 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCcf3b62d2d4e64b6b8cb190de8f4a469a-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
19cfe1390bdc065b8a5dc40bfac35c6c91efc54b0089052f03d9330d62cdb488

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
456
expires
Tue, 10 Sep 2024 05:42:41 GMT
RC4bc844eda1ee42f1b19ae1e1ee42a712-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
629 B
657 B
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC4bc844eda1ee42f1b19ae1e1ee42a712-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
734da297360e1bb079df3234b6863eb1510e73943e4ef795a9c6a64abd85a8a7

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
402
expires
Tue, 10 Sep 2024 05:42:41 GMT
n49qzlo84f
www.clarity.ms/tag/
637 B
1000 B
Script
General
Full URL
https://www.clarity.ms/tag/n49qzlo84f
Requested by
Host: blog.lumen.com
URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b362579b4750b57e972f958c184f526fbccbae6b67ccb86234a046251806fc31

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Tue, 10 Sep 2024 04:42:41 GMT
x-azure-ref
20240910T044241Z-r1ffcbf68985b89z13wnr6x9n80000000kt0000000000gur
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
RCb9000e18fbe9460fb2a3a07da00a8981-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RCb9000e18fbe9460fb2a3a07da00a8981-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f2ce3dab3a4b3fed6d29af728a2388103cd800a2960f165f1feaa4b6694dbc47

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
806
expires
Tue, 10 Sep 2024 05:42:41 GMT
RC73038066c54a48f8b6bb125e5f9f63bb-source.min.js
assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/
3 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/9aa258bde9b0/RC73038066c54a48f8b6bb125e5f9f63bb-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2f51de5475cae1745269bd45439ea7973124a842e6b375508e2d3f7bef20bff9

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2024 18:38:51 GMT
server
AkamaiNetStorage
etag
"829800f2be789b9d5f75aba783e1fae0:1724956731.363859"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://blog.lumen.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
981
expires
Tue, 10 Sep 2024 05:42:41 GMT
config
pixel-config.reddit.com/pixels/t2_65gj76tk/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/t2_65gj76tk/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_65gj76tk_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
699 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_65gj76tk_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1725943361225&id=t2_65gj76tk&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8268c4fe-e2bb-4997-82ce-5a01731f27b9&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
sync
s.company-target.com/s/ Frame EBF4
0
0
Document
General
Full URL
https://s.company-target.com/s/sync?exc=lr
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/EeqIvelK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.71.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
634
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 04:42:41 GMT
via
1.1 google
validateCookie
segments.company-target.com/
Redirect Chain
  • https://id.rlcdn.com/464526.gif
  • https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4
  • https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4&verifyHash=4b7a0d60fde1f18cff266db867d5de89d2a585c9
26 B
348 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4&verifyHash=4b7a0d60fde1f18cff266db867d5de89d2a585c9
Protocol
HTTP/1.1
Server
13.225.63.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-60.ewr53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 04:42:41 GMT
Via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
26
X-Amz-Cf-Id
yuaMyRPTW775FukRn42sRRlVb2anew2oXcPg9f84rnpBudIul7YNBA==

Redirect headers

Date
Tue, 10 Sep 2024 04:42:41 GMT
Via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=utf-8
Location
/validateCookie?vendor=liveramp&user_id=Xc1297DncFSg9r1nIt3yD9AzY3g5YxhtqZZA3cSbuWFMwnD-4&verifyHash=4b7a0d60fde1f18cff266db867d5de89d2a585c9
Connection
keep-alive
Content-Length
176
X-Amz-Cf-Id
8S2TSpS2uJtIqSOd588M7IYBLRSPUJagnpXqL2V8WNNNQHjqGSvQvA==
ip.json
api.company-target.com/api/v3/
472 B
970 B
XHR
General
Full URL
https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&page_title=Taking%20the%20Crossroads%3A%20The%20Versa%20Director%20Zero-Day%20Exploitation%20-%20Lumen
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/EeqIvelK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-79.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
249812ec42e237383f2d8d6b06cb001e63bf1428ddde450b9bc4f117b1fb9b28

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
identification-source
CENTRAL
content-encoding
gzip
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
request-id
0d3fb782-f643-40ce-8263-7feb0040a0e2
pragma
no-cache
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
access-control-expose-headers
x-amz-cf-id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding, Origin
api-version
v3
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
l1-d92bNKgs1dfXxkcphvD-oaC0a3fLHrE8YlSAcdupaqUaqR5NyDA==
expires
Mon, 09 Sep 2024 04:42:41 GMT
adsct
t.co/1/i/
43 B
622 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1ee84ec1-562f-47ff-8fb5-9349d4964040&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=11212a7e-1c81-4af5-aab5-3d305661b7f8&tw_document_href=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&tw_iframe_status=0&txn_id=o4hqh&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
8
date
Tue, 10 Sep 2024 04:42:41 GMT
strict-transport-security
max-age=0
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif;charset=utf-8
x-transaction-id
7471c884cca9eb7c
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
83442087488261e761e7bdea5b1a1b61720cc899ea3108425af6c66fa6e5bfe4
cf-ray
8c0cc0b868b30f98-EWR
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
726 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1ee84ec1-562f-47ff-8fb5-9349d4964040&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=11212a7e-1c81-4af5-aab5-3d305661b7f8&tw_document_href=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&tw_iframe_status=0&txn_id=o4hqh&type=javascript&version=2.3.30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
7
date
Tue, 10 Sep 2024 04:42:41 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
9034de3c71ccd3f9
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
ea739e97d84322b2115cb2374729bc7dd967b7ba641d85d7e490e27c820c8316
content-length
43
interact
ametrics.lumen.com/ee/va6/v1/
425 B
471 B
Fetch
General
Full URL
https://ametrics.lumen.com/ee/va6/v1/interact?configId=d3bbafd3-c7c6-43c8-8ae9-5abb7541e128&requestId=2bde4f55-d614-40f4-b1d7-02acf3769e4b
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c58e7dfcc1ae/65c3c535dbf4/launch-22e49494a283.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
2b7b70621462f7a500a4b631cb76961280ebd99b7fb4b8a0a9778a66f0aafbfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
2bde4f55-d614-40f4-b1d7-02acf3769e4b
bg9s
tag-logger.demandbase.com/
0
418 B
XHR
General
Full URL
https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=l1-d92bNKgs1dfXxkcphvD-oaC0a3fLHrE8YlSAcdupaqUaqR5NyDA==&api-version=v3
Requested by
Host: tag.demandbase.com
URL: https://tag.demandbase.com/EeqIvelK.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1200:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date
Tue, 10 Sep 2024 01:30:16 GMT
via
1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
11545
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-length
0
last-modified
Tue, 07 Mar 2023 20:47:02 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
accept-encoding
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ZeF_n9O1AsR5H7i3SGbFGARiiqGSFbKgM1449iL31ZcI341yDjwM7w==
s98318415863672
ametrics.lumen.com/b/ss/clinkcompany/1/JS-2.23.0-LEWM/
43 B
304 B
XHR
General
Full URL
https://ametrics.lumen.com/b/ss/clinkcompany/1/JS-2.23.0-LEWM/s98318415863672
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.35 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-35.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 11 Sep 2024 04:42:41 GMT
server
jag
etag
3706435146206412800-4618663168767508319
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://blog.lumen.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Mon, 09 Sep 2024 04:42:41 GMT
clarity.js
www.clarity.ms/s/0.7.45/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.45/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/n49qzlo84f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 04:42:41 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 20:13:15 GMT
etag
W/"0x8DCCD1E024BB9EF"
vary
Accept-Encoding
x-azure-ref
20240910T044241Z-r1ffcbf68985b89z13wnr6x9n80000000kt0000000000gux
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3be94dea-d01e-006a-1825-fff6f3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&RedC=c.clarity.ms&MXFR=331B0A4F17A062B60B5D1EB913A06CA6
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&MUID=22288E4FA2F661EB146D9AB9A33460BF
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&MUID=22288E4FA2F661EB146D9AB9A33460BF
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CB3278A56024F0FADA319B67AA8EF4A Ref B: PHL30EDGE0121 Ref C: 2024-09-10T04:42:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12D88AE0BD8C47A39E2B1F0DBC3FBB7A&MUID=22288E4FA2F661EB146D9AB9A33460BF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
cs.html
www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/ Frame E66A
0
0
Document
General
Full URL
https://www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/cs.html
Requested by
Host: www.storygize.net
URL: https://www.storygize.net/a/bd888e20-e3dc-4219-b5ff-a6789987aa90/abdo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.26.109.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-109-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
620
content-type
text/html
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
0
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
pragma
no-cache
pm.html
www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/ Frame A0A0
0
0
Document
General
Full URL
https://www.storygize.net/bd888e20-e3dc-4219-b5ff-a6789987aa90/pm.html
Requested by
Host: www.storygize.net
URL: https://www.storygize.net/a/bd888e20-e3dc-4219-b5ff-a6789987aa90/abdo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.26.109.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-109-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
286
content-type
text/html
date
Tue, 10 Sep 2024 04:42:41 GMT
expires
0
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
pragma
no-cache
collect
d.clarity.ms/
0
278 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.lumen.com
Date
Tue, 10 Sep 2024 04:42:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
N4IghgxgLglgbgUxALgGZgDYGcEBoSwC2SyAjAOwBMArAJwAsAzIwGyksAMj+ARggOYwAdigo0GzNp24gEQ-mH4IAJig75UAewgBXLCgDaAXXyRYiAMIALMPJUBRREKj7kx-BAwwIAa1fuQQk1EfxMQLAgAJ00MbEMw5RhiISwYTRTDUChRKjomVnYuDwB1UU51EA...
www.storygize.net/e/bd888e20-e3dc-4219-b5ff-a6789987aa90/
35 B
478 B
Image
General
Full URL
https://www.storygize.net/e/bd888e20-e3dc-4219-b5ff-a6789987aa90/N4IghgxgLglgbgUxALgGZgDYGcEBoSwC2SyAjAOwBMArAJwAsAzIwGyksAMj+ARggOYwAdigo0GzNp24gEQ-mH4IAJig75UAewgBXLCgDaAXXyRYiAMIALMPJUBRREKj7kx-BAwwIAa1fuQQk1EfxMQLAgAJ00MbEMw5RhiISwYTRTDUChRKjomVnYuDwB1UU51EAgACVFKDgqAB1KycvwGmpbGWg4AXzCYLHtCBqgATxQoSJ08AiSEAHkhAAVFEgqBgEkhDdRIsGIUdGwZhtWqsCwAWR0MWAaMBHt5VeSoABVFVyOcfAGVpQAajAEAB3CZTGYAKywABlNGBlAARBAYMCjS6uFgsWj4SIIVAIPGRFBCG4YfAYbRgWDpFAgKxQKANLDIAD0rJ4lP4ADoMDpktyIJpCKyoGAfMJ+ABaKBWBBSqKaLBYaIIrAyuVSxCRLBgKWJPHQTSRKUAL0Jmn1aKlCAAHvdNDAxTShKyQPg5KoyLkJKxKPQONR8IQwLangolK8AEoISByr3fGYh21vOaLf4IGNxlSHTA-EAwL3gcocCAcFhSgActDoUvoqEoECrleoHClCO6tEopDAldQ9Ag7pAcAGTo2RYgYC4pFQpFIUpYjGUjDrPAJUu6jFQUso5FoEGxPGrqHIqBAPSAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.36.126.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-126-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:42 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","filters":[{"1":["bd888e20e3dc4219b5ffa6789"]}]}]}
content-encoding
gzip
content-type
image/gif
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
content-length
58
expires
0
collect
d.clarity.ms/
0
278 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.lumen.com
Date
Tue, 10 Sep 2024 04:42:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
trk
trk.clinch.co/ Frame 816D
0
0
Document
General
Full URL
https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364198
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.210.200.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-200-198.compute-1.amazonaws.com
Software
clinch /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
79
content-type
text/html
date
Tue, 10 Sep 2024 04:42:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
strict-transport-security
max-age=31536000
x-robots-tag
none
trk
trk.clinch.co/ Frame A068
0
0
Document
General
Full URL
https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=conv&stype=All_SiteVisits_PerSession&ids=&params=%7B%22subType%22%3A%22All_SiteVisits_PerSession%22%7D&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364450
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.210.200.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-200-198.compute-1.amazonaws.com
Software
clinch /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
79
content-type
text/html
date
Tue, 10 Sep 2024 04:42:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
strict-transport-security
max-age=31536000
x-robots-tag
none
trk
trk.clinch.co/ Frame 769E
0
0
Document
General
Full URL
https://trk.clinch.co/trk?cid=ukg06Q&dsid=ufsmQU&type=conv&stype=All_SiteVisits_Unique&ids=&params=%7B%22subType%22%3A%22All_SiteVisits_Unique%22%7D&product=ecommerce&referrer=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&version=24.33.1&a=1725943364547
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.210.200.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-200-198.compute-1.amazonaws.com
Software
clinch /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blog.lumen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
79
content-type
text/html
date
Tue, 10 Sep 2024 04:42:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
strict-transport-security
max-age=31536000
x-robots-tag
none
collect
d.clarity.ms/
0
278 B
XHR
General
Full URL
https://d.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.lumen.com
Date
Tue, 10 Sep 2024 04:42:46 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
N4IghgxgLglgbgUxALgGZgDYGcEBoSwC2SyAjAOwBMArAJwAsAzIwGxsAMt+ARggOYwAdigo0GzFqRbtG+BIL5g+CACYp2+VAHsIAVywoA2gF18kWIgDCACzALVAUUSCoB5CfwQMMCAGs3HiCEWogBpiBYEABOWhjYRuEqMMSCWDBaqUagUCJUdEysUjKeAOoi0ho...
www.storygize.net/e/bd888e20-e3dc-4219-b5ff-a6789987aa90/
35 B
363 B
Image
General
Full URL
https://www.storygize.net/e/bd888e20-e3dc-4219-b5ff-a6789987aa90/N4IghgxgLglgbgUxALgGZgDYGcEBoSwC2SyAjAOwBMArAJwAsAzIwGxsAMt+ARggOYwAdigo0GzFqRbtG+BIL5g+CACYp2+VAHsIAVywoA2gF18kWIgDCACzALVAUUSCoB5CfwQMMCAGs3HiCEWogBpiBYEABOWhjYRuEqMMSCWDBaqUagUCJUdEysUjKeAOoi0hogEAASIpTslQAOZWQV+I21rYy07AC+4TBYDoSNUACeKOjYeATJCADyggAKSiTUDdT4gwCSgtuoUWDEk5g47avVYFgAsroYsI0YCA4KqylQACpKblNnIIMrZQANRgCAA7idpvgAFZYAAyWjAKgAIggMGAxtc3GwuCB5GoyHlxKwOLjCGAAB4vRTKd4AJQQkGsqkhf3JFI+c0WgIQDKZLLQpxm8hpqlR9zA6nwRAWy1W4qgkuQ63Ym3+BPAFXYEHYLAAtAAOWh0PX0VCUCCGg3rPVInq0SikMAG1D0CAgfBwQYwKDbDUQMAyUioUikPUsRgqRim7ioBB6nqMVB6yjkWgQFi0bhG1DkVAgXpAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.36.126.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-126-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://blog.lumen.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Sep 2024 04:42:46 GMT
content-encoding
gzip
content-type
image/gif
p3p
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
content-length
58
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blog.lumen.com
URL
blob:https://blog.lumen.com/2a7eb8dd-5d7c-47cb-8f1a-5c29019d6b6b

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 string| mi_version boolean| mi_track_user object| MonsterInsightsDefaultLocations object| MonsterInsightsLocations object| disableStrs function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_tag_manager object| google_tag_data object| gaGlobal function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend object| a2a_config function| jQuery function| flatpickr function| OptanonWrapper string| _linkedin_data_partner_id object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| alloy object| __alloyNS object| customCuePoint object| triggerCuePoint object| adobeDataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| authorsListAjaxSearch object| pp_ajax_form function| ppFormRecaptchaLoadCallback object| ppressCheckoutForm object| browserPrefixes function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s function| getPageLoadTime function| lintrk boolean| _already_called_lintrk function| adjustIframes function| is_touch_device function| Cookies function| _ object| _wpUtilSettings object| wp object| wpreview function| wp_review_rate object| a2a function| a2a_init object| php_js object| Optanon object| OneTrust object| twemoji function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init string| currentTagName object| pushLpTagSdesAdobeGoogleAndMarketoIDsPromise object| lpTag number| leSite object| ORIBILI function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker function| onYouTubeIframeAPIReady object| _lumenAEPUtils object| OOo function| receiveMessage function| inList number| a string| cssText boolean| demandbaseHasCompleted function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| lpTaglogListeners object| proxyless object| lpMTagConfig object| regeneratorRuntime object| dnbvid function| createFrameworkGlobals object| liveperson function| SurveyManager object| STORAGE object| proto function| _stateChanged string| QUESTION_ERROR_TYPE object| lpIntlTelInputUtils object| lpIntlTelInputGlobals function| clq function| _clq object| _linkedin_data_partner_ids function| twq function| rdt object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _lumenPCC function| cookieWrite function| cookieRead function| p_fo object| __fo string| g number| ptc string| previousPage number| created_style function| clarity function| redditNormalizeEmail object| Demandbase function| ga object| twttr string| pageName boolean| ppvChange string| ppvID object| cidconv object| s_i_clinkcompany boolean| storygizeEngagementInitialized

80 Cookies

Domain/Path Name / Value
blog.lumen.com/ Name: pvc_visits[0]
Value: 1726029757b17616
blog.lumen.com/ Name: PHPSESSID
Value: tmg3boeft7qj439b2i5vpsc197
.lumen.com/ Name: _ga_W2FJHBFJEY
Value: GS1.1.1725943358.1.0.1725943358.0.0.0
.lumen.com/ Name: _ga
Value: GA1.1.1964492800.1725943358
.demdex.net/ Name: demdex
Value: 26036904132095689741232845387221143829
.lumen.com/ Name: AMCVS_AA683BC75245B3880A490D4D%40AdobeOrg
Value: 1
.linkedin.com/ Name: li_sugr
Value: 3f154ba3-d5d3-441a-ad49-59fc1c1a5683
.linkedin.com/ Name: bcookie
Value: "v=2&efe89dad-7bc5-4aca-89e6-b999442b00bd"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3341:u=1:x=1:i=1725943359:t=1726029759:v=2:sig=AQG1ONhi8-k1wy712d8wEjS1NWJN4r35"
.linkedin.com/ Name: UserMatchHistory
Value: AQICaC_EAO3elgAAAZHaPafGZgt3mbHbxITC2mpjn01vqfZ8AstXQ1XncRLxYpY6WvM7l3Qqi2Hj8A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJYpEGpt3Bh6QAAAZHaPafGL9AOL0S74kMsiz2WkZRhvgi_Gn1PmPj9zUee3mmaCF-FInjZudDOXx0-coe8Ow
.www.linkedin.com/ Name: bscookie
Value: "v=1&202409100442394b80eeac-176c-4e78-8412-f377cb6d09aeAQFAUgwGepTZSh5roD6lfWB37H0zC8R3"
.dpm.demdex.net/ Name: dpm
Value: 26036904132095689741232845387221143829
.lumen.com/ Name: s_ecid
Value: MCMID%7C34240208115298584081926775598105098931
.blog.lumen.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Sep+09+2024+18%3A42%3A39+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202312.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=9ec70a1e-1be1-4a8c-b036-151631c15609&interactionCount=0&landingPath=https%3A%2F%2Fblog.lumen.com%2Ftaking-the-crossroads-the-versa-director-zero-day-exploitation%2F&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
.lumen.com/ Name: AMCV_AA683BC75245B3880A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19977%7CMCMID%7C34240208115298584081926775598105098931%7CMCAAMLH-1726548159%7C7%7CMCAAMB-1726548159%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1725950559s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19984%7CvVersion%7C5.5.0
.lumen.com/ Name: kndctr_AA683BC75245B3880A490D4D_AdobeOrg_identity
Value: CiYzNDI0MDIwODExNTI5ODU4NDA4MTkyNjc3NTU5ODEwNTA5ODkzMVIQCP7S9tGdMhgBKgNWQTYwA_AB_tL20Z0y
.lumen.com/ Name: kndctr_AA683BC75245B3880A490D4D_AdobeOrg_consent
Value: general=in
.lumen.com/ Name: kndctr_AA683BC75245B3880A490D4D_AdobeOrg_cluster
Value: va6
.lumen.com/ Name: _mkto_trk
Value: id:926-HYV-740&token:_mch-lumen.com-1725943359958-37500
.lumen.com/ Name: _ga_31B649S3RB
Value: GS1.1.1725943360.1.0.1725943360.60.0.0
.lumen.com/ Name: _gcl_au
Value: 1.1.821028891.1725943360
.d41.co/ Name: D41ID
Value: v3|v4|3a65cdc474d24be1a3a05f23c27ad91c|https://d41.co
.youtube.com/ Name: YSC
Value: Lj-61hhxI20
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: fwq5Q-aJIUU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgOg%3D%3D
.lumen.com/ Name: s_plt
Value: 3.82%2Clumen%7Cblog%7Ctaking-the-crossroads-the-versa-director-zero-day-exploitation
.lumen.com/ Name: _rdt_uuid
Value: 1725943361223.8268c4fe-e2bb-4997-82ce-5a01731f27b9
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl0hYTzZiX0EVxj3Fex9x-jNpLK8oH8wod8Bmo9p_P_UI-Mj4x2EKLltqd8
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
blog.lumen.com/ Name: s_gpv
Value: blog.lumen.com|taking-the-crossroads-the-versa-director-zero-day-exploitation
.lumen.com/ Name: s_ips
Value: 1200
.lumen.com/ Name: s_tp
Value: 16390
.lumen.com/ Name: s_ppv
Value: lumen%257Cblog%257Ctaking-the-crossroads-the-versa-director-zero-day-exploitation%2C7%2C7%2C7%2C1200%2C13%2C1
.lumen.com/ Name: s_cc
Value: true
www.clarity.ms/ Name: CLID
Value: fd0fa2dfdabe4a80b67da7492566cbb6.20240910.20250910
.t.co/ Name: muc_ads
Value: b9e3d1ca-0453-45b1-95f3-fad37d56a2ec
.t.co/ Name: __cf_bm
Value: R33oVnizNo8M.OmT5JZgKtcqdheDI9UX1sD1TWjHbyg-1725943361-1.0.1.1-unnd_QG5guvHTg4yXEIczrJ_xVikce3IV2y4tY0xaX28egOj9VGLGomHGgPLGSNS59Sl48_5KMIyYvkjhYf1.Q
.storygize.net/ Name: U
Value: 0de5db4f-5549-4395-9a61-1355ac684051
.company-target.com/ Name: tuuid
Value: ecad8f5f-d854-424c-bdf1-e16cc67460da
.company-target.com/ Name: tuuid_lu
Value: 1725943361
.tremorhub.com/ Name: tvid
Value: 0b4e40af38e1417baf6c4a2a79b46d69
.tremorhub.com/ Name: tv_UIDM
Value: 03511c29-245d-4cad-bdcc-2a830d83582b
.casalemedia.com/ Name: CMID
Value: Zt-OQUt3ubIAAA4ZAAnMqwAA
.casalemedia.com/ Name: CMPS
Value: 1246
.casalemedia.com/ Name: CMPRO
Value: 1246
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172594336153103952
.twitter.com/ Name: guest_id_ads
Value: v1%3A172594336153103952
.twitter.com/ Name: personalization_id
Value: "v1_OyMI3m+Q/xFXOZXdXR8K/g=="
.twitter.com/ Name: guest_id
Value: v1%3A172594336153103952
.rubiconproject.com/ Name: khaos
Value: M0VY44XF-6-77C3
.rubiconproject.com/ Name: khaos_p
Value: M0VY44XF-6-77C3
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lumen.com/ Name: _clck
Value: sgl7j4%7C2%7Cfp2%7C0%7C1714
.bing.com/ Name: MUID
Value: 22288E4FA2F661EB146D9AB9A33460BF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 22288E4FA2F661EB146D9AB9A33460BF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22288E4FA2F661EB146D9AB9A33460BF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.lumen.com/ Name: _clsk
Value: 1vguc8v%7C1725943361897%7C1%7C1%7Cd.clarity.ms%2Fcollect
.rubiconproject.com/ Name: audit_p
Value: 1|bDAVkUeIqGR9KvY7OrKnG5NBRTuLqrmcZ5fDCNr0XTnCWWOn7PymVr1ZbixbL3s3OyFPuudukLuM1KxoLazIt5mwZQnb46mpPqVRFFYer3/DnwVtws8nIrckaTVUng9RFYyTsJLgi9CcBlXr/BsH1YsM/WV8KmvtcmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/ Name: audit
Value: 1|bDAVkUeIqGR9KvY7OrKnG5NBRTuLqrmcZ5fDCNr0XTnCWWOn7PymVr1ZbixbL3s3OyFPuudukLuM1KxoLazIt5mwZQnb46mpPqVRFFYer3/DnwVtws8nIrckaTVUng9RFYyTsJLgi9CcBlXr/BsH1YsM/WV8KmvtcmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.3lift.com/ Name: tluidp
Value: 2925493409465826042885
.3lift.com/ Name: tluid
Value: 2925493409465826042885
.rlcdn.com/ Name: rlas3
Value: dSm7w8mRy/GSIVqviT9wRoy3MG+RPwONuvkW2AIDo+A=
.rlcdn.com/ Name: pxrc
Value: CMCc/7YGEgUI6AcQABIFCOhHEAISBgjK3SoQARIGCJi7KxAA
.sharethrough.com/ Name: stx_user_id
Value: 560d11c6-9e5d-455a-92c9-3b9dcff82827
.postrelease.com/ Name: visitor
Value: f7b82967-cb73-4e5c-ba12-cc0c4ce83820
.postrelease.com/ Name: status
Value: 0
.teads.tv/ Name: tt_viewer
Value: 87fdeaff-ac03-467b-951a-c99255b58c60
.yieldmo.com/ Name: yieldmo_id
Value: VRexCeekixeu2WWQ2j76%7C1725926400000%7C0
.ads.yieldmo.com/ Name: ptrstgz
Value: 0de5db4f-5549-4395-9a61-1355ac684051
.pippio.com/ Name: did
Value: R-xuRHBacvSDL-_t
.pippio.com/ Name: didts
Value: 1725943362
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMKc/7YGEgYIgr0rEAA=
.clinch.co/ Name: clinch-sid
Value: 32c7b637-cd8a-4e9b-a3a0-83dc0e379730~1725943364

12 Console Messages

Source Level URL
Text
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa1.1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa1.1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa3.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa5.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 931)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa6.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 1469)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa7.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 1469)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa8.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 1469)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa9.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/(Line 1469)
Message:
Mixed Content: The page at 'https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/' was loaded over HTTPS, but requested an insecure element 'http://blog.lumen.com/wp-content/uploads/2024/08/Versa10.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10006467.fls.doubleclick.net
926-hyv-740.mktoresp.com
accdn.lpsnmedia.net
ad.doubleclick.net
adobedc.demdex.net
alb.reddit.com
ametrics.lumen.com
analytics.google.com
analytics.twitter.com
api.company-target.com
assets.adobedtm.com
assets.storygize.net
blog.lumen.com
c.bing.com
c.clarity.ms
cdn-0.d41.co
cdn.c212.net
cdn.clinch.co
cdn.cookielaw.org
centurylink.demdex.net
cm.everesttech.net
d.clarity.ms
dpm.demdex.net
ecf.d41.co
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
id.rlcdn.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
munchkin.marketo.net
pixel-config.reddit.com
players.brightcove.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
segments.company-target.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
td.doubleclick.net
trk.clinch.co
vid7120.d41.co
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.storygize.net
www.youtube.com
blog.lumen.com
104.244.42.131
13.107.42.14
13.225.63.60
13.226.34.79
142.250.80.102
142.251.40.102
146.75.36.157
151.101.1.140
151.101.65.140
162.159.140.229
18.173.219.87
192.28.144.124
20.110.205.119
2001:4860:4802:38::181
208.89.12.153
208.89.12.91
23.204.6.193
23.45.193.134
2600:141b:e800:1192::1e80
2600:141b:e800:25::1721:2ac6
2600:9000:211c:1a00:16:cfb1:a0c0:93a1
2600:9000:2511:1200:1d:8d6d:3b40:93a1
2600:9000:261f:2e00:12:6a04:c9c0:93a1
2606:4700:10::6816:46c5
2606:4700:10::6816:47c5
2606:4700:4400::6812:2089
2606:4700::6812:562a
2607:f8b0:4004:c1f::9d
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::200e
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:c11::237
2a04:4e42:400::396
3.171.139.9
3.212.100.34
3.226.18.227
34.120.154.120
34.96.71.22
35.244.154.8
50.112.230.199
52.201.11.167
52.26.109.104
52.36.126.81
52.85.61.60
54.175.40.253
54.210.200.198
57.151.77.234
63.140.39.15
63.140.39.35
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0275175f8b9aed73eb5860c46d90ff86be02d28c94c2007539c6cc93e27272e3
035e774c3388287a29b5089878b1c8b5bf475f44377cdf8d5efb4b7d09af3d27
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0c3220cadfa663515f79dee387edf403959f4963ea2e28099c3127ab33a5c119
0c75d452f31db2e3597de899da1030a5482b121f6bbad925606c6acc7e4f6190
0d585aebb9cb31821fbcc6b030e0d882b5639e17bb403f8eb5ce7b3b19f4a1c9
0de8e20a4a65fc8b808389eaf798844bba4f75b4a55d3e92367d130b595aee97
0e174386ba0beab286ea1bf943e6c1ae8846f5ee6010d0cf786b82ebf957c3ad
0ebe2359f7106a99a4d5f17f482ca7efe495dcc7090fb121f56f8cf0055d562e
0edd6b41260434bd366c0aa048e8f33fdf659603f62f1a997ca64c03b3f004be
0fedb2a922407f3802a41dc176eaed5e3f471f307b65233873abec43a39ba186
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
11ccb220082d08be5a4cb05ebeeab230a19591b4fb2d235b3c066b6e8900b4e1
12308a385b9ba093085438046e35b400b2ac5b577d1759e9374f36e0d4884521
15e636d8ca96cccad65511c80fa1de7860e445226a53962ecffdb195d9eeed4c
18ae49d355c6e95b5785230e3697c9b98549590c13ca69e55e915bf463a39bcf
19cfe1390bdc065b8a5dc40bfac35c6c91efc54b0089052f03d9330d62cdb488
1af8e8d9884758fe1d6479d06d2cfeb589301903050a3b26a1b47741a28fd520
1b2df075225b6af05b9e04fb446c8118b28bcd431e295454aac268bb66e2b5e1
1ca46f52ee05cc513b9533fb90c4dee29c68cd0fa957c0d94cfd53c539b76335
20c4a72e420f30494b7ce208b46b6cae6f01d9a444dce4363766b7570648017a
22156d1750ac273851df53510e6e82ed6ca50bb10549a7a720ab5e2766e03df3
249812ec42e237383f2d8d6b06cb001e63bf1428ddde450b9bc4f117b1fb9b28
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
26934b4899c27185c45eaf81a780ff380d83b8b0128cd1d6a41324edbe02ccd0
27bd3b47f7d1b9adb2575bbf0e960d25fdb28b2e1610d335bf42c62177a32a28
2823fbfa7b9256867e21af1ecbfbb98583c8ef0e0b495f6f01d862ef58e3d93d
2b7b70621462f7a500a4b631cb76961280ebd99b7fb4b8a0a9778a66f0aafbfd
2c641b081387cd191e0d35e3f4fb293c84cc9aac433b6a78284a6ffdb00ec86d
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
2f51de5475cae1745269bd45439ea7973124a842e6b375508e2d3f7bef20bff9
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
31c51b25731146695a2a6c9aa64b33872cb91c3ba51980f68690f52accffd32e
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
36f49c3349b36ba14678127a8cd6c90108b403a591824c0266d5cc1da2a8f10a
3a43f4e20cda8b1375708085d0521154ec8a877fed1259db881f03cb76542cff
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3ffac50821fcb363c635aaab1d0adf05274bfe91d91201eec6d7fd39a30155f1
4341b9a298a50447f4414fda96f0adb763984ae83681157887062133e9c4f288
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
4c9cf95b8c142239735287c57b9252ec39c9ca8483813914b2f47446f2287583
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
5012972953bac6293f8af3138102e6870b5aa9e04a8385c00f629063222639c4
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b8716a7f0568c0037f41d647c414322b37e64f0674d687a19ecb4c5ae3a3e2
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf
58b446aaa1dcf041362b1504b688cb2020ac76efbad0eccb7b2064e01a8bbef4
593df2ab679b99df1eaef63558344eb7e9063c2b74eb79c42d073d382c347ee8
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5a87da688bb4ee5a5fc733416d7200546ca989356bee3bf24765bbb9eed111c1
5acfbc532b09ff1ffb02278a78479645ab30c6af419a07e23e7f3806c5dc8f73
5bf9f151e1a2d47b524c0c64e241a36ecc1bf76e3b1322303ff27a3bf698d4cb
5ea42aa294a4649b3ff204ea2c5e66f517fe0d7ac99ed28a7223bea036a7a8ca
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb99508236d3ed2ebe7460c3475d0d56fea2b399a802b4f4db68f9cc8191360
62d46bd19914a6662719761126830278933d1c7ef0dcac88e81ad9175af487bf
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6829c1878e43fdd02c7244b48260f1ff88f6fcac41d1c301ba0ae1377e73a445
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69f06f02087358cfdf71ea8c1db996682a2b35ff4cadc602c00c3f4d20071fd9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc0b251ec54fdd5cd55d98cbe7a7af00bd34f9cfd71fd01ca08c83121c89720
6f37f5c0a5f740d2480903af71069f1ce94d20b328136cff5cd8a2057bf6afac
6fc4720be9dd52f078260881f9cb4d2c9d786bd686a1e8456268c57d85643c6b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72e1f4b24380d6707ac1181f875e255dd37b71628602b59523f854b63b619429
734da297360e1bb079df3234b6863eb1510e73943e4ef795a9c6a64abd85a8a7
760b45f59ef1b1c99364b5c3c3949f65b21971aff3b16f55aa1b5336cbc81230
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7d66f4d38ab9672c22c1f60bc2260a21bd9eae814c19e5eba57ce4641f89f801
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e29c072a03e9825f54a07dbecb8cbd7f1fc934fa4886692717e18b3d393f8ff
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
7fcbc5d3c3265e7038e929c1cff2495764dd435c770852863eb46b9791c49524
80ccff5d5ffccfb54d9645d87ee2def16f0dbc4354edee193f87f7156088fdd7
8274e24baee6d8a1bbbc2d9f287c5d3cff746f8807ded01b3dfdc73cc5cb2891
83d3203d3161e171253607bedb25b0e014016d200e0c23fa7656008bf1606dff
85b3833b74166fdd5117d2932dfd70194654224487768a33450ac6fae2eaabf2
8637a49c03e14812f879ff37a81e18684bf001dbd57b50f2979d3da548a9c710
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
8a0222001e90b2444b45b2fb9c4365447e36019196981c0bd15573c28ab58337
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8c0d1ddb17510639cc14e2f251206d5c8984d85e23b8e7dc13438c81bf5ce985
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8ec70ea440b3e01944d84bc5c66ca20c97fcea374edf700d80e12c34f99043e5
92a062cefa851ef129a155691bce953d88df8851d190ecbaac28b77d10805de0
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
96aa559762b01f8a7df365a53a910608c469864ab29802f65e0cf9341b82ce38
96c76a7af27cb509867c24dc39e493bf5d3a3c7abcabc7c1ee56a3907a495cf2
98a9b7c4677be1ddce09e432eded727223274d7de6ff4be6f66d34d28bf238c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f2ae0cd6aba41f079d3ee56c0518081cafd8704bf8f6336df2553c48ea0f52b
a21b30b2a786682f0d591c7efecd653f038607546881ada1af46a9a25850e789
a35fb774ab8d09d31653f620e21d7d138bbdfaff9f43380ac378d012594d7433
a6e72b73357c506e5be067cd56b05d20320efd5eb50fa798b530ddf3732afa62
a71161e2cb344e1c97d9fcd6d0942c9cbe0bff345ac3a0de2d1bacee0413d8ed
a767f9df2dfa54fa9d5905b55951371945c6d93f3595637b86aba08957af999e
a7ed0f85261e7d594171e2dfd5032c23abae12d922850af74bcd002a03ae540c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf5f4ae77414f264da6bdeadb59b23b72e5568dce38378797854a0675175921
aecfebb58655e1607358f9701c36c07299d6c5d0f619bc78080d073683043d5a
af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d
b266355a37d38e01b52f108bc931b6e511414e5739d243fb0f870f98ab09b6f8
b362579b4750b57e972f958c184f526fbccbae6b67ccb86234a046251806fc31
b38c00fe897899e8d432ee4fa0fb4fe777f73f9c7d885c3c270219081e7a246e
b3d6fd9136567b298e845184f766394af7a2a2beceeb72d22a0dc4657115cbb9
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b52cc4be6a05df6efda2ceb5ecdf84f34f97a70ebc8c65751cb4b3bf97030ea2
b908c82f874eb057ad9f3d89b49fe67cdde5a47df18613afb5612f6f11b8b2cf
badf35905761263dade3a1d625565f9ab8329d92bdf4f16894d0e54399c6ab58
bb2065e2e15ad8488f030bd4904081d6a7a14c2f4f40be362ca7c4de258a06d7
bbf5b58ac6a955f023fde933097422f9b147927cf67a6eec34c349d8bd49c3ad
beb7d18a63dd227080a6e353d91135413c07ab7dff122eacfd5d9e2d2b65291a
bfc2c011cebf652a4a97f9c052d0fc4e7c43b2f1a142c7707622b5d9adc70dc3
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbe20461a1710866e2834c9ce87f0f31d61ef09ba3db1d9eca72b957dfc066b9
ce5dbb2cdb85126fdc9d774971a56f8848dbee977a382bd512a5f8b49ea8c727
cf80753fbfec5122304e4b38f1de84de9ac45a9721b10c5a0c912ee8fae0313d
d07ac60d7d494f8688e4844d51b988f6a2f95b5e9435880e628eb8966e091382
d09dccc6c776bf1c462dc13db1d0b2777b694478b2c2700f44c77bdb9171b175
d18bd5f20c37ec5ea28f3b5fd1a506d09277a78555345aa7f589677d01e02ced
d2511112bfa773c8cd56888fda573f1e11c9fdd950c781de5bbebfd1b91eadc6
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
d35adc59c67fbc87c28cbbab20122293a6506bb2425c7ef4697e9ef8dcf8570c
d3bf457568c0dd8169d2d61ab015fc63162ed279bb7da3e8eea78f7d08f0818e
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
d4ed483198b4c6aa8eda708c45d954557e85a41af7b548ba8c7a7a3f32361207
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a
d89cda7795ef50e3775bd05088bdbabf51cec9f0a0cdd7e5078206a2d33b8ae6
d9b268266af74b5c0834e2a519303ca97c5427c5fb7abb3b89ad29e07664be14
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da1ba35a2a2d6ce67672b81a8bd061e3eb6cfdb6d7369252c89b059150631787
dc0ef59613f66c6d0a0a9f0148af554b20c9fee2d2b2c7a77420dfa3dfb4d465
dce7d2bdbd7bd17e63a944e148a277924f18fc318dc93866d3c93dc5bc52ebf6
dd101610bfdd5074e44f8db73ae061dfbd46c7b6a7c860171e525088e85b6474
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
deecf7e07dad2be43a72d446d545581d045be8096f92fa479c2a350ab8e3b41d
df54c069da584ec929d42161c8fd19e74c7f408d70e6e7e0f8d27cc9c02a0ad9
e216a2e4c8ec23a5ca1754df6c353520069e0f95a73a5db65219fad4b740da1d
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e701b8c32867d0e3d7421103495316d2b3709ca3568a83bfad9ea816f12aaf6d
e8b93f317f6fedf1f871405cef5e5f9ed9f5740e7082c17cacee9c45a4d5a9b1
eb23db3601d322f46662a3bc0e1af715c31c616e46a7d45db0cdc651c11bfbc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c7be55f463c02bbd134c6e2afd2e4137a16468073856266042151fb8057609
f2ce3dab3a4b3fed6d29af728a2388103cd800a2960f165f1feaa4b6694dbc47
f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6
f5d5326d6927dde6e8e78e6ed65e9c46377c37ec06d33a4e9e0dd41510b12bdc
fa71494df231d3c2ddfac216288f8d2e91e77f79c68405cda94934738145a94e
fd96d9b3f117bd211bf9c6450e287560b6bcc50871852a51b46271c6bb26c520