www.itprotoday.com Open in urlscan Pro
2400:cb00:2048:1::6811:3e57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.itprotoday.com/management-mobility/what-mimikatz
Submission: On August 28 via manual (August 28th 2018, 7:05:14 am UTC) from NL

Summary HTTP 204 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 42 domains to perform 204 HTTP transactions. The main IP is 2400:cb00:2048:1::6811:3e57, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.itprotoday.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 10th 2018. Valid for: 6 months.

This is the only time www.itprotoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2400:cb00:204... 2400:cb00:2048:1::6811:3e57	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 5	149.56.155.167 149.56.155.167	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	178.79.245.69 178.79.245.69	22822 (LLNW) (LLNW - Limelight Networks)
1	117.121.250.129 117.121.250.129	22822 (LLNW) (LLNW - Limelight Networks)
18	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
11	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.32.98.89 13.32.98.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.98.97 13.32.98.97	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.111.241.136 104.111.241.136	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	2600:1f14:cc5... 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
35	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.23.134 172.217.23.134	15169 (GOOGLE) (GOOGLE - Google LLC)
2 9	2600:1f14:cc5... 2600:1f14:cc5:8002:3306:a3e5:c339:db18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.82.225.132 172.82.225.132	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.16.186.57 2.16.186.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.98.174 13.32.98.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	207.211.31.106 207.211.31.106	14135 (NAVISITE-...) (NAVISITE-EAST-2 - Navisite)
2	2600:1480:300... 2600:1480:3000:41::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
7	23.38.53.224 23.38.53.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	104.18.219.82 104.18.219.82	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.111.238.191 104.111.238.191	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	209.167.231.17 209.167.231.17	7160 (NETDYNAMICS) (NETDYNAMICS - Oracle Corporation)
4 5	185.33.223.216 185.33.223.216	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	52.3.188.64 52.3.188.64	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	2600:1f14:cc5... 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 4	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3 5	34.226.13.209 34.226.13.209	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY - Fastly)
1 2	54.171.229.6 54.171.229.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	34.249.136.192 34.249.136.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20a... 2600:9000:20ac:7000:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.221.210.243 54.221.210.243	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
8 9	54.247.73.220 54.247.73.220	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	54.93.159.17 54.93.159.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
6 7	54.246.125.195 54.246.125.195	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	35.156.164.244 35.156.164.244	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.153.11.17 18.153.11.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	2a03:2880:f12... 2a03:2880:f12d:86:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
204	54

34 2400:cb00:2048:1::6811:3e57 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.itprotoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 149.56.155.167 (Montréal, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: canwww.easy.cz

embed.calculoid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.232.23 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.245.69 (Italy) 1 redirects

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: vps-011.fra.llnw.net

video.limelight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.121.250.129 (Australia)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-117-121-250-129.sin.llnw.net

s.delvenetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81e::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.89 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-98-89.prg50.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.97 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-98-97.prg50.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.136 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-136.deploy.static.akamaitechnologies.com

plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2.18.235.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.134 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f14:cc5:8002:3306:a3e5:c339:db18 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-34-220-197-142.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.113 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.225.132 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: itprotoday.com.ssl.sc.omtrdc.net

smetrics.itprotoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.57 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-57.deploy.static.akamaitechnologies.com

og3i93vzhywk-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.174 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-98-174.prg50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.211.31.106 (United States)

ASN14135 (NAVISITE-EAST-2 - Navisite, Inc., US)
PTR: service151-us.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1480:3000:41:: (United States)

ASN33905 (AKAMAI-AMS, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.38.53.224 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.219.82 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

polarcdn-pentos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.238.191 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-238-191.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.167.231.17 (United States) 1 redirects

ASN7160 (NETDYNAMICS - Oracle Corporation, US)
PTR: e017.en25.com

s1481.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.216 (European Union) 4 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.188.64 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-188-64.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api-34-220-34-65.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.34 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.226.13.209 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-226-13-209.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.229.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.136.192 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-136-192.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ac:7000:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.210.243 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-221-210-243.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.247.73.220 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-73-220.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.159.17 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-159-17.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.246.125.195 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-125-195.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.164.244 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-164-244.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.17 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	itprotoday.com 1 redirects www.itprotoday.com smetrics.itprotoday.com	699 KB
35	moatads.com z.moatads.com px.moatads.com	146 KB
24	doubleclick.net 5 redirects securepubads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net	104 KB
18	adroll.com 14 redirects s.adroll.com d.adroll.com	21 KB
18	b2c.com 2 redirects api.b2c.com api-34-220-197-142.b2c.com api-34-220-34-65.b2c.com	29 KB
16	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	192 KB
8	polarcdn-pentos.com polarcdn-pentos.com	1 KB
8	adobedtm.com assets.adobedtm.com	57 KB
7	typekit.net use.typekit.net p.typekit.net	157 KB
6	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	24 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com	2 KB
5	adnxs.com 4 redirects ib.adnxs.com	4 KB
5	calculoid.com 2 redirects embed.calculoid.com	140 KB
4	google.com 1 redirects www.google.com	388 B
3	pinterest.com assets.pinterest.com log.pinterest.com	24 KB
3	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	70 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	14 KB
3	googletagservices.com www.googletagservices.com	19 KB
2	openx.net 1 redirects us-u.openx.net	597 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	979 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 1 redirects pixel.advertising.com	647 B
2	facebook.net connect.facebook.net	31 KB
2	eloqua.com 1 redirects s1481.t.eloqua.com	1 KB
2	demandbase.com scripts.demandbase.com api.demandbase.com	5 KB
2	google.de adservice.google.de www.google.de	287 B
1	facebook.com www.facebook.com	294 B
1	yahoo.com ads.yahoo.com	1 KB
1	taboola.com trc.taboola.com	226 B
1	pubmatic.com simage2.pubmatic.com	2 KB
1	outbrain.com sync.outbrain.com	18 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	chartbeat.net ping.chartbeat.net	213 B
1	chartbeat.com static.chartbeat.com	16 KB
1	en25.com img.en25.com	3 KB
1	mimecast.com protect-us.mimecast.com
1	akamaihd.net og3i93vzhywk-a.akamaihd.net	409 B
1	jquery.com code.jquery.com	33 KB
1	mediavoice.com plugin.mediavoice.com	115 KB
1	delvenetworks.com s.delvenetworks.com	19 KB
1	limelight.com 1 redirects video.limelight.com	285 B
204	42

	Domain	Requested by
34	www.itprotoday.com	www.itprotoday.com
30	px.moatads.com	www.itprotoday.com
16	d.adroll.com	14 redirects s.adroll.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.itprotoday.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.itprotoday.com
9	api-34-220-197-142.b2c.com	2 redirects www.itprotoday.com
8	polarcdn-pentos.com	plugin.mediavoice.com
8	assets.adobedtm.com	www.itprotoday.com assets.adobedtm.com
6	use.typekit.net	www.itprotoday.com use.typekit.net
5	idsync.rlcdn.com	3 redirects www.itprotoday.com
5	ib.adnxs.com	4 redirects
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com www.itprotoday.com
5	z.moatads.com	securepubads.g.doubleclick.net www.itprotoday.com
5	api.b2c.com	securepubads.g.doubleclick.net assets.adobedtm.com
5	embed.calculoid.com	2 redirects www.itprotoday.com
4	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
4	cm.g.doubleclick.net	4 redirects
4	api-34-220-34-65.b2c.com	www.itprotoday.com
4	pubads.g.doubleclick.net	plugin.mediavoice.com
4	www.google.com	1 redirects www.itprotoday.com
3	www.googletagservices.com	www.itprotoday.com securepubads.g.doubleclick.net www.googletagservices.com
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.advertising.com	1 redirects
2	connect.facebook.net	s.adroll.com connect.facebook.net
2	s.adroll.com	www.itprotoday.com
2	a.dpmsrv.com	www.itprotoday.com
2	s1481.t.eloqua.com	1 redirects www.itprotoday.com
2	assets.pinterest.com	www.itprotoday.com assets.pinterest.com
2	www.google-analytics.com	1 redirects www.itprotoday.com
2	smetrics.itprotoday.com	1 redirects www.itprotoday.com
2	tags.crwdcntrl.net	assets.adobedtm.com
1	www.facebook.com
1	ads.yahoo.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	ping.chartbeat.net
1	static.chartbeat.com	www.itprotoday.com
1	log.pinterest.com	assets.pinterest.com
1	p.typekit.net	www.itprotoday.com
1	img.en25.com	www.itprotoday.com
1	protect-us.mimecast.com	www.itprotoday.com
1	s.dpmsrv.com	www.itprotoday.com
1	og3i93vzhywk-a.akamaihd.net	www.itprotoday.com
1	www.google.de	www.itprotoday.com
1	stats.g.doubleclick.net	1 redirects
1	ssl.google-analytics.com	assets.adobedtm.com
1	ad.doubleclick.net	www.googletagservices.com
1	code.jquery.com	securepubads.g.doubleclick.net
1	plugin.mediavoice.com	assets.adobedtm.com
1	api.demandbase.com	assets.adobedtm.com
1	scripts.demandbase.com	assets.adobedtm.com
1	adservice.google.de	www.googletagservices.com
1	s.delvenetworks.com	www.itprotoday.com
1	video.limelight.com	1 redirects
204	59

This site contains links to these domains. Also see Links.

Domain
corporate.knect365.com
knect365.com
informa.com
tmt.knect365.com
www.devconnections.com
leaders.afcom.com
www.penton.com
www.facebook.com
twitter.com
plus.google.com
www.linkedin.com
github.com
engage.informa.com

Subject Issuer	Validity	Valid
ssl765819.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-10` - `2019-02-16`	6 months	crt.sh
embed.calculoid.com RapidSSL RSA CA 2018	`2018-03-06` - `2019-08-11`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2018-04-06` - `2019-04-11`	a year	crt.sh
*.hs.llnwd.net COMODO RSA Organization Validation Secure Server CA	`2017-10-23` - `2020-10-22`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2016-09-20` - `2018-11-19`	2 years	crt.sh
*.mediavoice.com DigiCert SHA2 Secure Server CA	`2018-04-07` - `2019-04-07`	a year	crt.sh
*.b2c.com Go Daddy Secure Certificate Authority - G2	`2016-03-24` - `2019-03-24`	3 years	crt.sh
code.jquery.com Let's Encrypt Authority X3	`2018-06-18` - `2018-09-16`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-01-09` - `2019-01-09`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2016-03-15` - `2019-03-20`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
smetrics.itprotoday.com DigiCert SHA2 High Assurance Server CA	`2017-10-26` - `2018-11-02`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
*.dpmsrv.com Amazon	`2018-06-12` - `2019-07-12`	a year	crt.sh
*.mimecast.com DigiCert Global CA G2	`2018-05-10` - `2020-07-24`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2018-07-13` - `2019-06-26`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
ssl887612.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-05-18` - `2019-04-19`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2018-04-25` - `2019-07-25`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2018-02-01` - `2019-02-01`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2018-04-02` - `2019-04-18`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-01-02` - `2019-01-02`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-08-22` - `2018-10-06`	a month	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.3lift.com Amazon	`2018-07-31` - `2019-08-31`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-07-05` - `2019-01-10`	6 months	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.itprotoday.com/management-mobility/what-mimikatz
Frame ID: 2754DD8A222EBD6258F1EA7CAB7F20E7
Requests: 155 HTTP requests in this frame

Frame: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Frame ID: 657C819FD58FA894D674FB050D1AB445
Requests: 16 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N410401.3165372ITPROTODAY/B20654036.213045717;dc_ver=44.116;dc_eid=40004001;sz=640x480;osdl=1;u_sd=1;dc_adk=1633445572;ord=zn6knv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssVAi8PUJBRNpAs7M_A-IPijI9MTcymbgWVNqwJhh0S0fnEOzEIbOeJQcbgYcPTLx83NW28z7dC7CMpHCre9arAXyH4RPxfEugFdmyT8FMOO-IZbCIu4VDgFWWWWpMwOHwEuSkTN_IwTcuBgemnaQ-855uCiv5ZcucG3tND7NIX1jC10ftBrVpcDceKOZtgrMGD5FVpDTQ5I3uEobQh_Y1ycyGR0al2alGrbFD_F6GizLET6iLmxvwNdhcdU8devZr7f8DlaqdDHbuAxtpaFSelJbOazRHeMw%26sai%3DAMfl-YQBauSZD0FDNgSWqx1u_-Ro5dLpXs_yxnxQRXWBUHSSFnS2Z1WkqpqUP6DMtq3Vk6h1m1w-SfJWlFBg89uqimxrteldSqq2f0ieprQJGg%26sig%3DCg0ArKJSzKWfmnEm8i9tEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz$0;xdt=0;crlt=RxO0msQYrr;osda=2;sttr=46;prcl=s
Frame ID: CCE87CD3D7CE8C431ACF81BE132766C1
Requests: 1 HTTP requests in this frame

Frame: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Frame ID: C364FDFC9CC05AC334F1A81956ABB389
Requests: 12 HTTP requests in this frame

Frame: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Frame ID: 39B01DF1FF43EABDC1A121AB2ECDE50D
Requests: 12 HTTP requests in this frame

Frame: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Frame ID: E2C5C17348EF2B6F02894579F9D20AB2
Requests: 11 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/int=%23OpR%2366985%23itprotoday%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 9FCCE81355FBA25CA5E3816E43F180C3
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2384828%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/rt=ifr
Frame ID: 989F78BBB5FC807A02249B3E056AA210
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
meta generator /Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i
env /^Drupal$/i

CKEditor (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

env /^CKEDITOR$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
meta generator /Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i
env /^Drupal$/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^adroll_/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

env /^Typekit$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

204
Requests

97 %
HTTPS

30 %
IPv6

42
Domains

59
Subdomains

54
IPs

9
Countries

1914 kB
Transfer

5885 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://corporate.knect365.com/privacy-centre/our-cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://knect365.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: http://informa.com/About-Us/
Title: About us

Search URL Search Domain Scan URL

URL: http://informa.com/Investors/
Title: Investor relations

Search URL Search Domain Scan URL

URL: http://informa.com/Talent/
Title: Talent

Search URL Search Domain Scan URL

URL: https://tmt.knect365.com/iot-world/?utm_source=ITPMedia&utm_medium=website&utm_campaign=eyebrow-link
Title: IoT World

Search URL Search Domain Scan URL

URL: http://www.devconnections.com/?utm_source=ITPMedia&utm_medium=website&utm_campaign=eyebrow-link
Title: IT/Dev Connections

Search URL Search Domain Scan URL

URL: https://tmt.knect365.com/container-world/?utm_source=ITPMedia&utm_medium=website&utm_campaign=eyebrow-link
Title: Container World

Search URL Search Domain Scan URL

URL: http://leaders.afcom.com/ll18/Public/enter.aspx
Title: Leaders lab

Search URL Search Domain Scan URL

URL: https://tmt.knect365.com/it-dev-connections/?utm_source=ITPMedia&utm_medium=website&utm_campaign=eyebrow-link
Title: IT/Dev Connections

Search URL Search Domain Scan URL

URL: http://www.penton.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ITProToday/

Search URL Search Domain Scan URL

URL: https://twitter.com/ITProToday

Search URL Search Domain Scan URL

URL: https://plus.google.com/115563256559407060026

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/1163947

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.itprotoday.com/management-mobility/what-mimikatz&t=What%20is%20Mimikatz
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.itprotoday.com/management-mobility/what-mimikatz
Title:

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.itprotoday.com/management-mobility/what-mimikatz&title=What%20is%20Mimikatz&summary=Q.%20What%20is%20Mimikatz?A.%20Mimikatz%20is%20an%20open-source%20utility%20that%20enables%20the%20viewing%20of%20credential%20information%20from%20the%20Windows%20lsass%20(Local%20Security%20Authority%20Subsystem%20Service)%20through%20its%20sekurlsa%20module%20which%20includes%20plaintext%20passwords%20and%20Kerberos%20tickets%20which%20could%20then%20be%20used%20for%20attacks%20such%20as%20pass-the-hash%20and%20pass-the-ticket.%20Most%20anti-virus%20tools%20will%20detect%20the%20presence%20of%20Mimikatz%20as%20a%20threat%20and%20delete%20it%20but%20it%20can%20be%20interesting%20to%20test%20security%20on%20systems.&source=IT%20Pro
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://www.itprotoday.com/management-mobility/what-mimikatz&text=What%20is%20Mimikatz
Title:

Search URL Search Domain Scan URL

URL: https://github.com/gentilkiwi/mimikatz
Title: https://github.com/gentilkiwi/mimikatz

Search URL Search Domain Scan URL

URL: https://informa.com/

Search URL Search Domain Scan URL

URL: http://www.penton.com/privacy-policy#ThirdPartyAdvertisingTech
Title: Ad Choices

Search URL Search Domain Scan URL

URL: http://engage.informa.com/privacy-statement
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://engage.informa.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://embed.calculoid.com/styles/main.css HTTP 307
https://embed.calculoid.com/styles/1.3.0/main.css

Request Chain 22

https://video.limelight.com/player/embed.js HTTP 302
https://s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/embed.js

Request Chain 23

https://embed.calculoid.com/scripts/combined.min.js HTTP 307
https://embed.calculoid.com/scripts/1.3.0/combined.min.js

Request Chain 71

https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200&D=D%3D&fid=14FE23D12CAC9DCF-1556DA478C3E537C&ce=UTF-8&pageName=article%3AWhat%20is%20Mimikatz&g=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&c.&s_dmdbase=ISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visito%3ABot%3AISP%20Visitor&s_dmdbase_custom=Basic%3AISP%20Visitor%3Atrue%3AISP%20Visitor%3AISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor&.c&cc=USD&ch=management%20%26%20mobility&events=event18&c4=john%20savill&c6=article&c8=1_of_10&c9=management%20%26%20mobility&c10=sep%2013%2C%202016&c11=8c1d9d0b-a985-4ca5-83a9-40d4816849e0&v11=3%3A05%20AM%7CTuesday&c13=unreg&v13=article&c16=anonymous&v16=D%3Ds_vi&c26=public&v46=visible&v69=pentonwinnet%2Ccapability&v71=1535439901694&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&pccr=true&vidn=2DC27A0E853167D3-400001208000A608&&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200&D=D%3D&fid=14FE23D12CAC9DCF-1556DA478C3E537C&ce=UTF-8&pageName=article%3AWhat%20is%20Mimikatz&g=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&c.&s_dmdbase=ISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visito%3ABot%3AISP%20Visitor&s_dmdbase_custom=Basic%3AISP%20Visitor%3Atrue%3AISP%20Visitor%3AISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor&.c&cc=USD&ch=management%20%26%20mobility&events=event18&c4=john%20savill&c6=article&c8=1_of_10&c9=management%20%26%20mobility&c10=sep%2013%2C%202016&c11=8c1d9d0b-a985-4ca5-83a9-40d4816849e0&v11=3%3A05%20AM%7CTuesday&c13=unreg&v13=article&c16=anonymous&v16=D%3Ds_vi&c26=public&v46=visible&v69=pentonwinnet%2Ccapability&v71=1535439901694&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 72

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1816148227&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&ul=en-us&de=UTF-8&dt=What%20is%20Mimikatz%20%7C%20IT%20Pro&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=pageview&ea=load&el=%2Fmanagement-mobility%2Fwhat-mimikatz&ev=1&_u=YAhAAAAB~&jid=1103125043&gjid=493620821&cid=1533519902.1535439901&tid=UA-15396830-1&_gid=2136056222.1535439902&_r=1&cd2=john%20savill&cd3=1_of_10&cd4=&cd5=&cd6=sep%2013%2C%202016&cd7=management%20%26%20mobility&cd9=article&cd10=unreg&cd11=public&cd12=&cd13=anonymous&cd14=&cd1=article%3Awhat%20is%20mimikatz&cd8=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&cd15=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_13_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F67.0.3396.87%20safari%2F537.36&cd16=article&z=1621594575 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_gid=2136056222.1535439902&gjid=493620821&_v=j68&z=1621594575 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575&slf_rd=1&random=233294351

Request Chain 98

https://api-34-220-197-142.b2c.com/api/x?cSxbfZYliJF6qOP6$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5pdHByb3RvZGF5LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJ3aW5kb3ckMCQxNTg1eDEyMDAiLCJpbm5lciQwJDE1ODV4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMiR0cnVlIiwiZG9Ob3RUcmFjayQyJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMiQ4IiwibGFuZ3VhZ2UkMiRlbi1VUyIsInBsYXRmb3JtJDIkTGludXggeDg2XzY0IiwicHJvZHVjdCQyJEdlY2tvIiwicHJvZHVjdFN1YiQyJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQyJDEiLCJ1c2VyQWdlbnQkMiRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMiRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQyJCIsImZvbnRyZW5kZXIkNiQxIiwid2ViZ2wkNyRuL2EiLCJ0aW1lJDckMTUzNTQzOTkwMTQyMyIsInRpbWV6b25lJDckMCIsInBsdWdpbnMkNyROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ3JDIxLjciLCJtZW0tdXNlZEpTSGVhcFNpemUkNyQxNy4xIiwibWVtLWpzSGVhcFNpemVMaW1pdCQ3JDIzMzAiLCJ0aW1lLXJlc3BvbnNlRW5kJDckMTYiLCJ0aW1lLWRvbUxvYWRpbmckNyQxNiIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNyQxNiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkNyQxNiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDckMTYiLCJ0aW1lLWRvbUNvbXBsZXRlJDckMTciLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDckMTciLCJ0aW1lLWxvYWRFdmVudEVuZCQ3JDE3IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDckMCIsIm5hdmlnYXRpb24tdHlwZSQ3JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDEwJDAuMyIsImdsb2JhbHMkMTAkYjNlMGQ2NzMiLCJkb2N1bWVudC10aW1lJDE0JDAuNSIsImRvY3VtZW50JDE0JGIzZTQwZGEzIiwiY29ubmVjdGlvbiQxNCQiLCJkb3dubGlua01heCQxNCQiLCJnZXRVc2VyTWVkaWEkMTQkMiIsImNsb2NrJDE5JDQ1NjYiLCJiYXR0ZXJ5JDgyJDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDgzJDk2ZTE0YmVmIiwic29ydCQyMTYkMTMxLjQiLCJpbnRlcnNlY3Rpb24tc2l6ZSQyNjEkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDI2MSQweDAgMTU4NXg4NiIsImludGVyc2VjdGlvbiQyNjEkMTAwIiwiZnJhbWVyYXRlJDI2MSQyMA HTTP 302
https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6

Request Chain 106

https://s1481.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled HTTP 302
https://s1481.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled&elqCookie=1

Request Chain 135

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D785174%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.itprotoday.com%252Fmanagement-mobility%252Fwhat-mimikatz&_=1535439902410 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D785174%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.itprotoday.com%25252Fmanagement-mobility%25252Fwhat-mimikatz%26_%3D1535439902410 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=5221829138924704343&q=xImp&v=1.x&cl=55&pixelIndex=0&r=785174&tzOffset=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&_=1535439902410

Request Chain 146

https://api-34-220-197-142.b2c.com/api/x?Hzcfzqz9qtznhY5w$YWRibG9jayQ1OTYkMA HTTP 302
https://api-34-220-197-142.b2c.com:444/api/4?Hzcfzqz9qtznhY5w

Request Chain 151

https://api-34-220-197-142.b2c.com/api/x?iewmC4i323p0Lmis$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5pdHByb3RvZGF5LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJ3aW5kb3ckMCQzMDB4MjUwIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQyJG4vYSIsInRpbWUkMiQxNTM1NDM5OTAyNDk5IiwidGltZXpvbmUkMiQwIiwicGx1Z2lucyQyJE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDIkMjEuNyIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyJDE3LjEiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDIkMjMzMCIsInRpbWUtcmVzcG9uc2VFbmQkMiQ1MCIsInRpbWUtZG9tTG9hZGluZyQyJDUwIiwidGltZS1kb21JbnRlcmFjdGl2ZSQyJDUwIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQyJDUwIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkMiQ1MCIsInRpbWUtZG9tQ29tcGxldGUkMiQ1MCIsInRpbWUtbG9hZEV2ZW50U3RhcnQkMiQ1MCIsInRpbWUtbG9hZEV2ZW50RW5kJDIkNTAiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMiQwIiwibmF2aWdhdGlvbi10eXBlJDIkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkNiQwLjQiLCJnbG9iYWxzJDckYjNlMGQ2NzMiLCJkb2N1bWVudC10aW1lJDEwJDAuNCIsImRvY3VtZW50JDEwJGIzZTQwZGEzIiwiY29ubmVjdGlvbiQxMCQiLCJkb3dubGlua01heCQxMCQiLCJnZXRVc2VyTWVkaWEkMTEkMiIsImNsb2NrJDE1JDQ0MDAiLCJiYXR0ZXJ5JDIyJDEgMSAwIEluZmluaXR5IiwiYWRibG9jayQyMiQwIiwiaW50ZXJzZWN0aW9uLXNpemUkMjQkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDI0JDB4MCAzMDB4MCIsImludGVyc2VjdGlvbiQyNCQxMDAiLCJhdWRpb2NvbnRleHQkMjckOTZlMTRiZWYiLCJzb3J0JDE1MyQxMTMuOSIsImZyYW1lcmF0ZSQxNTMkNDA HTTP 302
https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_gid=CAESEIuh7NaUc1klGicQYwNBmho&google_cver=1

Request Chain 156

https://idsync.rlcdn.com/423396.gif?partner_uid=5221829138924704343 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COTrGRIfChsIARDGpwEaEzUyMjE4MjkxMzg5MjQ3MDQzNDMQABoNCJ_ok9wFEgUI6AcQAA HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5225664602739312599

Request Chain 169

https://api-34-220-34-65.b2c.com/api/x?crnuRs0waRRG2dz0$YWRibG9jayQ1NTYkMA HTTP 302
https://api-34-220-34-65.b2c.com:444/api/4?crnuRs0waRRG2dz0

Request Chain 170

https://api-34-220-34-65.b2c.com/api/x?SZbNr55INRNHb06e$YWRibG9jayQ1NDIkMA HTTP 302
https://api-34-220-34-65.b2c.com:444/api/4?SZbNr55INRNHb06e

Request Chain 171

https://bcp.crwdcntrl.net/5/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/int=%23OpR%2366985%23itprotoday%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/int=%23OpR%2366985%23itprotoday%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 173

https://bcp.crwdcntrl.net/5/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2384828%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2384828%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/rt=ifr

Request Chain 180

https://d.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B?pv=90629838563.85599&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz HTTP 302
https://s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/45GZFZBG65GTZP2EESFCXP.js

Request Chain 182

https://d.adroll.com/cm/aol/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 183

https://d.adroll.com/cm/index/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904&C=1

Request Chain 184

https://d.adroll.com/cm/n/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expires=365

Request Chain 185

https://d.adroll.com/cm/outbrain/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

Request Chain 186

https://d.adroll.com/cm/pubmatic/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 187

https://d.adroll.com/cm/taboola/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

Request Chain 188

https://d.adroll.com/cm/triplelift/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 189

https://d.adroll.com/cm/r/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 190

https://d.adroll.com/cm/b/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

Request Chain 191

https://d.adroll.com/cm/x/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI%27)

Request Chain 192

https://d.adroll.com/cm/l/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=e6dcfb654e23aa97a31d78c4e0fbea1b HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOBVb5x8tdUtMV7MTyGl6gk&google_cver=1

Request Chain 193

https://d.adroll.com/cm/o/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b

Request Chain 194

https://d.adroll.com/cm/g/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=5tz7ZU4jqpejHXjE4PvqGw&google_ula=1535926 HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

204 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request what-mimikatz Show response
www.itprotoday.com/management-mobility/ 77 KB
16 KB 47ms
15ms Document
text/html 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/5.6.36

Resource Hash

3238fa66139cc0181b3fbb74a9c622a2a5e0e8e5e91029c1d2f0a50c1ba23499

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.itprotoday.com
:scheme: https
:path: /management-mobility/what-mimikatz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2754DD8A222EBD6258F1EA7CAB7F20E7

Response headers

status: 200
date: Tue, 28 Aug 2018 07:05:00 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900; expires=Wed, 28-Aug-19 07:05:00 GMT; path=/; domain=.itprotoday.com; HttpOnly
cache-control: public, max-age=600
content-language: en
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 28 Aug 2018 00:49:18 GMT
link: <https://www.itprotoday.com/management-mobility/what-mimikatz>; rel="canonical",<https://www.itprotoday.com/node/80366>; rel="shortlink"
vary: Cookie,Accept-Encoding
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-powered-by: PHP/5.6.36
x-ua-compatible: IE=edge,chrome=1
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4514ed4f295596fa-FRA
content-encoding: gzip

GET
H2 200 css_PpiQEI-azlEmknynFVbTW6pWwXhVPT_fbABYbBL6JWQ.css
www.itprotoday.com/sites/itprotoday.com/files/css/ 2 KB
1 KB 13ms
11ms Stylesheet
text/css 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_PpiQEI-azlEmknynFVbTW6pWwXhVPT_fbABYbBL6JWQ.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9890108f9ace5126927ca71556d35baa56c178553d3fdf6c00586c12fa2564

Request headers

:path: /sites/itprotoday.com/files/css/css_PpiQEI-azlEmknynFVbTW6pWwXhVPT_fbABYbBL6JWQ.css
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 07:56:04 GMT
server: cloudflare
etag: "982-571ce35e040a0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 4514ed4f497096fa-FRA
content-length: 922
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 css_DHcXHPYBSjIVaCQZEG4ZlpLkvslnFlBCnQUCzlbRBio.css
www.itprotoday.com/sites/itprotoday.com/files/css/ 15 KB
3 KB 21ms
19ms Stylesheet
text/css 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_DHcXHPYBSjIVaCQZEG4ZlpLkvslnFlBCnQUCzlbRBio.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c77171cf6014a3215682419106e199692e4bec9671650429d0502ce56d1062a

Request headers

:path: /sites/itprotoday.com/files/css/css_DHcXHPYBSjIVaCQZEG4ZlpLkvslnFlBCnQUCzlbRBio.css
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 07:56:04 GMT
server: cloudflare
etag: "3c76-571ce35d82e38-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 4514ed4f497296fa-FRA
content-length: 2539
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 css_inMHdOMnX3W6U-rjaV-JSK3Nb6lEO-pYEnqH0CBAamM.css
www.itprotoday.com/sites/itprotoday.com/files/css/ 13 KB
3 KB 22ms
19ms Stylesheet
text/css 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_inMHdOMnX3W6U-rjaV-JSK3Nb6lEO-pYEnqH0CBAamM.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a730774e3275f75ba53eae3695f8948adcd6fa9443bea58127a87d020406a63

Request headers

:path: /sites/itprotoday.com/files/css/css_inMHdOMnX3W6U-rjaV-JSK3Nb6lEO-pYEnqH0CBAamM.css
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:51 GMT
server: cloudflare
etag: "3228-571ce4e2182f0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 4514ed4f497496fa-FRA
content-length: 3064
expires: Tue, 28 Aug 2018 09:40:31 GMT

GET
H2 200 css_Jv8M3_6DhmaMxzHrGxifQD16_eNlmYAQ7vIImIbV9Fg.css
www.itprotoday.com/sites/itprotoday.com/files/css/ 4 KB
1 KB 21ms
18ms Stylesheet
text/css 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_Jv8M3_6DhmaMxzHrGxifQD16_eNlmYAQ7vIImIbV9Fg.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ff0cdffe8386668cc731eb1b189f403d7afde365998010eef2089886d5f458

Request headers

:path: /sites/itprotoday.com/files/css/css_Jv8M3_6DhmaMxzHrGxifQD16_eNlmYAQ7vIImIbV9Fg.css
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jul 2018 18:49:16 GMT
server: cloudflare
etag: "1196-5725008f35078-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 4514ed4f497596fa-FRA
content-length: 1331
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
www.itprotoday.com/sites/itprotoday.com/files/css/ 556 KB
77 KB 13ms
10ms Stylesheet
text/css 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f5adbeba2f2829356da1a3bf546eea0d53a856a56be83ceaca685b3c42a385

Request headers

:path: /sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Aug 2018 10:22:11 GMT
server: cloudflare
etag: "8b10a-57417a1ccb2d0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f497696fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H/1.1

200
OK

main.css
embed.calculoid.com/styles/1.3.0/
Redirect Chain

https://embed.calculoid.com/styles/main.css
https://embed.calculoid.com/styles/1.3.0/main.css

27 KB
5 KB

93ms
92ms

Stylesheet
text/css

149.56.155.167
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.calculoid.com/styles/1.3.0/main.css
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.155.167 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: canwww.easy.cz
Software: Apache /
Resource Hash: e5d4811947a677b69190e0c75c74f5766ec90dbf72d28858dadefdb089fd07b3

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 4621
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Last-Modified: Mon, 09 Jul 2018 15:55:02 GMT
Server: Apache
ETag: "61d24-6a08-57093094b8180"
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 28 Aug 2018 08:05:00 GMT

Redirect headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: https://embed.calculoid.com/styles/1.3.0/main.css
Cache-Control: max-age=3600
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 216
Expires: Tue, 28 Aug 2018 08:05:00 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1473e62d55983627140cd593e907e6be48c230a810abd404cc8eb83def7639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "8 / 154 of 1000 / last-modified: 1535384549"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7842
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 07:05:00 GMT

GET
H2 200 header.png
www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/ 17 KB
17 KB 11ms
8ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/header.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aec33dbddcd14fc3d2c6a6e6684e5046f02a88063d65b91a8363fb0992a100f

Request headers

:path: /sites/all/themes/penton_subtheme_itprotoday/images/logos/header.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 20:00:38 GMT
server: cloudflare
etag: "42f9-574702dde8c83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497796fa-FRA
content-length: 17145
expires: Tue, 11 Sep 2018 06:40:31 GMT

GET
H2 200 login-570317960720_0.jpg
www.itprotoday.com/sites/itprotoday.com/files/styles/article_featured_standard/public/uploads/2016/09/ 20 KB
20 KB 758ms
755ms Image
image/jpeg 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/styles/article_featured_standard/public/uploads/2016/09/login-570317960720_0.jpg?itok=oucfo_ob
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54ada34dc82db4b43985e36290329a6557f6a34872ffc7dce8f3d01a97659e6

Request headers

:path: /sites/itprotoday.com/files/styles/article_featured_standard/public/uploads/2016/09/login-570317960720_0.jpg?itok=oucfo_ob
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Oct 2017 16:42:34 GMT
server: cloudflare
etag: "4f18-55a930fbb3260"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497896fa-FRA
content-length: 20248
expires: Tue, 11 Sep 2018 07:05:00 GMT

GET
H2 200 account-default-image.png
www.itprotoday.com/sites/all/themes/penton_core_theme/images/ 5 KB
5 KB 23ms
21ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_core_theme/images/account-default-image.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12260d8e3e5f7c60dfda5731f3b77e1748c45fe480bec2d0cee49616dd48ae04

Request headers

:path: /sites/all/themes/penton_core_theme/images/account-default-image.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 18:01:46 GMT
server: cloudflare
etag: "1414-5746e84c5e745"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497c96fa-FRA
content-length: 5140
expires: Tue, 11 Sep 2018 06:53:14 GMT

GET
H2 200 iphone-display-hero.jpg
www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/ 4 KB
4 KB 21ms
19ms Image
image/jpeg 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/iphone-display-hero.jpg?itok=FBmi01e9
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f714c796933172a5bf419c4bb2199c88f4c4d32c93cc4843fcc4c2b20b44ef6

Request headers

:path: /sites/itprotoday.com/files/styles/article_related_thumb_standard/public/iphone-display-hero.jpg?itok=FBmi01e9
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 15:42:41 GMT
server: cloudflare
etag: "e89-5746c9367aee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497d96fa-FRA
content-length: 3721
expires: Tue, 11 Sep 2018 06:55:09 GMT

GET
H2 200 Screen%20Shot%202018-08-23%20at%207.19.24%20AM_0.png
www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/ 13 KB
13 KB 21ms
19ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/Screen%20Shot%202018-08-23%20at%207.19.24%20AM_0.png?itok=wa_AV_kw
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618a5a55ae8bba4a9ca3f779b831e327f31cf600a0433d2e77364cc3b0080d3c

Request headers

:path: /sites/itprotoday.com/files/styles/article_related_thumb_standard/public/Screen%20Shot%202018-08-23%20at%207.19.24%20AM_0.png?itok=wa_AV_kw
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Aug 2018 11:23:30 GMT
server: cloudflare
etag: "3302-574187d1beae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497e96fa-FRA
content-length: 13058
expires: Tue, 11 Sep 2018 06:55:09 GMT

GET
H2 200 iphone-with-apps-displayed.jpg
www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/ 3 KB
3 KB 23ms
21ms Image
image/jpeg 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/iphone-with-apps-displayed.jpg?itok=STVsgHip
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9842ee9628926d84377536cc79c0bfed768ceec94a761007ba0a359f1f9efcfe

Request headers

:path: /sites/itprotoday.com/files/styles/article_related_thumb_standard/public/iphone-with-apps-displayed.jpg?itok=STVsgHip
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Aug 2018 17:09:08 GMT
server: cloudflare
etag: "a01-5740933551d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f497f96fa-FRA
content-length: 2561
expires: Tue, 11 Sep 2018 06:29:22 GMT

GET
H2 200 Screen%20Shot%202018-08-21%20at%208.40.05%20PM_0.png
www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/ 13 KB
13 KB 25ms
23ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/styles/article_related_thumb_standard/public/Screen%20Shot%202018-08-21%20at%208.40.05%20PM_0.png?itok=vbkZ4gEB
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70efdeff42d0723194656fdd5529f0895449ac02f5e4546dd89c027a669fb67d

Request headers

:path: /sites/itprotoday.com/files/styles/article_related_thumb_standard/public/Screen%20Shot%202018-08-21%20at%208.40.05%20PM_0.png?itok=vbkZ4gEB
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Aug 2018 00:43:53 GMT
server: cloudflare
etag: "340f-573fb6fcd2858"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f598796fa-FRA
content-length: 13327
expires: Tue, 11 Sep 2018 06:55:09 GMT

GET
H2 200 footer.png
www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/ 17 KB
17 KB 22ms
20ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/footer.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599fbcf0afb3cb15a84b5f40ef05cca6bfb7251c86e5a9cee75b9864cb549dd7

Request headers

:path: /sites/all/themes/penton_subtheme_itprotoday/images/logos/footer.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Aug 2018 06:01:33 GMT
server: cloudflare
etag: "4342-5747892eb7843"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f598896fa-FRA
content-length: 17218
expires: Tue, 11 Sep 2018 06:40:53 GMT

GET
H2 200 powered_by_informa_businessline.png
www.itprotoday.com/sites/all/themes/penton_core_theme/images/ 7 KB
8 KB 24ms
22ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_core_theme/images/powered_by_informa_businessline.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d35a988d0bdd318646c216fa4b757a6bcbab34427895984e960bc332465c3b1

Request headers

:path: /sites/all/themes/penton_core_theme/images/powered_by_informa_businessline.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 18:13:42 GMT
server: cloudflare
etag: "1d92-5746eaf6f2bba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f598996fa-FRA
content-length: 7570
expires: Tue, 11 Sep 2018 06:40:31 GMT

GET
H2 200 js_KUtWmy_QP6atnDjXwpDAH183eelDuv-2PY5ksEFKvNQ.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 94 KB
33 KB 21ms
19ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_KUtWmy_QP6atnDjXwpDAH183eelDuv-2PY5ksEFKvNQ.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294b569b2fd03fa6ad9c38d7c290c01f5f3779e943baffb63d8e64b0414abcd4

Request headers

:path: /sites/itprotoday.com/files/js/js_KUtWmy_QP6atnDjXwpDAH183eelDuv-2PY5ksEFKvNQ.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:24 GMT
server: cloudflare
etag: W/"1772a-571ce4c8a29b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f497a96fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 js_s3L_uC35AiN5EGYY533su-jccnLRp2aKpOnjgPLbo34.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 20 KB
7 KB 20ms
18ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_s3L_uC35AiN5EGYY533su-jccnLRp2aKpOnjgPLbo34.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b372ffb82df9022379106618e77decbbe8dc7272d1a7668aa4e9e380f2dba37e

Request headers

:path: /sites/itprotoday.com/files/js/js_s3L_uC35AiN5EGYY533su-jccnLRp2aKpOnjgPLbo34.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:25 GMT
server: cloudflare
etag: W/"4efd-571ce4c8d7570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f497b96fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H/1.1 200
OK satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/ 131 KB
33 KB 25ms
10ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0a7b685f109ddb5894bfc662e137cbbc2cd8f32f2ba0b2a51f56796c2b0d0027

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "924c2d08c879f3ced8d3d70a4c6d5ac1:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 33462
Expires: Tue, 28 Aug 2018 08:05:00 GMT

GET
H2 200 js_eOe-hGqK6-bRjj7DQYO_Y-oCu3MIoF2vYxLUbQbtu4I.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 51 KB
17 KB 23ms
22ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_eOe-hGqK6-bRjj7DQYO_Y-oCu3MIoF2vYxLUbQbtu4I.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e7be846a8aebe6d18e3ec34183bf63ea02bb7308a05daf6312d46d06edbb82

Request headers

:path: /sites/itprotoday.com/files/js/js_eOe-hGqK6-bRjj7DQYO_Y-oCu3MIoF2vYxLUbQbtu4I.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:30 GMT
server: cloudflare
etag: W/"cc53-571ce4cdb2810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f598a96fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 js_2h17_kRDS97bAi9pF-W7es7DLWc108u3KeFxWQr035M.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 13 KB
3 KB 23ms
22ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_2h17_kRDS97bAi9pF-W7es7DLWc108u3KeFxWQr035M.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1d7bfe44434bdedb022f6917e5bb7acec32d6735d3cbb729e171590af4df93

Request headers

:path: /sites/itprotoday.com/files/js/js_2h17_kRDS97bAi9pF-W7es7DLWc108u3KeFxWQr035M.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Aug 2018 11:38:31 GMT
server: cloudflare
etag: W/"321f-57272402618b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f598b96fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 js_FloLC-L2hL--gn7qKaXXBNWxL6qI_-SL4q2_WBFL5X4.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 4 KB
769 B 25ms
24ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_FloLC-L2hL--gn7qKaXXBNWxL6qI_-SL4q2_WBFL5X4.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165a0b0be2f684bfbe827eea29a5d704d5b12faa88ffe48be2adbf58114be57e

Request headers

:path: /sites/itprotoday.com/files/js/js_FloLC-L2hL--gn7qKaXXBNWxL6qI_-SL4q2_WBFL5X4.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:30 GMT
server: cloudflare
etag: W/"1123-571ce4cde25b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f598c96fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H/1.1

200
OK

embed.js Show response
s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/
Redirect Chain

https://video.limelight.com/player/embed.js
https://s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/embed.js

18 KB
19 KB

678ms
166ms

Script
application/javascript

117.121.250.129
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/embed.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 117.121.250.129 , Australia, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-117-121-250-129.sin.llnw.net
Software: AmazonS3 /
Resource Hash: 6adc3ad1f545424f39187573000bdf0bd130e0147c3ab389f831189dba31ba8c

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Thu, 03 Sep 2015 19:13:26 GMT
Server: AmazonS3
Age: 21680072
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Length: 18765
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 154EA93102EBBE1C
x-amz-id-2: rsCCNlsrpscNlbEFdqGHLkBP0Y4ZJIkKWwQUnyPS/w9st5y3B09Al9Ck4KEH9dQZ/e63naDx4vs=
Expires: Thu, 20 Dec 2018 08:50:29 GMT

Redirect headers

Location: https://s.delvenetworks.com/deployments/embed-code/embed-code-1.6.1/embed.js
Date: Tue, 28 Aug 2018 07:05:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

combined.min.js Show response
embed.calculoid.com/scripts/1.3.0/
Redirect Chain

https://embed.calculoid.com/scripts/combined.min.js
https://embed.calculoid.com/scripts/1.3.0/combined.min.js

220 KB
71 KB

98ms
98ms

Script
application/javascript

149.56.155.167
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.calculoid.com/scripts/1.3.0/combined.min.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.155.167 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: canwww.easy.cz
Software: Apache /
Resource Hash: 1cee67d5be04d3b088873b1f748e35dc5891529fb5d0912e2627d75345ef37d6

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Last-Modified: Mon, 09 Jul 2018 15:55:01 GMT
Server: Apache
ETag: "61d21-37000-57093093c3f40"
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Tue, 28 Aug 2018 08:05:01 GMT

Redirect headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: https://embed.calculoid.com/scripts/1.3.0/combined.min.js
Cache-Control: max-age=3600
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 221
Expires: Tue, 28 Aug 2018 08:05:00 GMT

GET
H2 200 js_uk9tggR7LUt24uKijCBrSJ5qhPl8YykfBihM_uf9QrE.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 31 KB
7 KB 25ms
24ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_uk9tggR7LUt24uKijCBrSJ5qhPl8YykfBihM_uf9QrE.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4f6d82047b2d4b76e2e2a28c206b489e6a84f97c63291f06284cfee7fd42b1

Request headers

:path: /sites/itprotoday.com/files/js/js_uk9tggR7LUt24uKijCBrSJ5qhPl8YykfBihM_uf9QrE.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Aug 2018 10:42:28 GMT
server: cloudflare
etag: W/"7c8d-5727177afe7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f598e96fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 js_m0Qm7ZLBa0Us5bK_pvZ1T3hMtRZOtWiklopETCWH6Qk.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 9 KB
3 KB 23ms
22ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_m0Qm7ZLBa0Us5bK_pvZ1T3hMtRZOtWiklopETCWH6Qk.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4426ed92c16b452ce5b2bfa6f6754f784cb5164eb568a4968a444c2587e909

Request headers

:path: /sites/itprotoday.com/files/js/js_m0Qm7ZLBa0Us5bK_pvZ1T3hMtRZOtWiklopETCWH6Qk.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 07:56:07 GMT
server: cloudflare
etag: W/"246f-571ce360fe7d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f598f96fa-FRA
expires: Tue, 28 Aug 2018 09:10:32 GMT

GET
H2 200 js_2QLg0QavkHsRBi6FWUcTxM-mYPG7L5TNgt9uS3ypY4Q.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 43 KB
11 KB 25ms
24ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_2QLg0QavkHsRBi6FWUcTxM-mYPG7L5TNgt9uS3ypY4Q.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d902e0d106af907b11062e85594713c4cfa660f1bb2f94cd82df6e4b7ca96384

Request headers

:path: /sites/itprotoday.com/files/js/js_2QLg0QavkHsRBi6FWUcTxM-mYPG7L5TNgt9uS3ypY4Q.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:30 GMT
server: cloudflare
etag: W/"ad26-571ce4ce38898"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599096fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 js_mmcMVaZbdKDFKDxtPmgTNdMil5tHTx9Owt8s-N9H_1Y.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 70 KB
21 KB 25ms
23ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_mmcMVaZbdKDFKDxtPmgTNdMil5tHTx9Owt8s-N9H_1Y.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a670c55a65b74a0c5283c6d3e681335d322979b474f1f4ec2df2cf8df47ff56

Request headers

:path: /sites/itprotoday.com/files/js/js_mmcMVaZbdKDFKDxtPmgTNdMil5tHTx9Owt8s-N9H_1Y.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Aug 2018 10:22:11 GMT
server: cloudflare
etag: W/"118fd-57417a1d40da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599196fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 js_KIwLxGMqoJtHLuCU1tBsjwRtZcXqJAAPjkc5R7V3izE.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 11 KB
2 KB 24ms
23ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_KIwLxGMqoJtHLuCU1tBsjwRtZcXqJAAPjkc5R7V3izE.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288c0bc4632aa09b472ee094d6d06c8f046d65c5ea24000f8e473947b5778b31

Request headers

:path: /sites/itprotoday.com/files/js/js_KIwLxGMqoJtHLuCU1tBsjwRtZcXqJAAPjkc5R7V3izE.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:25 GMT
server: cloudflare
etag: W/"2ab3-571ce4c920180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599296fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 js_39wR4vuLCUZcIK_NsEhVLhl6834Dd3heLLFQ5DLVNsc.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 14 KB
4 KB 23ms
22ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_39wR4vuLCUZcIK_NsEhVLhl6834Dd3heLLFQ5DLVNsc.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfdc11e2fb8b09465c20afcdb048552e197af37e0377785e2cb150e432d536c7

Request headers

:path: /sites/itprotoday.com/files/js/js_39wR4vuLCUZcIK_NsEhVLhl6834Dd3heLLFQ5DLVNsc.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:51 GMT
server: cloudflare
etag: W/"38bf-571ce4e1bc630"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599396fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 ckeditor.js Show response
www.itprotoday.com/sites/all/modules/contrib/ckeditor/ckeditor/ 271 KB
82 KB 23ms
23ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/all/modules/contrib/ckeditor/ckeditor/ckeditor.js?pdx4eo
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed625eac0d6401941d0dc3cd4a5a511a25a9d7d73bfa1c1501d49c952ce5a4e1

Request headers

:path: /sites/all/modules/contrib/ckeditor/ckeditor/ckeditor.js?pdx4eo
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 20:00:26 GMT
server: cloudflare
etag: W/"43d9e-574702d2834f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599496fa-FRA
expires: Tue, 28 Aug 2018 09:48:16 GMT

GET
H2 200 js_hTvEvnr-CSP0ayePYXq_lDVR4Xlir2rUBDh7jP_21fI.js Show response
www.itprotoday.com/sites/itprotoday.com/files/js/ 4 KB
1 KB 21ms
21ms Script
text/javascript 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_hTvEvnr-CSP0ayePYXq_lDVR4Xlir2rUBDh7jP_21fI.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853bc4be7afe0923f46b278f617abf943551e17962af6ad404387b8cfff6d5f2

Request headers

:path: /sites/itprotoday.com/files/js/js_hTvEvnr-CSP0ayePYXq_lDVR4Xlir2rUBDh7jP_21fI.js
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Jul 2018 08:02:24 GMT
server: cloudflare
etag: W/"f2e-571ce4c807d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=10800
cf-ray: 4514ed4f599596fa-FRA
expires: Tue, 28 Aug 2018 09:40:53 GMT

GET
H2 200 iribbon-logo.gif
www.itprotoday.com/sites/all/themes/shared_static/buttons/ 2 KB
2 KB 10ms
10ms Image
image/gif 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/shared_static/buttons/iribbon-logo.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bd482cd3ec17583f25ad0819d1ccbcd0cdcb0fe26f8d87b7f30fd61b3dc640

Request headers

:path: /sites/all/themes/shared_static/buttons/iribbon-logo.gif
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Aug 2018 00:01:57 GMT
server: cloudflare
etag: "78b-574738ce092e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed525bbc96fa-FRA
content-length: 1931
expires: Tue, 11 Sep 2018 06:53:20 GMT

GET
H2 200 Pillar-Navigation.ttf
www.itprotoday.com/sites/all/themes/shared_fonts/ 2 KB
3 KB 10ms
10ms Font
application/octet-stream 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/all/themes/shared_fonts/Pillar-Navigation.ttf?l2ak72
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d2dd268e1387880b1ecef4901920cc027c519876caa402f4bc76c55ab9e115

Request headers

:path: /sites/all/themes/shared_fonts/Pillar-Navigation.ttf?l2ak72
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
origin: https://www.itprotoday.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 19:02:51 GMT
server: cloudflare
etag: "948-5746f5f35cad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed525bbd96fa-FRA
content-length: 2376
expires: Tue, 11 Sep 2018 06:53:20 GMT

GET
H2 200 Gotham-Light.otf
www.itprotoday.com/sites/all/themes/shared_fonts/ 123 KB
123 KB 9ms
9ms Font
application/vnd.oasis.opendocument.formula-template 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itprotoday.com/sites/all/themes/shared_fonts/Gotham-Light.otf
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170

Request headers

:path: /sites/all/themes/shared_fonts/Gotham-Light.otf
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
origin: https://www.itprotoday.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/sites/itprotoday.com/files/css/css_xPWtvrovKCk1baGjv1Ru6g1TqFala-g86spoWzxCo4U.css
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Aug 2018 00:01:58 GMT
server: cloudflare
etag: "1eb08-574738cf34026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed525bbe96fa-FRA
content-length: 125704
expires: Tue, 11 Sep 2018 06:53:20 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
embed.calculoid.com/font-awesome/ 63 KB
63 KB 370ms
92ms Font
application/octet-stream 149.56.155.167
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.calculoid.com/font-awesome/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.155.167 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: canwww.easy.cz
Software: Apache /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://embed.calculoid.com/styles/1.3.0/main.css
Origin: https://www.itprotoday.com

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Mon, 05 Jun 2017 10:38:06 GMT
Server: Apache
ETag: "61d1c-fbd0-55134192bbf80"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 64464
Keep-Alive: timeout=5, max=100
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
S 200 pubads_impl_242.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
64 KB 59ms
38ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

c4a1ef9deef1b5a9af2e75eccfce45a5ddb742aa92571e0d7b3a59230179cca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 15:21:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 65146
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 07:05:00 GMT

GET
S 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 16ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.itprotoday.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 52ms
52ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=1x1&scp=pos%3Dinterstitial_a%26gdpr_banner%3Don%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439900725&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=20&adk=1260181701&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=9&icsg=186&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x1624&msz=1585x21&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

81138af8c561541df314a4a9e88b655cf2ac72a3bce968e58b1c1e04b6b3148f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4854
x-xss-protection: 1; mode=block
google-lineitem-id: 4705739487
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239552356
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_242.js Show response
securepubads.g.doubleclick.net/gpt/ 43 KB
16 KB 40ms
40ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_242.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

0842c72db6cd686ecc8c527001f406cd31b564755d09d714123cae0a58620273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Aug 2018 15:21:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16713
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 07:05:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Sat, 17 Aug 2019 18:14:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
content-type: text/html

GET
H/1.1 200
OK satellite-58ec10b264746d32da004227.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 59 KB
7 KB 7ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b3e2a381253ac0ca3051d48f841207aff92743c36274cd8e158cc28fe5618d03

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "bcc3ebf1941ab1bc1f75eecbff51f395:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *, *
Content-Length: 6828
Expires: Tue, 28 Aug 2018 08:05:00 GMT

GET
S 200 6TR22Rr4.min.js Show response
scripts.demandbase.com/adobeanalytics/ 4 KB
5 KB 42ms
14ms Script
text/plain 13.32.98.89
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/adobeanalytics/6TR22Rr4.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.98.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-98-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baf050d685cb38b59d8108170868b9a71b786f9671fb1b3e57034573be0e78e6

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 26 Apr 2018 02:52:48 GMT
via: 1.1 db3e2331debe994e00e7743d027ca012.cloudfront.net (CloudFront)
last-modified: Mon, 08 Aug 2016 17:20:42 GMT
server: AmazonS3
age: 24787
etag: "46ac3e0d6d8f281edff557f560f8a75b"
x-cache: Hit from cloudfront
x-amz-version-id: LlYhgr0xWprJ85eqA6mAouIHOquFN10N
status: 200
accept-ranges: bytes
content-length: 4448
x-amz-cf-id: EbFvNske8XMki2ulJthokQwpSVxJKg8L0uc144AV1bLec_4a8ksMzQ==

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 442 B
832 B 87ms
57ms Script
application/javascript 13.32.98.97
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demandbase.com/api/v2/ip.json?key=b155ec5d50b5dcb41662f36b4d10a6f7702c87e6&callback=Dmdbase_CDC.callback
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.98.97 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-98-97.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 6e9c6774dbbb0025dae9ed72301d09153fd6d59bfcf58179042a31faee3419f1

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript;charset=utf-8
Via: 1.1 c882e2039e12421bb0728fbe184b7c4f.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Api-Version: v2
Request-ID: 84d100c3-de9e-4c73-91c9-3b28ee3cb85d
Content-Length: 256
X-Amz-Cf-Id: QOcqIuWyx7cuzDGRpRtEnXUZC5XTje3IZIFwefQRXcpeRdeS_RRvEQ==
Expires: Mon, 27 Aug 2018 07:05:00 GMT

GET
H/1.1 200
OK plugin.js Show response
plugin.mediavoice.com/ 306 KB
115 KB 26ms
6ms Script
application/javascript 104.111.241.136
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.136 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-136.deploy.static.akamaitechnologies.com
Software: nginx/1.13.5 /
Resource Hash: cc64f983295551ca94b188fdd2b1195a0b72609115d03a8dbd3231798a00b2f3

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 116729
Timing-Allow-Origin: *
Last-Modified: Tue, 21 Aug 2018 20:43:56 GMT
Server: nginx/1.13.5
ETag: W/"5b7c798c-4c93f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
X-Varnish: 1745181006 1745078546
Access-Control-Allow-Origin: *
Cache-Control: max-age=5937
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Tue, 28 Aug 2018 08:43:57 GMT

GET
S 200 init-328cl2pmwdiu41uvygf.js Show response
api.b2c.com/api/ Frame 657C 12 KB
5 KB 622ms
265ms Script
text/javascript 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: d0554b64f545870f0a5683ecb0ed32795df21576e14aa6b7f281c78d88bc207f

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
S 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 657C 4 KB
2 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3504d4f9bc38321c107a5eb7c233bc61f11402582bf1a74f0d033745d10ec47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 06:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Aug 2018 15:01:06 GMT
server: sffe
age: 3231
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2167
x-xss-protection: 1; mode=block
expires: Tue, 28 Aug 2018 07:11:09 GMT

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 657C 94 KB
33 KB 29ms
6ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-1787d"
Vary: Accept-Encoding
X-HW: 1535439900.dop015.fr8.t,1535439900.cds007.fr8.shn,1535439900.cds007.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33357

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/ Frame 657C 72 KB
26 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

872e1d8cec45e7f42f4ed80e957faa8ab0966c812a3c52d9a64e58f0e546c27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 25 Aug 2018 01:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26623
x-xss-protection: 1; mode=block
server: cafe
etag: 12965418820029497387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Sep 2018 01:11:39 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 657C 258 KB
80 KB 36ms
6ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10a7711c82e85a368aae8b9e3803b9023fe9fe615f65c4fc46ed86074979351f

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Aug 2018 16:47:23 GMT
Server: AmazonS3
x-amz-request-id: AB9AC9FCA3D02FF0
ETag: "2d8601554832a0e42eac0c9f7dc7b7f1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81284
x-amz-id-2: Va64DHDYcV/7wBGFN3+niY8e7xTVvoBs0roCLRRPPfIspItIBH19KTGuXQKvlMivWJDqNPXGZP8=

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
26 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d35f8025aee4ca8ca59548d72f24d22d62b270b046102e6b258140959a18e111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 06:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26571
x-xss-protection: 1; mode=block
server: cafe
etag: 8270655271282585114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 07:39:01 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 657C 0
281 B 30ms
29ms Image
text/html 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1C5tpJGfDOFb4DifmrENK_7i1KRX4uO5wi3AcDF6vSIvVBR6Z3zHIXto_KQkKMmZ63cW4MjbB91AMhOGx5QLEUC8sz5FyDGdTjtLyQXbN2b5Vke0LieOO2ueIReAxGK2u0rKQCXNf1A7mCPEKwIOTi1wskVOLS8fdvEhMC8TMgl7kTsqs23mb18NJNcBUBrmrxRGcC8wvcWMmFwM66oUiAomns3kUHrho0eqxvQ-K-0_KotuEGuPOtXgRT0_JkHn4ir_BwWvWigtbzYjkyCQC8ZSlQyUDQUC4m-H-uyRmmal8lO7W9mVomGHJ&sai=AMfl-YTDHDFXWhYQsS_HxZPCmUXT42cn8GuvdRrrsGx-lo1oHL54dHCMIHEbPs1o0x7deRZRNKtTaPcB0zAu0y2dP9GdwZ7-my6NVveJ9BHMRA&sig=Cg0ArKJSzJ5PKlme-9BCEAE&urlfix=1&adurl=
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: private
expires: Tue, 28 Aug 2018 07:05:00 GMT

GET
S 200 impl_v44.js Show response
www.googletagservices.com/dcm/ Frame 657C 21 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v44.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfeab465f1b4a317245e695c45231ef3d3e5d049a34e2b7ec1fc3918da04ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 Aug 2018 13:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Aug 2018 13:14:26 GMT
server: sffe
age: 496037
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9072
x-xss-protection: 1; mode=block
expires: Thu, 22 Aug 2019 13:17:43 GMT

GET
H2 200 B20654036.213045717;dc_ver=44.116;dc_eid=40004001;sz=640x480;osdl=1;u_sd=1;dc_adk=1633445572;ord=zn6knv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssVAi8PUJBRNpAs7M_A-...
ad.doubleclick.net/ddm/adi/N410401.3165372ITPROTODAY/ Frame CCE8 0
0 56ms
32ms Document
text/html 172.217.23.134
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N410401.3165372ITPROTODAY/B20654036.213045717;dc_ver=44.116;dc_eid=40004001;sz=640x480;osdl=1;u_sd=1;dc_adk=1633445572;ord=zn6knv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssVAi8PUJBRNpAs7M_A-IPijI9MTcymbgWVNqwJhh0S0fnEOzEIbOeJQcbgYcPTLx83NW28z7dC7CMpHCre9arAXyH4RPxfEugFdmyT8FMOO-IZbCIu4VDgFWWWWpMwOHwEuSkTN_IwTcuBgemnaQ-855uCiv5ZcucG3tND7NIX1jC10ftBrVpcDceKOZtgrMGD5FVpDTQ5I3uEobQh_Y1ycyGR0al2alGrbFD_F6GizLET6iLmxvwNdhcdU8devZr7f8DlaqdDHbuAxtpaFSelJbOazRHeMw%26sai%3DAMfl-YQBauSZD0FDNgSWqx1u_-Ro5dLpXs_yxnxQRXWBUHSSFnS2Z1WkqpqUP6DMtq3Vk6h1m1w-SfJWlFBg89uqimxrteldSqq2f0ieprQJGg%26sig%3DCg0ArKJSzKWfmnEm8i9tEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz$0;xdt=0;crlt=RxO0msQYrr;osda=2;sttr=46;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v44.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.23.134 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N410401.3165372ITPROTODAY/B20654036.213045717;dc_ver=44.116;dc_eid=40004001;sz=640x480;osdl=1;u_sd=1;dc_adk=1633445572;ord=zn6knv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssVAi8PUJBRNpAs7M_A-IPijI9MTcymbgWVNqwJhh0S0fnEOzEIbOeJQcbgYcPTLx83NW28z7dC7CMpHCre9arAXyH4RPxfEugFdmyT8FMOO-IZbCIu4VDgFWWWWpMwOHwEuSkTN_IwTcuBgemnaQ-855uCiv5ZcucG3tND7NIX1jC10ftBrVpcDceKOZtgrMGD5FVpDTQ5I3uEobQh_Y1ycyGR0al2alGrbFD_F6GizLET6iLmxvwNdhcdU8devZr7f8DlaqdDHbuAxtpaFSelJbOazRHeMw%26sai%3DAMfl-YQBauSZD0FDNgSWqx1u_-Ro5dLpXs_yxnxQRXWBUHSSFnS2Z1WkqpqUP6DMtq3Vk6h1m1w-SfJWlFBg89uqimxrteldSqq2f0ieprQJGg%26sig%3DCg0ArKJSzKWfmnEm8i9tEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz$0;xdt=0;crlt=RxO0msQYrr;osda=2;sttr=46;prcl=s?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUmrIlRy6P750eTLOqHLLu0zg_tTko1H7BijrxkXGvA1sh-f0HP0EXn8uH_F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2754DD8A222EBD6258F1EA7CAB7F20E7
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 28 Aug 2018 07:05:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7843
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ Frame 657C 71 KB
0 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v44.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d35f8025aee4ca8ca59548d72f24d22d62b270b046102e6b258140959a18e111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Tue, 28 Aug 2018 06:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26571
x-xss-protection: 1; mode=block
server: cafe
etag: 8270655271282585114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Aug 2018 07:39:01 GMT

GET
H2 200 footer.png
www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/ Frame 657C 17 KB
0 22ms
20ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/footer.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599fbcf0afb3cb15a84b5f40ef05cca6bfb7251c86e5a9cee75b9864cb549dd7

Request headers

:path: /sites/all/themes/penton_subtheme_itprotoday/images/logos/footer.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Aug 2018 06:01:33 GMT
server: cloudflare
etag: "4342-5747892eb7843"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed4f598896fa-FRA
content-length: 17218
expires: Tue, 11 Sep 2018 06:40:53 GMT

GET
H2 200 ContentPillar_Welcome_1200.png
www.itprotoday.com/sites/all/themes/penton_core_theme/images/ Frame 657C 177 KB
177 KB 11ms
9ms Image
image/png 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.itprotoday.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7ef3470790333dc1242956969a7e5715e36b073c41bf5bb7b971244dc37d4d

Request headers

:path: /sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900; has_js=1; _sdsat_landing_page=https://www.itprotoday.com/management-mobility/what-mimikatz|1535439900748; _sdsat_session_count=1; _sdsat_lt_pages_viewed=1; _sdsat_pages_viewed=1; _sdsat_traffic_source=; __gads=ID=ae61e5d6d8776de4:T=1535439900:S=ALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.itprotoday.com
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:scheme: https
:method: GET
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:00 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Aug 2018 21:01:36 GMT
server: cloudflare
etag: "2c2b8-5747107f11ba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4514ed546d2c96fa-FRA
content-length: 180920
expires: Tue, 11 Sep 2018 07:02:46 GMT

GET
DATA 200
OK truncated
/ Frame 657C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4abec3c8d11c31dbfbdedb567c796b0451d91ebd08420e49eb891403666f3ce6

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 22ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1535439900936&de=989603483111&m=0&ar=763aa27-clean&q=2&cb=0&cu=1535439900936&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&zMoatPS=interstitial_a&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&bo=298588227&bp=21625748602&bd=interstitial_a&dfp=0%2C1&la=21625748602&gw=pentonmedia53440730609&fd=1&ac=1&it=500&fs=150929&na=656333544&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:00 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:00 GMT

GET
H/1.1 200
OK ad.gif
api-34-220-197-142.b2c.com/api/ Frame 657C 43 B
233 B 573ms
192ms Image
image/gif 2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-197-142.b2c.com/api/ad.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK satellite-5a14712764746d07f700b8a5.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 364 B
673 B 6ms
5ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-5a14712764746d07f700b8a5.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 96151be6cbc7cbdbcf91515521728afe3411b3435e412d28cd42b542a5f5d9f0

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "16fad7687583c85bc05b0c39a8820950:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 231
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
H/1.1 200
OK satellite-5b58aa9964746d1e960031bc.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 824 B
859 B 12ms
6ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-5b58aa9964746d1e960031bc.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 001bd9ccfa1e62b2fcfc16e5a7a7652dfcf2299ed3f9db1d0e321f4aa352c895

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "da4279b3ba4a6c45354e1cb0dfb9fa6f:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 417
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
S 200 init-315re7h65uhsyo963dv.js Show response
api.b2c.com/api/ 12 KB
5 KB 226ms
225ms Script
text/javascript 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-315re7h65uhsyo963dv.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 51dd2084e7051ecd88a585abf0c85afaa94be1ec1e82f0bed1edf2db9c917ae3

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
S 200 cc_af.js Show response
tags.crwdcntrl.net/c/7499/ 54 KB
13 KB 239ms
219ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/7499/cc_af.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash: f4a3128164a85904d143a851bc4afc99129da1815e5eef8df5c15ff4b82d6f69

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
last-modified: Wed, 23 May 2018 20:28:52 GMT
server: ECS (fcn/40EB)
etag: "5b05cf04-d9f4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 13062
expires: Wed, 29 Aug 2018 07:05:01 GMT

GET
H/1.1 200
OK satellite-59542e6064746d0203003b0e.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 219 B
625 B 18ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-59542e6064746d0203003b0e.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c2cff65c8da08bb1c87cb9acebbf4f632925ea9b46cd61cd12f575e7d95725c5

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "b6b50ffe269e723a6771037705f83525:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 183
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
H/1.1 200
OK satellite-5948766b64746d451600be93.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 359 B
656 B 17ms
6ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-5948766b64746d451600be93.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 41b9806cbf47d18fe7dd27095a3c86d5aa0fd9f565dd7ea5c1486c11680df6df

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "60a8ba8a1ca57170396e11bca91bf091:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 214
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
H/1.1 200
OK satellite-58ec10b264746d32da0042b5.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/ 113 B
590 B 16ms
6ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da0042b5.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1181fc2363ddeb7e8bc12098cdd930ab584f4857bf230aa09f0cac4fa4edc766

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "f1ecaf1e899b4900092d179ead232837:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *, *
Content-Length: 124
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
S 200 cc.js Show response
tags.crwdcntrl.net/c/11926/ 35 KB
10 KB 27ms
8ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/11926/cc.js?ns=_cc11926
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418C) /
Resource Hash: 0ac78725a5d1872849bd2d0e7f9a538a8a94ea12f41d573ef1270c7864c1987a

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
last-modified: Mon, 20 Aug 2018 17:30:07 GMT
server: ECS (fcn/418C)
etag: "5b7afa9f-8b09+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 10313
expires: Wed, 29 Aug 2018 07:05:01 GMT

GET
S 200 analytics.js Show response
ssl.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 6374
date: Tue, 28 Aug 2018 05:18:47 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 28 Aug 2018 07:18:47 GMT

GET
H/1.1 200
OK s-code-contents-e8d756d1795ab39711132ecc9601b315630c8d70.js Show response
assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/ 34 KB
13 KB 15ms
9ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/s-code-contents-e8d756d1795ab39711132ecc9601b315630c8d70.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/satelliteLib-48191dfa1509ee2d203e3f6eb4bc8a3de3320ce9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6f6d66459cdaf4ccd8b6a49546f78a77215acef509b0c771738e5c93ddfc2e9

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Aug 2018 20:22:55 GMT
Server: Apache
ETag: "ac82a81e88b9df1be1b1053ef751f92e:1535055775"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 13207
Expires: Tue, 28 Aug 2018 08:05:01 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=1&qs=1&ak=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN410401.3165372ITPROTODAY%2FB20654036.213045717%3Bdc_ver%3D44.116%3Bdc_eid%3D40004001%3Bsz%3D640x480%3Bosdl%3D1%3Bu_sd%3D1%3Bdc_adk%3D1633445572%3Bord%3Dzn6knv%3Bclick%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%253Fxai%253DAKAOjssVAi8PUJBRNpAs7M_A-IPijI9MTcymbgWVNqwJhh0S0fnEOzEIbOeJQcbgYcPTLx83NW28z7dC7CMpHCre9arAXyH4RPxfEugFdmyT8FMOO-IZbCIu4VDgFWWWWpMwOHwEuSkTN_IwTcuBgemnaQ-855uCiv5ZcucG3tND7NIX1jC10ftBrVpcDceKOZtgrMGD5FVpDTQ5I3uEobQh_Y1ycyGR0al2alGrbFD_F6GizLET6iLmxvwNdhcdU8devZr7f8DlaqdDHbuAxtpaFSelJbOazRHeMw%2526sai%253DAMfl-YQBauSZD0FDNgSWqx1u_-Ro5dLpXs_yxnxQRXWBUHSSFnS2Z1WkqpqUP6DMtq3Vk6h1m1w-SfJWlFBg89uqimxrteldSqq2f0ieprQJGg%2526sig%253DCg0ArKJSzKWfmnEm8i9tEAE%2526urlfix%253D1%2526adurl%253D%3Bdc_rfl%3D1%2Chttps%253A%252F%252Fwww.itprotoday.com%252Fmanagement-mobility%252Fwhat-mimikatz%240%3Bxdt%3D0%3Bcrlt%3DRxO0msQYrr%3Bosda%3D2%3Bsttr%3D46%3Bprcl%3Ds%3F&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=736&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=1983&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=148&an=0&gf=148&gg=0&ix=148&ic=148&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=148&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=296&cd=0&ah=296&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=1335204709&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:01 GMT

GET
H/1.1

200
OK

Cookie set s09293117629996
smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/
Redirect Chain

https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200&D=D%3D&fid=14FE23D12CAC9DCF-1556DA478C3E537C&ce=U...
https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&pccr=true&vidn=2DC27A0E853167D3-400001208000A608&&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200...

43 B
743 B

25ms
24ms

Image
image/gif

172.82.225.132
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&pccr=true&vidn=2DC27A0E853167D3-400001208000A608&&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200&D=D%3D&fid=14FE23D12CAC9DCF-1556DA478C3E537C&ce=UTF-8&pageName=article%3AWhat%20is%20Mimikatz&g=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&c.&s_dmdbase=ISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visito%3ABot%3AISP%20Visitor&s_dmdbase_custom=Basic%3AISP%20Visitor%3Atrue%3AISP%20Visitor%3AISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor&.c&cc=USD&ch=management%20%26%20mobility&events=event18&c4=john%20savill&c6=article&c8=1_of_10&c9=management%20%26%20mobility&c10=sep%2013%2C%202016&c11=8c1d9d0b-a985-4ca5-83a9-40d4816849e0&v11=3%3A05%20AM%7CTuesday&c13=unreg&v13=article&c16=anonymous&v16=D%3Ds_vi&c26=public&v46=visible&v69=pentonwinnet%2Ccapability&v71=1535439901694&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.82.225.132 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

itprotoday.com.ssl.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: smetrics.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900; __gads=ID=ae61e5d6d8776de4:T=1535439900:S=ALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ; dmdbase_cdc=DBSET; s_fid=14FE23D12CAC9DCF-1556DA478C3E537C; s_cc=true; _ga=GA1.2.1533519902.1535439901; _gid=GA1.2.2136056222.1535439902; _gat=1; s_vi=[CS]v1|2DC27A0E853167D3-400001208000A608[CE]
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.4.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 29 Aug 2018 07:05:01 GMT
Server: Omniture DC
xserver: www286
ETag: "3297332079971336192-6415449321054973420"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2DC27A0E853167D3-400001208000A608[CE]; Expires=Thu, 27 Aug 2020 07:05:01 GMT; Domain=itprotoday.com; Path=/
Keep-Alive: timeout=15
Expires: Mon, 27 Aug 2018 07:05:01 GMT

Redirect headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.4.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 29 Aug 2018 07:05:01 GMT
Server: Omniture DC/2.0.0
xserver: www204
Location: https://smetrics.itprotoday.com/b/ss/pentonwinnet,pentonpisces/1/JS-2.9.0-D7QN/s09293117629996?AQB=1&pccr=true&vidn=2DC27A0E853167D3-400001208000A608&&ndh=1&pf=1&t=28%2F7%2F2018%207%3A5%3A1%202%200&D=D%3D&fid=14FE23D12CAC9DCF-1556DA478C3E537C&ce=UTF-8&pageName=article%3AWhat%20is%20Mimikatz&g=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&c.&s_dmdbase=ISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visito%3ABot%3AISP%20Visitor&s_dmdbase_custom=Basic%3AISP%20Visitor%3Atrue%3AISP%20Visitor%3AISP%20Visito%3AISP%20Visitor%3AISP%20Visitor%3AISP%20Visitor&.c&cc=USD&ch=management%20%26%20mobility&events=event18&c4=john%20savill&c6=article&c8=1_of_10&c9=management%20%26%20mobility&c10=sep%2013%2C%202016&c11=8c1d9d0b-a985-4ca5-83a9-40d4816849e0&v11=3%3A05%20AM%7CTuesday&c13=unreg&v13=article&c16=anonymous&v16=D%3Ds_vi&c26=public&v46=visible&v69=pentonwinnet%2Ccapability&v71=1535439901694&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2DC27A0E853167D3-400001208000A608[CE]; Expires=Thu, 27 Aug 2020 07:05:01 GMT; Domain=itprotoday.com; Path=/
Keep-Alive: timeout=15
Expires: Mon, 27 Aug 2018 07:05:01 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1816148227&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&ul=en-us&de=UTF-8&dt=What%20is%20Mimik...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_gid=2136056222.1535439902&gjid=493620821&_v=j68&z=1621594575
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575&slf_rd=1&random=233294351

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575&slf_rd=1&random=233294351

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15396830-1&cid=1533519902.1535439901&jid=1103125043&_v=j68&z=1621594575&slf_rd=1&random=233294351
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1816148227&t=pageview&_s=2&dl=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dp=%2Fmanagement-mobility%2Fwhat-mimikatz&ul=en-us&de=UTF-8&dt=What%20is%20Mimikatz%20%7C%20IT%20Pro&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAAAB~&jid=&gjid=&cid=1533519902.1535439901&tid=UA-15396830-1&_gid=2136056222.1535439902&cd2=john%20savill&cd3=1_of_10&cd4=&cd5=&cd6=sep%2013%2C%202016&cd7=management%20%26%20mobility&cd9=article&cd10=unreg&cd11=public&cd12=&cd13=anonymous&cd14=&cd1=article%3Awhat%20is%20mimikatz&cd8=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&cd15=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_13_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F67.0.3396.87%20safari%2F537.36&cd16=article&z=688023641

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 17:07:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 914253
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moatcontent.js Show response
z.moatads.com/pentoncontent20495821/ 165 KB
54 KB 10ms
9ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentoncontent20495821/moatcontent.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 101801a7a8f6809143b714588e2c49dfd2fae930433c24a57b27eb5aa32df1f3

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 18:26:02 GMT
Server: AmazonS3
x-amz-request-id: CC1E7764F2C3A04E
ETag: "6d5b0c61568352e558f88b7023fc5495"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54826
x-amz-id-2: CKZ25dnq38JrUXtcLMoB/1UtRH0EaLmCOnjxOC5KSf3ieVz47o3ddSv+wSBI0IFgMvKzqyAYwhE=

GET
H/1.1 200
OK z.gif
og3i93vzhywk-a.akamaihd.net/ 43 B
409 B 33ms
6ms Image
image/gif 2.16.186.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://og3i93vzhywk-a.akamaihd.net/z.gif?e=17&d=itprotoday.com%3AWhat%20is%20Mimikatz%3A__page__%3A-&de=485739441509&t=1535439901713&i=PENTONCONTENT1&cm=1&mp=1&ac=1&pl=1&bq=10&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-57.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:01 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&d=itprotoday.com%3AWhat%20is%20Mimikatz%3A__page__%3A-&de=485739441509&t=1535439901713&i=PENTONCONTENT1&cm=1&mp=0&ac=1&pl=1&bq=10&ad_type=img&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:01 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:01 GMT

GET
H/1.1 200
OK ad.gif
api-34-220-197-142.b2c.com/api/ 43 B
233 B 453ms
176ms Image
image/gif 2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-197-142.b2c.com/api/ad.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 484 KB
69 KB 58ms
12ms Script
application/x-javascript 13.32.98.174
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.98.174 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-98-174.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d7581d4d5355a53145dc63954d4ef6a9ff0e14e608709687b319dac83748ce7

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 27 Aug 2018 18:50:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Aug 2018 18:50:15 GMT
Server: AmazonS3
Age: 44079
ETag: "370001aaa139b2d3f3425798d36862e1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69919
X-Amz-Cf-Id: 7r4SAQ_Y-ijH9TwCSTHA9zone-9PudqHu7w20O8-0DGuBviWdyoyuQ==

GET
H/1.1 429
0008 Call Quota Exceeded IG9XCJ6YPmfqy4zQgTVKDLP
protect-us.mimecast.com/s/ 0
0 589ms
123ms Script
text/plain 207.211.31.106
Navisite

General

Check archive.org

Show headers Download Go to

Full URL: https://protect-us.mimecast.com/s/IG9XCJ6YPmfqy4zQgTVKDLP?domain=ml314.com2872018
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.211.31.106 , United States, ASN14135 (NAVISITE-EAST-2 - Navisite, Inc., US),
Reverse DNS: service151-us.mimecast.com
Software: /
Resource Hash

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 03:05:02 -0400
x-mc-reasonphrase: 0008 Call Quota Exceeded
Connection: Close
Content-Length: 17
Content-MD5: 014a342f7f60eef4a7433d007a78819b
Content-Type: */*

GET
H2 200 80366 Show response
www.itprotoday.com/ajax/get-comments-count/ 3 B
275 B 798ms
798ms XHR
application/json 2400:cb00:2048:1::6811:3e57
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itprotoday.com/ajax/get-comments-count/80366

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_KUtWmy_QP6atnDjXwpDAH183eelDuv-2PY5ksEFKvNQ.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6811:3e57 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/5.6.36

Resource Hash

98089e6d36f78e9766c9ea34d5acb3611f3a92cd81c5eb102095d924ffc7d08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /ajax/get-comments-count/80366
pragma: no-cache
cookie: __cfduid=d3eb5a4c42ab0d7d04cb790355b0f2bec1535439900; has_js=1; _sdsat_landing_page=https://www.itprotoday.com/management-mobility/what-mimikatz|1535439900748; _sdsat_session_count=1; _sdsat_lt_pages_viewed=1; _sdsat_pages_viewed=1; _sdsat_traffic_source=; __gads=ID=ae61e5d6d8776de4:T=1535439900:S=ALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ; dmdbase_cdc=DBSET; _sdsat_pageName=What is Mimikatz; s_fid=14FE23D12CAC9DCF-1556DA478C3E537C; s_cc=true; _ga=GA1.2.1533519902.1535439901; _gid=GA1.2.2136056222.1535439902; _gat=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.itprotoday.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.itprotoday.com/management-mobility/what-mimikatz
:method: GET
Accept: */*
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-powered-by: PHP/5.6.36
status: 200
content-type: application/json
content-length: 3
x-ua-compatible: IE=edge,chrome=1
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
content-language: en
cache-control: public, max-age=10800
cf-ray: 4514ed5a18ec96fa-FRA
x-drupal-cache: MISS
expires: Tue, 28 Aug 2018 07:15:02 GMT

GET
H/1.1 200
OK pinit.js Show response
assets.pinterest.com/js/ 355 B
701 B 27ms
6ms Script
application/javascript 2600:1480:3000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js?_=1535439900576
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_KUtWmy_QP6atnDjXwpDAH183eelDuv-2PY5ksEFKvNQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1480:3000:41:: , United States, ASN33905 (AKAMAI-AMS, US),
Reverse DNS
Software: /
Resource Hash: 31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
X-CDN: akamai
ETag: "931070e36fce60f2d86c78abe608ca38"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=269
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286
Access-Control-Expose-Headers: X-CDN

GET
S 200 njq2hxj.js Show response
use.typekit.net/ 19 KB
8 KB 21ms
6ms Script
text/javascript 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/njq2hxj.js

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/sites/itprotoday.com/files/js/js_mmcMVaZbdKDFKDxtPmgTNdMil5tHTx9Owt8s-N9H_1Y.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

79d474e185d860f49725b00f9334b2c1e1d3f5211d3f3e53040a7c8c8f2df5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200, 200 OK
date: Tue, 28 Aug 2018 07:05:01 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7554

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
312 B 44ms
44ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=1x1&scp=pos%3Dadhesion%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439901832&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2015&adk=1900196213&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=57&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

391d46a5a9d2383fd012f445101aa5c432e856f6f49293d9e4c5dc05efb7c792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 226
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
301 B 50ms
50ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=1x1&scp=pos%3Dfootnote%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous%26gdpr_banner%3Don&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439901840&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2036&adk=195521273&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=57&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

8f1f3daea9ee20bcf5705bf0c9db05ac43a29a5b2c2cf3830d09c076446ad7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 226
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 329 B
308 B 51ms
51ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=1x1&ists=1&scp=pos%3Doop_a%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous%26gdpr_banner%3Don&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439901846&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2057&adk=3432553926&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=57&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

40593a6bb4475cfe0e40946f44b57a46dafca8ac26ae21a0aca2d42d9829b4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 230
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
5 KB 228ms
228ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=300x250&scp=pos%3D300_1_lft%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439901853&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=354&ady=538&adk=1567189037&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=57&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

0f8b93eb848a04359fb96b0dfc67fe8376ddc70b809e09f3acd24c0c89fbc3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 5056
x-xss-protection: 1; mode=block
google-lineitem-id: 4683765308
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234324799
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 316 B
305 B 239ms
238ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=1x1&ists=1&scp=pos%3Dwrap%26combo%3Dwrap%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439901859&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=2078&adk=3376189922&gut=v2&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=57&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

ee8c01493285d346f8278ae0ff01633abd39e181d0c1106076d9cb2f6d9fd50a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 227
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST penton-legal-comm-get-message
www.itprotoday.com/ajax/ 0
0

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
65 B 56ms
12ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=1&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=20861&d=www.itprotoday.com&l=Home+Left+Sidebar+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=%23penton_recent_content_block+%3E+aside+%3E+article%3Aeq(1)&pepm=gdpr-eu&pepc=n&mepc=1&t=atx&parcid=2931b&parid=60070&parin=1&_=1535439900838
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5b0be12336-FRA

GET
S 200 ads Show response
pubads.g.doubleclick.net/gampad/ 322 B
310 B 236ms
234ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22405753523956105722_1535439900839&gdfp_req=1&correlator=1339882150736726&output=json_html&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=2x2&gut=v2&ifi=1&json_a=1&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&prev_scp=ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous%26pos%3Dnativekey_1_lft&iu_parts=3834%2Citprotoday.home%2Carticle%2Cmanagement_mobility&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&impl=fifs&_=1535439900840

Requested by

Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

c6dd058543ca147289230fb4d3749fc7b7e62530d79cc0147e8018b46feb2aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 233
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
66 B 82ms
41ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=2&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=aa033&d=www.itprotoday.com&l=Home+Left+Sidebar+2&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=%23penton_recent_content_block+%3E+aside+%3E+article%3Aeq(2)&pepm=gdpr-eu&pepc=n&mepc=1&t=atx&parcid=8d782&parid=204f9&parin=1&_=1535439900841
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5b0be32336-FRA

GET
S 200 ads Show response
pubads.g.doubleclick.net/gampad/ 335 B
316 B 223ms
223ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22405753523956105722_1535439900842&gdfp_req=1&correlator=1339882150736726&output=json_html&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=2x2&gut=v2&ifi=2&json_a=1&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&prev_scp=ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous%26pos%3Dnativekey_2_lft&iu_parts=3834%2Citprotoday.home%2Carticle%2Cmanagement_mobility&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&impl=fifs&_=1535439900843

Requested by

Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

78e5bf76280c3cd0c1c490211575819486da3bb92389f86e8919d91e3fbba054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 239
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
66 B 53ms
14ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=3&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=87c0e&d=www.itprotoday.com&l=Article+Inline+Related+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=.article-content+%3E+p%3Aeq(2)&pepm=gdpr-eu&pepc=n&mepc=1&t=atx&parcid=6e136&parid=ba6d9&parin=1&_=1535439900844
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5b0be42336-FRA

GET
S 200 ads Show response
pubads.g.doubleclick.net/gampad/ 335 B
316 B 238ms
238ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22405753523956105722_1535439900845&gdfp_req=1&correlator=1339882150736726&output=json_html&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=2x2&gut=v2&ifi=3&json_a=1&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&prev_scp=pos%3Dnativekey_13_1%26ptype%3Darticle%26pterm%3Dmanagement_mobility%26sterm%3D%26program%3D%26nid%3D80366%26author%3Djohn_savill%26content%3D%26reg%3Danonymous&iu_parts=3834%2Citprotoday.home%2Carticle%2Cmanagement_mobility&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&impl=fifs&_=1535439900846

Requested by

Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

c3e284361322b6e49157e26d6e3619693542192ac81eb7dd20eaefd8eba5eb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 240
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
591 B 48ms
11ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=4&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=60a19&d=www.itprotoday.com&l=Article+Related+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=.related-articles-wrapper+%3E+a%3Aeq(1)&pepm=gdpr-eu&pepc=n&mepc=1&t=atx&parcid=f9bd1&parid=e29d5&parin=1&_=1535439900847
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5b0be22336-FRA

GET
S 200 ads Show response
pubads.g.doubleclick.net/gampad/ 335 B
317 B 245ms
245ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22405753523956105722_1535439900848&gdfp_req=1&correlator=1339882150736726&output=json_html&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=2x2&gut=v2&ifi=4&json_a=1&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&prev_scp=pos%3Dnativekey_12_1%26ptype%3Darticle%26pterm%3Dmanagement_mobility%26sterm%3D%26program%3D%26nid%3D80366%26author%3Djohn_savill%26content%3D%26reg%3Danonymous&iu_parts=3834%2Citprotoday.home%2Carticle%2Cmanagement_mobility&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&impl=fifs&_=1535439900849

Requested by

Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

a73c1a22aaba1908b9ec1e721340ed52b0189317c458154032148f640b978460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 241
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 25ms
7ms Script
application/x-javascript 104.111.238.191
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.238.191 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-238-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 19 Jul 2018 18:05:34 GMT
ETag: "f19be4168b1fd41:0"
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: no-cache, no-store
Date: Tue, 28 Aug 2018 07:05:01 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2118
Expires: Tue, 28 Aug 2018 07:05:01 GMT

GET
H/1.1

302
Moved Temporarily

4 Show response
api-34-220-197-142.b2c.com/api/ Frame 657C
Redirect Chain

https://api-34-220-197-142.b2c.com/api/x?cSxbfZYliJF6qOP6$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHR...
https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6

0
-1 B

549ms
183ms

XHR
text/html

2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Location: https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

Redirect headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Location: https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
S 200 l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/ 32 KB
32 KB 18ms
6ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/njq2hxj.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
server: nginx
etag: "5b1424bf708a1baf048831772af7891cda52e1e0"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 32980

GET
S 200 l
use.typekit.net/af/29352b/00000000000000003b9aefb9/27/ 33 KB
33 KB 30ms
18ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/29352b/00000000000000003b9aefb9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/njq2hxj.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
server: nginx
etag: "41bd63e072fcddb931e4f5c670a122a6ae75b1a8"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 34024

GET
S 200 l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ 31 KB
31 KB 23ms
12ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/njq2hxj.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
server: nginx
etag: "625d31c6ff36363142e14c9d9cf9f2747ce3803a"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 31984

GET
S 200 l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ 33 KB
33 KB 28ms
16ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/njq2hxj.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
server: nginx
etag: "0a37e0f13f84c73347be23130bb6d2063bc1d8a8"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 33796

GET
S 200 l
use.typekit.net/af/13a799/00000000000000003b9adee3/27/ 18 KB
18 KB 30ms
19ms Font
application/font-woff2 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/13a799/00000000000000003b9adee3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/njq2hxj.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f7d3a5e83ab0db74bd9ce3800f7e2b57083a45d72048eb0a1ec59ea71d5d1c7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
server: nginx
etag: "92db5ca13edfead8cacb9b7663621adc030e2d76"
status: 200, 200 OK
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=8640000
timing-allow-origin: *
content-length: 18560

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 169ms
169ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=970x90%7C728x90&scp=pos%3D728_1_a%26combo%3Dwrap%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439902109&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=793&ady=197&adk=1049759338&gut=v2&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=61&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

9edf7e644e12112fb314122d043c6d731610c7a9cb3a04af8a5cbefd7b682f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4941
x-xss-protection: 1; mode=block
google-lineitem-id: 4764317265
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241720067
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 312ms
312ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3583198115312520&correlator=1339882150736726&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&adsid=NT&eid=21061764%2C21062389&vrg=242&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&sz=300x250%7C300x600&scp=pos%3D300_1_rht%26article_number%3D1%26ptype%3DArticle%26nid%3D80366%26pterm%3Dmanagement_mobility%26author%3Djohn_savill%26reg%3Danonymous&cookie=ID%3Dae61e5d6d8776de4%3AT%3D1535439900%3AS%3DALNI_MZ0HXceyIwuH4SjA09lnVCWbiATGQ&cookie_enabled=1&bc=7&abxe=1&lmt=1535417358&dt=1535439902114&dlt=1535439900037&idt=662&frm=20&biw=1585&bih=1200&oid=3&adx=1348&ady=834&adk=522332222&gut=v2&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&dssz=61&icsg=4129833386769408&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1533519902.1535439901&ga_sid=1535439901&ga_hid=1816148227

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

702ccff51d8e340e1a1988ee698fce8ff57809537ed1fbc0e2e7cfe774ee637d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4963
x-xss-protection: 1; mode=block
google-lineitem-id: 4683765308
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234324481
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.itprotoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

svrGP.aspx
s1481.t.eloqua.com/visitor/v200/
Redirect Chain

https://s1481.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled
https://s1481.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled&elqCookie=1

49 B
373 B

159ms
158ms

Image
image/gif

209.167.231.17
Oracle Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1481.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled&elqCookie=1

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS - Oracle Corporation, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Tue, 28 Aug 2018 07:05:02 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control: private,no-cache, no-store
Content-Type: image/gif
Content-Length: 49
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Tue, 28 Aug 2018 07:05:01 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Location: //s1481.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1481&ref2=elqNone&tzo=0&ms=128&optin=disabled&elqCookie=1
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 256
Expires: -1

GET
S 200 init-328cl2pmwdiu41uvygf.js Show response
api.b2c.com/api/ Frame C364 12 KB
5 KB 322ms
322ms Script
text/javascript 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 518a3e9e084d0c0c65de0ece88304bd3aca1708dddd68de46b32e0608ba6ab60

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/ Frame C364 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

db24fe8ee6b55d3ee90232e6e7e32c8136ebd7017b12261f77d3b909ce7207c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 22 Aug 2018 20:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1251
x-xss-protection: 1; mode=block
server: cafe
etag: 7267401111508209274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Sep 2018 20:37:58 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/ Frame C364 72 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

872e1d8cec45e7f42f4ed80e957faa8ab0966c812a3c52d9a64e58f0e546c27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 25 Aug 2018 01:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26623
x-xss-protection: 1; mode=block
server: cafe
etag: 12965418820029497387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Sep 2018 01:11:39 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame C364 258 KB
0 36ms
6ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10a7711c82e85a368aae8b9e3803b9023fe9fe615f65c4fc46ed86074979351f

Request headers

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Aug 2018 16:47:23 GMT
Server: AmazonS3
x-amz-request-id: AB9AC9FCA3D02FF0
ETag: "2d8601554832a0e42eac0c9f7dc7b7f1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81284
x-amz-id-2: Va64DHDYcV/7wBGFN3+niY8e7xTVvoBs0roCLRRPPfIspItIBH19KTGuXQKvlMivWJDqNPXGZP8=

GET
DATA 200
OK truncated
/ Frame C364 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eb1d79659d9af273f8c97e4d1fbbc44669f2c834614d83d8d7231e85feffad3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame C364 0
64 B 28ms
28ms Image
image/gif 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbpdzeF9l7N1ggyBptNqvEhf6GCnduC9ElbW9POlP70GGs-O7K4v7SmnU9Nw6x376DNXaGFQKjJnGJGV9TWnvHkvfMx4X3jU1ikncrFyfBKLw_B_h6oejUe1c-5UFLcSi5fjJ05iYkpdx0vMRvC8NqdEtT2jLrICb0gzWmUW_1GukrkZSbUm5skaXDp3e9-VR7PkNGpFm5fcUNGTcmBFp43ywpY2cJ17o4BuZZA5mQCGGtTjLipWSqAYHjo_aGNfe2F6hrdk5-saVcQ8eODh8Qmw8CIh0OuAxppqt9aw&sai=AMfl-YTzjqOFWvcTVaUJci6XxUm4P60Vdw-aygEbtdK6UasncKToBfXhs1LIH9tWJh00GWxiH-Zh8i6_sKN-L_x-xFOURMTswM97_R65upNhwPqqj1Q4tMHbEXd3yow9&sig=Cg0ArKJSzIQdPKLBiexZEAE&adurl=

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Aug 2018 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
S 200 16406910454934833932
tpc.googlesyndication.com/simgad/ Frame C364 38 KB
38 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16406910454934833932

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9dce458a02bff965ee50c8e1140145a80a84675611879ad7ecf5c4d7891087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 17 Aug 2018 18:33:54 GMT
x-content-type-options: nosniff
age: 909068
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 38747
x-xss-protection: 1; mode=block
last-modified: Thu, 24 May 2018 14:27:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2019 18:33:54 GMT

GET
S 204 l
www.google.com/ads/measurement/ Frame C364 0
77 B 14ms
13ms Image
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJlLta2oS9A5egB5A-gMIT3rmddpVcGdzThh0RUifBWCPctemNu4ZmaD316Tmc6x-QzDbp
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1535439902151&de=568296097738&m=0&ar=763aa27-clean&q=5&cb=0&cu=1535439902151&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&zMoatPS=300_1_lft&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&bo=298588227&bp=21625748602&bd=300_1_lft&dfp=0%2C1&la=21625748602&gw=pentonmedia53440730609&fd=1&ac=1&it=500&fs=150929&na=1830652488&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

GET
H/1.1 200
OK pinit_main.js Show response
assets.pinterest.com/js/ 62 KB
23 KB 8ms
7ms Script
application/javascript 2600:1480:3000:41::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.08150909333824652
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js?_=1535439900576
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1480:3000:41:: , United States, ASN33905 (AKAMAI-AMS, US),
Reverse DNS
Software: /
Resource Hash: a91084723850c74b04c1e7957c1a54f1e1873396cd90a55d25ee733495229cd1

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
X-CDN: akamai
ETag: "2e530c3dfcfe2217743998ff4669ef00"
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=282
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22634
Access-Control-Expose-Headers: X-CDN

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=&qo=0&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bu6%40QV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y~iD%3Dn%3CG.**s!%7D%2318YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22WM%3DkoD%23%3BId%2FSC6ks%3CzKUExvR27ByCDT(OJF8psid%23a.dk%3FI4%3CVEtX%3EA)%2Cea*X%3Dy%3E%5B%25B7kE%3FSF(f%25%3BS%243O3P0oJU4b6W%3AGcS4(%5B*rUePpw4iqi%3CFEtmChkQPuf3%2BrNaU51%40%40HHzt%24bV%2F.4bIu%40vv%7DqB%3DmfV%7DDXwJd%5E%7CXoNFodK0p)%22wbSR%5Di3U1Il9OpPP%60%22AkM%22%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%2CJP%3Ch%2CqkAS%3Bx!93iPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23c%25%24(%3DNqUcRe%2Ba%2F%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&qq=001000000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=PENTONCONTENT1&hp=1&pl=1&cm=1&kq=1&bq=0&f=0&j=&o=3&t=1535439901713&de=485739441509&m=0&ar=de60227-clean&q=0&cb=0&cu=1535439902077&ll=2&ln=0&em=0&en=0&d=itprotoday.com%3AWhat%20is%20Mimikatz%3A__page__%3A-&qs=1&gw=pentoncontent20495821&fd=1&ac=1&it=500&fs=98334&na=1499095204&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
66 B 23ms
23ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=5&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=aa033&d=www.itprotoday.com&l=Home+Left+Sidebar+2&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=%23penton_recent_content_block+%3E+aside+%3E+article%3Aeq(2)&pepm=gdpr-eu&pepc=n&mepc=1&t=arx&parcid=8d782&parid=204f9&parin=1&partm=1&par=n&maxts=0.35&_=1535439900850
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5cfcce2336-FRA

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
189 B 8ms
8ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=6&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=20861&d=www.itprotoday.com&l=Home+Left+Sidebar+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=%23penton_recent_content_block+%3E+aside+%3E+article%3Aeq(1)&pepm=gdpr-eu&pepc=n&mepc=1&t=arx&parcid=2931b&parid=60070&parin=1&partm=1&par=n&maxts=0.359&_=1535439900851
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5cfcd52336-FRA

POST
H/1.1 200
OK x Show response
api-34-220-197-142.b2c.com/api/ 0
363 B 391ms
177ms XHR
text/plain 2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-197-142.b2c.com/api/x?Hzcfzqz9qtznhY5w$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwid2luZG93JDAkMTU4NXgxMjAwIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDAkdHJ1ZSIsImRvTm90VHJhY2skMCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDAkOCIsImxhbmd1YWdlJDAkZW4tVVMiLCJwbGF0Zm9ybSQwJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMCRHZWNrbyIsInByb2R1Y3RTdWIkMCQyMDAzMDEwNyIsInNlbmRCZWFjb24kMCQxIiwidXNlckFnZW50JDAkTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDAkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJmb250cmVuZGVyJDEkMSIsIndlYmdsJDIkbi9hIiwidGltZSQyJDE1MzU0Mzk5MDE3MjMiLCJ0aW1lem9uZSQyJDAiLCJwbHVnaW5zJDIkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkMiQyMS43IiwibWVtLXVzZWRKU0hlYXBTaXplJDIkMTcuMSIsIm1lbS1qc0hlYXBTaXplTGltaXQkMiQyMzMwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQyJDEiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQyJDEiLCJ0aW1lLWNvbm5lY3RTdGFydCQyJDEiLCJ0aW1lLWNvbm5lY3RFbmQkMiQzMiIsInRpbWUtc2VjdXJlQ29ubmVjdGlvblN0YXJ0JDIkNiIsInRpbWUtcmVxdWVzdFN0YXJ0JDIkMzIiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkMiQ0NyIsInRpbWUtcmVzcG9uc2VFbmQkMiQ1MyIsInRpbWUtZG9tTG9hZGluZyQyJDUwIiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDMkMCIsIm5hdmlnYXRpb24tdHlwZSQzJG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDYkMC4zIiwiZ2xvYmFscyQ3JGIzZTBkNjczIiwiZG9jdW1lbnQtdGltZSQxMCQwLjUiLCJkb2N1bWVudCQxMSRiM2U0MGRhMyIsImNvbm5lY3Rpb24kMTEkIiwiZG93bmxpbmtNYXgkMTEkIiwiZ2V0VXNlck1lZGlhJDExJDIiLCJjbG9jayQxNiQyNzI0IiwiYmF0dGVyeSQxNzAkMSAxIDAgSW5maW5pdHkiLCJpbnRlcnNlY3Rpb24tc2l6ZSQxNzAkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDE3MCQweDAgMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uJDE3MCQ2MSIsImZyYW1lcmF0ZSQxNzAkMjAiLCJhdWRpb2NvbnRleHQkMTczJDk2ZTE0YmVmIiwic29ydCQzMzEkMTE3LjE
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
S 200 p.gif
p.typekit.net/ 35 B
201 B 8ms
6ms Image
image/gif 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=njq2hxj&ht=tk&h=www.itprotoday.com&f=139.140.175.176.17391&a=4139614&js=1.19.2&app=typekit&e=js&_=1535439902282
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-38-53-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
last-modified: Thu, 05 Oct 2017 20:51:16 GMT
server: nginx
etag: "59d69b44-23"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Wed, 29 Nov 2017 11:03:18 GMT

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
66 B 13ms
13ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=7&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=87c0e&d=www.itprotoday.com&l=Article+Inline+Related+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=.article-content+%3E+p%3Aeq(2)&pepm=gdpr-eu&pepc=n&mepc=1&t=arx&parcid=6e136&parid=ba6d9&parin=1&partm=1&par=n&maxts=0.418&_=1535439900852
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5d6d2e2336-FRA

GET
S 200 wt Show response
polarcdn-pentos.com/ 3 B
66 B 15ms
15ms XHR
application/octet-stream 104.18.219.82
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=8&n=3&p=NA-ITPRCOM-11238907&s=1&u=fcbcdd15-e6dd-443f-a23e-872356eeec9a&v=2%2F194ca70&w=1.100.0&y=w&z=v1.6.19&pas=dfp&pag1=default&pag2=%2F3834%2Fitprotoday.home%2Farticle%2Fmanagement_mobility&pai=60a19&d=www.itprotoday.com&l=Article+Related+1&pvhref=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&pajs=.related-articles-wrapper+%3E+a%3Aeq(1)&pepm=gdpr-eu&pepc=n&mepc=1&t=arx&parcid=f9bd1&parid=e29d5&parin=1&partm=1&par=n&maxts=0.418&_=1535439900853
Requested by: Host: plugin.mediavoice.com
URL: https://plugin.mediavoice.com/plugin.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.219.82 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:02 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 741766AAD755B513
status: 200
content-length: 3
x-amz-id-2: 8wr0j8+qwHmDlaTdgslJ1qc1nyBl3qwg+vCy9Ruw0e37+Fll1xOkiyYdO3noOU9kNeLUeCpWJYk=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 4514ed5d6d2f2336-FRA

GET
S 200 init-328cl2pmwdiu41uvygf.js Show response
api.b2c.com/api/ Frame 39B0 13 KB
5 KB 389ms
389ms Script
text/javascript 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 69c1cea03a0d0cd4e8e5830c2b8836ef203a5550cc9c769911452d5fcb85b247

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/ Frame 39B0 3 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

db24fe8ee6b55d3ee90232e6e7e32c8136ebd7017b12261f77d3b909ce7207c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 22 Aug 2018 20:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1251
x-xss-protection: 1; mode=block
server: cafe
etag: 7267401111508209274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Sep 2018 20:37:58 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/ Frame 39B0 72 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

872e1d8cec45e7f42f4ed80e957faa8ab0966c812a3c52d9a64e58f0e546c27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 25 Aug 2018 01:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26623
x-xss-protection: 1; mode=block
server: cafe
etag: 12965418820029497387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Sep 2018 01:11:39 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 39B0 258 KB
0 36ms
6ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10a7711c82e85a368aae8b9e3803b9023fe9fe615f65c4fc46ed86074979351f

Request headers

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Aug 2018 16:47:23 GMT
Server: AmazonS3
x-amz-request-id: AB9AC9FCA3D02FF0
ETag: "2d8601554832a0e42eac0c9f7dc7b7f1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81284
x-amz-id-2: Va64DHDYcV/7wBGFN3+niY8e7xTVvoBs0roCLRRPPfIspItIBH19KTGuXQKvlMivWJDqNPXGZP8=

GET
DATA 200
OK truncated
/ Frame 39B0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38703e7f928279e1cc4d584a297d4833681feff0f7ebe3a2d1f219de515aea10

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39B0 0
47 B 29ms
28ms Image
image/gif 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTbYjHJQ495sIUt3EOSmjowp90knIvitrrEdmwyd5kj7_lJ8606w-WlitMBRn4wiKtfnlMzEF1Ly5I8_XnvRobgMxIpLYG-dKqAquoJcoeHO7jcw44PP3-RO79yt7WRT9QrsIpIkRyY9-PFOp_pW9aZzwMr1U0QqB4z4-rJpswBq3hs-0L71FzcoJdaUyBVWwBF6CirJesJqZE-WMT1GoCN2ZL0xyIao4ix1i9wi_EvYOQxERdgt4BF3k6HZZ1cLXbRVjeU51tz46Uu14AdGE1UiMk3bpbxEUFv1sGfQ&sai=AMfl-YR2T2LrlFGyepl_xzuwMx52pg3pd-MRnVwVNGPZK80ak-tlmcnI1RtrP9ajGqjXGLy5cWm2Z4tesj1PKGgPBXMEHMACEclhsOYE8Q-HA2VqOFjC8zsGs4SDJeUh&sig=Cg0ArKJSzA2s6GwMKTqLEAE&adurl=

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Aug 2018 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
S 200 1646937494608249077
tpc.googlesyndication.com/simgad/ Frame 39B0 24 KB
24 KB 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1646937494608249077

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c0f513ef3a9cd25362568afc5ee9c1494c653bf2b04b386e9bc9f520d8adc561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 25 Aug 2018 22:06:16 GMT
x-content-type-options: nosniff
age: 205126
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 24152
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Aug 2018 21:03:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2019 22:06:16 GMT

GET
S 204 l
www.google.com/ads/measurement/ Frame 39B0 0
60 B 14ms
14ms Image
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzWx45j588_ZyrvdsPZ7F9EmzA_FWPWWkUtcHYlqc_Oo2pDQ5wWshjyiLxDMu1Bw4WerYE
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1535439902328&de=319072944314&m=0&ar=763aa27-clean&q=8&cb=0&cu=1535439902328&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&zMoatPS=728_1_a&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&bo=298588227&bp=21625748602&bd=728_1_a&dfp=0%2C1&la=21625748602&gw=pentonmedia53440730609&fd=1&ac=1&it=500&fs=150929&na=1308194266&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 10ms
9ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.itprotoday.com%2F%2Fmanagement-mobility%2F-&i=PENTONCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bu6%40QV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y~iD%3Dn%3CG.**s!%7D%2318YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22WM%3DkoD%23%3BId%2FSC6ks%3CzKUExvR27ByCDT(OJF8psid%23a.dk%3FI4%3CVEtX%3EA)%2Cea*X%3Dy%3E%5B%25B7kE%3FSF(f%25%3BS%243O3P0oJU4b6W%3AGcS4(%5B*rUePpw4iqi%3CFEtmChkQPuf3%2BrNaU51%40%40HHzt%24bV%2F.4bIu%40vv%7DqB%3DmfV%7DDXwJd%5E%7CXoNFodK0p)%22wbSR%5Di3U1Il9OpPP%60%22AkM%22%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%2CJP%3Ch%2CqkAS%3Bx!93iPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23c%25%24(%3DNqUcRe%2Ba%2F%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&qq=001000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=1995&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&cm=1&f=0&j=&o=3&t=1535439901713&de=485739441509&cu=1535439902077&m=508&ar=de60227-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=2&cd=0&ah=2&am=0&re=0&wb=1&cl=0&at=0&d=itprotoday.com%3AWhat%20is%20Mimikatz%3A__page__%3A-&gw=pentoncontent20495821&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98334&na=1586350357&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45067ff7787ed1cff6f56511c3edaa9ef03a2dbb1d045f032f045f985f3fedf8

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D785174%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.itprotoday.com%25...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D785174%2526tzOffset%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=5221829138924704343&q=xImp&v=1.x&cl=55&pixelIndex=0&r=785174&tzOffset=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&_=1535439...

258 B
957 B

424ms
103ms

Script
text/javascript

52.3.188.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=5221829138924704343&q=xImp&v=1.x&cl=55&pixelIndex=0&r=785174&tzOffset=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&_=1535439902410
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-188-64.compute-1.amazonaws.com
Software: /
Resource Hash: 73c5df3819337239019d0cde4493daa545320531ed87ff8653ea8173bd1cbd2d

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 224
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: 3afe7a64-1903-4a90-afef-543a80115a12
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=5221829138924704343&q=xImp&v=1.x&cl=55&pixelIndex=0&r=785174&tzOffset=0&url=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&_=1535439902410
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 init-328cl2pmwdiu41uvygf.js Show response
api.b2c.com/api/ Frame E2C5 12 KB
5 KB 196ms
196ms Script
text/javascript 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-328cl2pmwdiu41uvygf.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:8816:1c50:c32b:b4f1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: 21c3b79e09a9eb065be3e234626a96a53f4ec61d0a075c7563869cf716a0a66b

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:02 GMT
content-encoding: gzip
server: openresty
content-type: text/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
expires: -1

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/ Frame E2C5 3 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

db24fe8ee6b55d3ee90232e6e7e32c8136ebd7017b12261f77d3b909ce7207c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 22 Aug 2018 20:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1251
x-xss-protection: 1; mode=block
server: cafe
etag: 7267401111508209274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Sep 2018 20:37:58 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/ Frame E2C5 72 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180822/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

872e1d8cec45e7f42f4ed80e957faa8ab0966c812a3c52d9a64e58f0e546c27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 25 Aug 2018 01:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26623
x-xss-protection: 1; mode=block
server: cafe
etag: 12965418820029497387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Sep 2018 01:11:39 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame E2C5 258 KB
0 36ms
6ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10a7711c82e85a368aae8b9e3803b9023fe9fe615f65c4fc46ed86074979351f

Request headers

Response headers

Date: Tue, 28 Aug 2018 07:05:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Aug 2018 16:47:23 GMT
Server: AmazonS3
x-amz-request-id: AB9AC9FCA3D02FF0
ETag: "2d8601554832a0e42eac0c9f7dc7b7f1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81284
x-amz-id-2: Va64DHDYcV/7wBGFN3+niY8e7xTVvoBs0roCLRRPPfIspItIBH19KTGuXQKvlMivWJDqNPXGZP8=

GET
DATA 200
OK truncated
/ Frame E2C5 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da58a56d822cd0dd5354771c969fd778c74f5100d3bbe0e77817c256e503ad0

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame E2C5 0
47 B 28ms
27ms Image
image/gif 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMe8DoxViBCQB9_-Tzw9-8ps3MSV0k3vuLy3j3du3qlPem7bspaKz6nLQ_9IvU_sbdS80UxQ1PtysXJy84Nz8GxBRlPHcZ6zv2yUZqvJKl5bfF_n2QZxp-r5EbP-b8si1RAu343dZ8l6QZOY8q7j1KTaA587PpWXYtz7S62yHRzka_cqqtUebstoIv_PzsnsMPezy7VxbXQ282cgXZV3uRgOkcUSigYQhoQ4W_r_pTy1lxYQk-PT5ATL8TsdZQYHJjemxpNvQck_L1-YBpa5StBG6iAWxTl5s1IBHW0Q&sai=AMfl-YSKdICHnyuor9AswmpTmI6GHAhOXSvDZ-e52sGexDgcDXU2PXiBL6fceAMDAgl4Bs9v1oBj_FFGaUtufWL_HnvE7aN0uNDPz-nczSNG2KpSIJ16K5OfjWOHiRB8&sig=Cg0ArKJSzPgPBH2pzpCjEAE&adurl=

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Aug 2018 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
S 200 16485667468791056427
tpc.googlesyndication.com/simgad/ Frame E2C5 77 KB
77 KB 9ms
8ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16485667468791056427

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c69727f8a9961e5eb4cad1e3d462a38fefd6d66c427886cf4217183cd9e5bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 25 Aug 2018 04:02:23 GMT
x-content-type-options: nosniff
age: 270159
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 78631
x-xss-protection: 1; mode=block
last-modified: Thu, 24 May 2018 14:27:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2019 04:02:23 GMT

GET
S 204 l
www.google.com/ads/measurement/ Frame E2C5 0
60 B 15ms
13ms Image
text/html 2a00:1450:4001:81e::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnSZ5ALMO1PHX9jWqZMrLukZ0TmvdMjvBEe8tPaoFoH3S3F8Ya90Wm9cAX-baBhcAk861W
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81e::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1535439902445&de=405823912984&m=0&ar=763aa27-clean&q=11&cb=0&cu=1535439902445&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=15763947%3A2315416066%3A4683765308%3A138234324481&zMoatPS=300_1_rht&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&bo=298588227&bp=21625748602&bd=300_1_rht&dfp=0%2C1&la=21625748602&gw=pentonmedia53440730609&fd=1&ac=1&it=500&fs=150929&na=173914044&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

POST
H/1.1 200
OK x
api-34-220-197-142.b2c.com/api/ Frame 657C 0
363 B 176ms
176ms Other
text/plain 2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-197-142.b2c.com/api/x?cSxbfZYliJF6qOP6$YWRibG9jayQ4MjAkMA
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET

4
api-34-220-197-142.b2c.com/api/
Redirect Chain

https://api-34-220-197-142.b2c.com/api/x?Hzcfzqz9qtznhY5w$YWRibG9jayQ1OTYkMA
https://api-34-220-197-142.b2c.com:444/api/4?Hzcfzqz9qtznhY5w

0
0

GET 4
api-34-220-197-142.b2c.com/api/ Frame 657C 0
0

GET
H/1.1 200
OK ad.gif
api-34-220-197-142.b2c.com/api/ Frame C364 43 B
0 453ms
176ms Image
image/gif 2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-197-142.b2c.com/api/ad.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Response headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ad.gif
api-34-220-34-65.b2c.com/api/ Frame E2C5 43 B
233 B 540ms
172ms Image
image/gif 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-34-65.b2c.com/api/ad.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=1&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16406910454934833932&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=579&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=25&an=0&gf=25&gg=0&ix=25&ic=25&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=25&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=0&ah=50&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1600175460&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

GET
H/1.1

302
Moved Temporarily

4 Show response
api-34-220-197-142.b2c.com/api/ Frame C364
Redirect Chain

https://api-34-220-197-142.b2c.com/api/x?iewmC4i323p0Lmis$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHR...
https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis

0
-1 B

178ms
177ms

XHR
text/html

2600:1f14:cc5:8002:3306:a3e5:c339:db18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8002:3306:a3e5:c339:db18 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Location: https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

Redirect headers

Date: Tue, 28 Aug 2018 07:05:02 GMT
Server: openresty
Location: https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 158

GET
H/1.1 200
OK ad.gif
api-34-220-34-65.b2c.com/api/ Frame 39B0 43 B
233 B 527ms
209ms Image
image/gif 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-34-65.b2c.com/api/ad.gif
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=1798&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1242&an=148&gi=1&gf=1242&gg=148&ix=1242&ic=1242&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1242&bx=148&ci=1242&jz=1145&dj=1&aa=0&ad=925&cn=0&gk=925&gl=0&ik=925&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1145&cd=296&ah=1145&am=296&rf=0&re=1&ft=640&fv=0&fw=640&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=1568276689&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:02 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:02 GMT

POST
H/1.1 200
OK x Show response
api-34-220-34-65.b2c.com/api/ Frame E2C5 0
363 B 559ms
184ms XHR
text/plain 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-34-65.b2c.com/api/x?crnuRs0waRRG2dz0$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5pdHByb3RvZGF5LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJ3aW5kb3ckMCQzMDB4NjAwIiwiaW5uZXIkMCQzMDB4NjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTNfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzY3LjAuMzM5Ni44NyBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQwJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDgiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQyJG4vYSIsInRpbWUkMiQxNTM1NDM5OTAyNjY2IiwidGltZXpvbmUkMiQwIiwicGx1Z2lucyQyJE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDIkMjEuNyIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyJDE3LjEiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDIkMjMzMCIsInRpbWUtcmVzcG9uc2VFbmQkMiQxMTUiLCJ0aW1lLWRvbUxvYWRpbmckMiQxMTYiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDIkMTE2IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQyJDExNiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDIkMTE2IiwidGltZS1kb21Db21wbGV0ZSQyJDExNyIsInRpbWUtbG9hZEV2ZW50U3RhcnQkMiQxMTciLCJ0aW1lLWxvYWRFdmVudEVuZCQyJDExNyIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQyJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQ2JDAuNCIsImdsb2JhbHMkNiRiM2UwZDY3MyIsImRvY3VtZW50LXRpbWUkMTAkMC41IiwiZG9jdW1lbnQkMTAkYjNlNDBkYTMiLCJjb25uZWN0aW9uJDEwJCIsImRvd25saW5rTWF4JDEwJCIsImdldFVzZXJNZWRpYSQxMSQyIiwiY2xvY2skMTUkNDYwMiIsImludGVyc2VjdGlvbi1zaXplJDY3JDE1ODV4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQ2NyQweDAgMzAweDAiLCJpbnRlcnNlY3Rpb24kNjckMTAwIiwiYXVkaW9jb250ZXh0JDY4JDk2ZTE0YmVmIiwic29ydCQxODUkMTExLjUiLCJmcmFtZXJhdGUkMTg3JDMw
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_gid=CAESEIuh7NaUc1klGicQYwNBmho&google_cver=1

0
575 B

102ms
102ms

Script
text/javascript

52.3.188.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_gid=CAESEIuh7NaUc1klGicQYwNBmho&google_cver=1
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.64 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-188-64.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:03 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5221829138924704343&pixelIndex=0&_=1535439902411&google_gid=CAESEIuh7NaUc1klGicQYwNBmho&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 368
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

52154.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/423396.gif?partner_uid=5221829138924704343
https://idsync.rlcdn.com/1000.gif?memo=COTrGRIfChsIARDGpwEaEzUyMjE4MjkxMzg5MjQ3MDQzNDMQABoNCJ_ok9wFEgUI6AcQAA
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5225664602739312599

42 B
302 B

106ms
106ms

Image
image/gif

34.226.13.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5225664602739312599
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.13.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-226-13-209.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 28 Aug 2018 07:05:03 GMT
cache-control: no-cache, no-store
content-type: image/gif
timing-allow-origin: *
content-length: 42
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:05 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid: 97cf0843-d685-43b7-827a-bd0f927b8968
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5225664602739312599
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET 4
api-34-220-197-142.b2c.com/api/ Frame C364 0
0

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=1799&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1242&an=1242&gi=1&gf=1242&gg=1242&ix=1242&ic=1242&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1242&bx=1242&ci=1242&jz=1145&dj=1&aa=0&ad=925&cn=925&gk=925&gl=925&ik=925&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1145&cd=1145&ah=1145&am=1145&rf=0&re=1&ft=640&fv=640&fw=640&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=1232377324&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=1800&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1242&an=1242&gi=1&gf=1242&gg=1242&ix=1242&ic=1242&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1242&bx=1242&ci=1242&jz=1145&dj=1&aa=0&ad=925&cn=925&gk=925&gl=925&ik=925&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1145&cd=1145&ah=1145&am=1145&rf=0&re=1&ft=640&fv=640&fw=640&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=923709458&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=1800&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1242&an=1242&gi=1&gf=1242&gg=1242&ix=1242&ic=1242&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1242&bx=1242&ci=1242&jz=1145&dj=1&aa=0&ad=925&cn=925&gk=925&gl=925&ik=925&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1390&cd=1145&ah=1390&am=1145&rf=0&re=1&ft=640&fv=640&fw=640&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=1279583901&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=1&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F1646937494608249077&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=623&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=31&an=0&gf=31&gg=0&ix=31&ic=31&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=31&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=62&cd=0&ah=62&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1001829944&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=2172&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1616&an=1242&gi=1&gf=1616&gg=1242&ix=1616&ic=1616&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1616&bx=1242&ci=1242&jz=1145&dj=1&aa=1&ad=1299&cn=925&gn=1&gk=1299&gl=925&ik=1299&co=1299&cp=1390&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1390&cd=1390&ah=1390&am=1390&rf=0&re=1&ft=1014&fv=640&fw=640&wb=1&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=1528207107&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=1&qs=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16485667468791056427&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902445&de=405823912984&cu=1535439902445&m=727&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=50&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=193&cd=0&ah=193&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324481&bo=298588227&bp=21625748602&bd=300_1_rht&zMoatPS=300_1_rht&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=1%3A0&fs=150929&na=589409849&cs=0
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 657C 42 B
110 B 26ms
26ms Image
image/gif 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmHTUaqwzophqWbeFTtXaGHLPeyBerdi5c19rgNCsm-uji1twVfP252qGsMiFBR30oa8xowrtXXwl5H3CMfMNnfn9tU2htdvw&sig=Cg0ArKJSzFv_vlN849HKEAE&adk=1260181701&tt=-1&bs=1585%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=0,0,1200,1585&xza=1&mza=1&mcvt=1008&rs=3&ht=0&tfs=1422&tls=2430&mc=1&lte=1&bas=0&bac=0&la=1&avms=geo&rst=1535439900790&rpt=1446&ioa=1&bos=1600%2C1200&ps=1585%2C2267&ss=1600%2C1200&pt=-1&deb=1-1-4-5-17-12-80-12&tvt=2420&op=1&r=v&srmi=1&id=osdim&ti=1&uc=5&tgt=BODY&cl=1&cec=14&clc=0&cac=0&cd=1585x0&v=r20180822

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C364 42 B
110 B 27ms
26ms Image
image/gif 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubvaBUwUSotGLkH8X6lXTPgBxJWGruRWJr1W79cTebggsx1ibDDrT3rphDQzaD8UsxRXljmw1bbkOaJnJekL9Bab-bUwIcs9c&sig=Cg0ArKJSzL-dOnpJwE7qEAE&adk=1567189037&tt=-1&bs=1585%2C1200&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&p=581,204,831,504&xza=1&mza=1&mcvt=1055&rs=3&ht=0&tfs=1375&tls=2430&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1535439902190&rpt=1&ioa=1&bos=1600%2C1200&ps=1585%2C2267&ss=1600%2C1200&pt=-1&deb=1-1-4-5-17-12-80-12&tvt=2420&op=0&invis=1&r=v&srmi=1&id=osdim&ti=1&uc=26&tgt=DIV&cl=1&cec=7&clc=1&cac=0&cd=300x254&v=r20180822

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK x Show response
api-34-220-34-65.b2c.com/api/ Frame 39B0 0
363 B 532ms
178ms XHR
text/plain 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-34-65.b2c.com/api/x?SZbNr55INRNHb06e$dXJsJDAkaHR0cHM6Ly93d3cuaXRwcm90b2RheS5jb20vbWFuYWdlbWVudC1tb2JpbGl0eS93aGF0LW1pbWlrYXR6IiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL3d3dy5pdHByb3RvZGF5LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJ3aW5kb3ckMCQ3Mjh4OTAiLCJpbm5lciQxJDcyOHg5MCIsIm91dGVyJDEkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDEkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ4IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkTGludXggeDg2XzY0IiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQxJDEiLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsImZvbnRyZW5kZXIkMiQxIiwid2ViZ2wkMyRuL2EiLCJ0aW1lJDMkMTUzNTQzOTkwMjg5MiIsInRpbWV6b25lJDMkMCIsInBsdWdpbnMkMyROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQzJDIxLjciLCJtZW0tdXNlZEpTSGVhcFNpemUkMyQxNy4xIiwibWVtLWpzSGVhcFNpemVMaW1pdCQzJDIzMzAiLCJ0aW1lLXJlc3BvbnNlRW5kJDMkMTE4IiwidGltZS1kb21Mb2FkaW5nJDMkMTE5IiwidGltZS1kb21JbnRlcmFjdGl2ZSQzJDExOSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkMyQxMTkiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQzJDExOSIsInRpbWUtZG9tQ29tcGxldGUkMyQxMjAiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDMkMTIwIiwidGltZS1sb2FkRXZlbnRFbmQkMyQxMjAiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMyQwIiwibmF2aWdhdGlvbi10eXBlJDMkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkOCQwLjUiLCJnbG9iYWxzJDgkYjNlMGQ2NzMiLCJkb2N1bWVudC10aW1lJDEzJDAuOCIsImRvY3VtZW50JDEzJGIzZTQwZGEzIiwiY29ubmVjdGlvbiQxNCQiLCJkb3dubGlua01heCQxNCQiLCJnZXRVc2VyTWVkaWEkMTQkMiIsImNsb2NrJDE5JDI3MDQiLCJhdWRpb2NvbnRleHQkMTAzJDk2ZTE0YmVmIiwic29ydCQyMTckMTEyLjYiLCJpbnRlcnNlY3Rpb24tc2l6ZSQyNTgkMTU4NXgxMjAwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDI1OCQweDAgNzI4eDAiLCJpbnRlcnNlY3Rpb24kMjU4JDEwMCIsImZyYW1lcmF0ZSQyNTgkMjA
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:cc5:8001:cec8:c3b6:3190:d15e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Origin: https://www.itprotoday.com

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Server: openresty
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: -1

GET
H/1.1 200
OK / Show response
log.pinterest.com/ 0
669 B 120ms
104ms Script
text/plain 151.101.12.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://log.pinterest.com/?guid=KpWbKxBZGhUL&tv=2018050702&type=pidget&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&via=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&callback=PIN_1535439902309.f.callback[0]
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.08150909333824652
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
Date: Tue, 28 Aug 2018 07:05:03 GMT
Via: 1.1 varnish
server: envoy
X-Timer: S1535439903.331530,VS0,VE98
X-Served-By: cache-fra19129-FRA
X-Cache: MISS
x-envoy-upstream-service-time: 3
Content-Length: 0
Connection: keep-alive
Accept-Ranges: bytes
x-pinterest-rid: 576078402090
X-Cache-Hits: 0

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 39B0 42 B
110 B 26ms
26ms Image
image/gif 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY4QZ-Z69uhz4U-k65YRU4lrglR2nwCDGWOY24xD7P2uuTEkVPWIHK7KJe7kzpT_TQ961JdKseyC3bbPmL2jC8kul5cU7LwzM&sig=Cg0ArKJSzPm9dVwewGTTEAE&adk=1049759338&tt=-1&bs=1585%2C1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&p=181,429,271,1157&xza=1&mza=1&mcvt=1002&rs=3&ht=0&tfs=1530&tls=2532&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1535439902345&rpt=0&ioa=1&bos=1600%2C1200&ps=1585%2C2267&ss=1600%2C1200&pt=-1&deb=1-1-4-6-18-12-104-13&tvt=2522&op=0&invis=1&r=v&srmi=1&id=osdim&ti=1&uc=31&tgt=DIV&cl=1&cec=7&clc=1&cac=0&cd=728x94&v=r20180822

Requested by

Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

4
api-34-220-34-65.b2c.com/api/ Frame E2C5
Redirect Chain

https://api-34-220-34-65.b2c.com/api/x?crnuRs0waRRG2dz0$YWRibG9jayQ1NTYkMA
https://api-34-220-34-65.b2c.com:444/api/4?crnuRs0waRRG2dz0

0
0

GET

4
api-34-220-34-65.b2c.com/api/ Frame 39B0
Redirect Chain

https://api-34-220-34-65.b2c.com/api/x?SZbNr55INRNHb06e$YWRibG9jayQ1NDIkMA
https://api-34-220-34-65.b2c.com:444/api/4?SZbNr55INRNHb06e

0
0

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%2... Frame 9FCC
Redirect Chain

https://bcp.crwdcntrl.net/5/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3...
https://bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section...

0
0

74ms
73ms

Document
text/html

34.249.136.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/int=%23OpR%2366985%23itprotoday%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/7499/cc_af.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.136.192 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-136-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Accept-Encoding: gzip, deflate
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2754DD8A222EBD6258F1EA7CAB7F20E7
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 28 Aug 2018 07:05:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT _cc_id=2468b3112c4837d5e68e43278dd026e4;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT _cc_cc="ACZ4nGNQMDIxs0gyNjQ0SjaxMDZPMU01s0g1MTYyt0hJMTAySzVhAILoli%2FyDHDA83jZDynGabEM%2FxkZGd4sQbB3HdSFMXcimNNPqMOYj18sl4CxH0ztYYSxP362hDEPL57DAmNfQGK3P5wtDmNfOvWIDcYGALDzOxU%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT;Max-Age=23328000 _cc_aud="ABR4nGNgYGCIbvkizwADzAwMXDNADFbLiSCKaXIVkAQAWx8Edg%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT;Max-Age=23328000
Vary: Accept-Encoding
X-Server: 10.26.27.29
Content-Length: 139
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://bcp.crwdcntrl.net/5/ct=y/c=7499/rand=282812224/pv=y/int=%23OpR%2366886%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2366887%23itprotoday%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/int=%23OpR%2366985%23itprotoday%20%3A%20Total%20Site%20Traffic/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
X-Server: 10.26.26.233
Content-Length: 0
Connection: keep-alive

GET
S 200 chartbeat_refresh.js Show response
static.chartbeat.com/js/ 39 KB
16 KB 39ms
12ms Script
application/x-javascript 2600:9000:20ac:7000:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_refresh.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20ac:7000:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 965b4eea6a991c4e10e006e8050cc9d0a5be8447d4cc0478e447e33b1e932841

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 00:06:57 GMT
content-encoding: gzip
last-modified: Wed, 22 Aug 2018 02:06:23 GMT
server: nginx
age: 25086
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: qqMkJYbeOndhw8OF3iUtCiyX_n-kSyV-DfA0FTDKPSEiaYi2Ysf-Hw==
via: 1.1 181fb385ff32dee64dd76ae7d4feefb0.cloudfront.net (CloudFront)
expires: Wed, 29 Aug 2018 00:06:57 GMT

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section... Frame 989F
Redirect Chain

https://bcp.crwdcntrl.net/5/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Sect...
https://bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%2...

0
0

58ms
57ms

Document
text/html

54.171.229.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2384828%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/11926/cc.js?ns=_cc11926
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.229.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
Accept-Encoding: gzip, deflate
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2754DD8A222EBD6258F1EA7CAB7F20E7
Referer: https://www.itprotoday.com/management-mobility/what-mimikatz

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 28 Aug 2018 07:05:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT _cc_id=2468b3112c4837d5e68e43278dd026e4;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT _cc_cc="ACZ4nGNQMDIxs0gyNjQ0SjaxMDZPMU01s0g1MTYyt0hJMTAySzVhAILoli%2FyDHDA83jZDynGabEM%2FxkZGd4sQbB3HdSFMXcimNNPqMOYj18sl4CxH0ztYYSxP362hDEPL57DAmNfQGK3P5wtDmNfOvWIDcYGALDzOxU%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT;Max-Age=23328000 _cc_aud="ABR4nGNgYGCIbvkizwADzAwMXDNADFbLiSCKaXIVkAQAWx8Edg%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 25-May-2019 07:05:03 GMT;Max-Age=23328000
Vary: Accept-Encoding
X-Server: 10.26.1.231
Content-Length: 530
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://bcp.crwdcntrl.net/5/ct=y/c=11926/rand=301399332/pv=y/TYPE=VALUE/int=%23OpR%2384825%23www.itprotoday.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384827%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility/int=%23OpR%2384828%23www.itprotoday.com%20%3A%20Site%20Section%20%3A%20management-mobility%20%3A%20what-mimikatz/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
X-Server: 10.26.13.134
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
213 B 413ms
103ms Image
image/gif 54.221.210.243
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=windowsitpro.com&p=%2Fmanagement-mobility%2Fwhat-mimikatz&u=C7dJoFD0X_mQBhwhz4&d=itprotoday.com&g=53678&g0=management%20%26%20mobility&g1=john%20savill&g4=article&n=1&f=00001&c=0&x=0&m=0&y=2267&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3744&t=BHeyuoBJ5VWVDDw3ukC1ipavBOg96m&V=108&i=What%20is%20Mimikatz&tz=0&sn=1&sv=_DCn6KmfHtB_Ra5pBlPPhLDaqn6J&sd=1&im=061b9ff2&_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.210.243 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-221-210-243.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 30 KB
10 KB 22ms
6ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.itprotoday.com
URL: https://www.itprotoday.com/management-mobility/what-mimikatz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e8c7b0c163fdad9ffdde6cfcad8ef1446e316a3032980ce06ac3d8da4344b710

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: MZcxKkmtxAEEjxoyYzEdBdCx.i72zi4_
Content-Encoding: gzip
ETag: "1107e8df6c5204ad515fae1b34661abb"
x-amz-request-id: 31A538E9299A1C5D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9692
x-amz-id-2: YHSFOjgdOxLWlXFwTfDFyayo9PUCrPmPvx6cjIPDTlFUn1BfXnEiEsfcqKxtOx9lT38pmtf4Mxs=
Last-Modified: Wed, 22 Aug 2018 18:04:39 GMT
Server: AmazonS3
Date: Tue, 28 Aug 2018 07:05:03 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=1647&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1112&an=25&gi=1&gf=1112&gg=25&ix=1112&ic=1112&ez=1&ck=1112&kw=930&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1112&bx=25&ci=1112&jz=930&dj=1&aa=0&ad=963&cn=0&gk=963&gl=0&ik=963&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=50&ah=930&am=50&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1517138834&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=1649&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1112&an=1112&gi=1&gf=1112&gg=1112&ix=1112&ic=1112&ez=1&ck=1112&kw=930&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1112&bx=1112&ci=1112&jz=930&dj=1&aa=0&ad=963&cn=963&gk=963&gl=963&ik=963&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=930&ah=930&am=930&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=447642566&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=1649&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1112&an=1112&gi=1&gf=1112&gg=1112&ix=1112&ic=1112&ez=1&ck=1112&kw=930&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1112&bx=1112&ci=1112&jz=930&dj=1&aa=0&ad=963&cn=963&gk=963&gl=963&ik=963&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=930&cd=930&ah=930&am=930&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1675522693&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:03 GMT

GET
H/1.1 200
OK IXZC4QKE6BDSVNBBOX54JQ Show response
d.adroll.com/consent/check/ 34 B
194 B 120ms
31ms Script
application/javascript 54.247.73.220
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/IXZC4QKE6BDSVNBBOX54JQ?_s=1390f37013a54058d65d6f39d18495c3
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.73.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-73-220.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: c389d2c60cd588381a115d2bad194492123fbd5b73f86a85149ec4e5de8503f6

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:03 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 34
Content-Type: application/javascript

GET
H/1.1

200
OK

45GZFZBG65GTZP2EESFCXP.js Show response
s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/
Redirect Chain

https://d.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B?pv=90629838563.85599&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz
https://s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/45GZFZBG65GTZP2EESFCXP.js

5 KB
2 KB

7ms
7ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/45GZFZBG65GTZP2EESFCXP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 24e7f8c2fe01af8ca4ef7e8be928aa196fe7b5da82da99d7a9e609d3e416fcfd

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Z1gggLBLp.3RAHTqMP1FK7vKU2ms7OL4
Content-Encoding: gzip
ETag: "5e4c7b78a5109139745db8c8983722ac"
x-amz-request-id: 5EEBE7802D19EA9D
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1477
x-amz-id-2: BvOURjACoEyQNsSWBSJIOkFwg8cjyHFUQVmvVpbowMi+AdEYa8aDc8kGflfrrRsM
Last-Modified: Wed, 23 May 2018 06:36:36 GMT
Server: AmazonS3
Date: Tue, 28 Aug 2018 07:05:03 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 28 Aug 2018 07:05:03 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: 45GZFZBG65GTZP2EESFCXP
Location: https://s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/45GZFZBG65GTZP2EESFCXP.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 3BQ2N447KNEODAIZTDTY2B
X-Segment-Name: *
X-Advertisable-Eid: IXZC4QKE6BDSVNBBOX54JQ
X-Conversion-Currency

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 43 KB
14 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/IXZC4QKE6BDSVNBBOX54JQ/3BQ2N447KNEODAIZTDTY2B/45GZFZBG65GTZP2EESFCXP.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2fd8f852b0cc7f021bcc7ad1ad3e868b1e9e7934790725ac42720ce42e590915

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13550
x-xss-protection: 0
pragma: public
x-fb-debug: Ljq72YrfvU6fnShiTaVhvVEBlkK6W2l7I7k4CIlwR58KdpPCx+hASBP3TM7DmPjDtTdTdMnSPtXkjcT9cJaXoQ==
x-frame-options: DENY
date: Tue, 28 Aug 2018 07:05:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
298 B

8ms
7ms

Image
text/plain

54.93.159.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.159.17 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-159-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 28 Aug 2018 07:05:04 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 28 Aug 2018 07:05:04 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55980/sync?uid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904&C=1

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expiration=1566975904&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expires=365

42 B
371 B

36ms
10ms

Image
image/gif

69.173.144.137
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.137 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:03 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: UQzZR3yCISTmof_KYTlkFA
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
S

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://sync.outbrain.com/adroll/pixel?user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

18 B
18 B

90ms
90ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-timer: S1535439904.104863,VS0,VE85
date: Tue, 28 Aug 2018 07:05:04 GMT
x-served-by: cache-jfk8141-JFK, cache-fra19133-FRA
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.41
accept-ranges: bytes, bytes
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

2 KB
2 KB

39ms
13ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
X-lat: Pug22060:0:348
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1546

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
S

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

0
226 B

14ms
14ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:04 GMT
via: 1.1 varnish
server: nginx
x-timer: S1535439904.107774,VS0,VE9
x-served-by: cache-fra19133-FRA
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1

200
OK

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://eb2.3lift.com/xuid?mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e&gdpr=1&cmp_cs=

37 B
466 B

8ms
7ms

Image
image/gif

35.156.164.244
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e&gdpr=1&cmp_cs=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.164.244 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-156-164-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:04 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Content-Length: 37
content-type: image/gif

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI&dongle=c85e&gdpr=1&cmp_cs=
date: Tue, 28 Aug 2018 07:05:04 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
1 KB

237ms
152ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=3600
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://x.bidswitch.net/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI

43 B
575 B

14ms
14ms

Image
image/gif

18.153.11.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.17 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI%27)

0
592 B

14ms
13ms

Image
text/html

185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.216 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:06 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid: 0dedb676-9941-4909-b2eb-f08707e28511
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('ZTZkY2ZiNjU0ZTIzYWE5N2EzMWQ3OGM0ZTBmYmVhMWI')
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET
S

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://idsync.rlcdn.com/377928.gif?partner_uid=e6dcfb654e23aa97a31d78c4e0fbea1b
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOBVb5x8tdUtMV7MTyGl6gk&google_cver=1

42 B
312 B

105ms
105ms

Image
image/gif

34.226.13.209
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOBVb5x8tdUtMV7MTyGl6gk&google_cver=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.13.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-226-13-209.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 28 Aug 2018 07:05:04 GMT
cache-control: no-cache, no-store
content-type: image/gif
timing-allow-origin: *
content-length: 42
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:04 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOBVb5x8tdUtMV7MTyGl6gk&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 289
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ
https://us-u.openx.net/w/1.0/sd?id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b

43 B
255 B

14ms
14ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.68.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:04 GMT
server: OXGW/16.68.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 28 Aug 2018 07:05:04 GMT
server: OXGW/16.68.2
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=e6dcfb654e23aa97a31d78c4e0fbea1b
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=IXZC4QKE6BDSVNBBOX54JQ&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=5tz7ZU4jqpejHXjE4PvqGw&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

28ms
28ms

Image
image/gif

54.246.125.195
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.125.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-125-195.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Tue, 28 Aug 2018 07:05:04 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=1669&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1113&an=31&gi=1&gf=1113&gg=31&ix=1113&ic=1113&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=31&ci=1113&jz=943&dj=1&aa=0&ad=949&cn=0&gk=949&gl=0&ik=949&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=943&cd=62&ah=943&am=62&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1160153399&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
S 200 669533596489996 Show response
connect.facebook.net/signals/config/ 82 KB
17 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/669533596489996?v=2.8.25&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c408e86d0e29b023cd88d94c6117da723c17ffc81e4b47b92dba8f1912fb33ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16553
x-xss-protection: 0
pragma: public
x-fb-debug: cfK/KXHidbnzs1XGKOU0JQy0LTbzmTiBm8JdADutEH1WT2KiAzjrpAlhl7akibhoNu8h0iE1iw0S6irbr9Kq+Q==
x-frame-options: DENY
date: Tue, 28 Aug 2018 07:05:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
294 B 19ms
6ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=669533596489996&ev=PageView&dl=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&rl=&if=false&ts=1535439904035&cd[segment_eid]=MKA2HHY3ENHVJD5V4RQ4BI%2CXRCCG2RSDBGFDEB4AN5IPE%2C45GZFZBG65GTZP2EESFCXP&sw=1600&sh=1200&v=2.8.25&r=stable&ec=0&o=29&it=1535439904017
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 28 Aug 2018 07:05:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=1670&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1113&an=1113&gi=1&gf=1113&gg=1113&ix=1113&ic=1113&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=1113&ci=1113&jz=943&dj=1&aa=0&ad=949&cn=949&gk=949&gl=949&ik=949&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=943&cd=943&ah=943&am=943&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=588737607&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=1671&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1113&an=1113&gi=1&gf=1113&gg=1113&ix=1113&ic=1113&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1113&bx=1113&ci=1113&jz=943&dj=1&aa=0&ad=949&cn=949&gk=949&gl=949&ik=949&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=943&cd=943&ah=943&am=943&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1954131513&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=1852&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1317&an=1112&gi=1&gf=1317&gg=1112&ix=1317&ic=1317&ez=1&ck=1112&kw=930&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1317&bx=1112&ci=1112&jz=930&dj=1&aa=1&ad=1168&cn=963&gn=1&gk=1168&gl=963&ik=1168&co=1168&cp=1137&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1137&cd=930&ah=1137&am=930&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=229614583&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=1873&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1318&an=1113&gi=1&gf=1318&gg=1113&ix=1318&ic=1318&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1318&bx=1113&ci=1113&jz=943&dj=1&aa=1&ad=1154&cn=949&gn=1&gk=1154&gl=949&ik=1154&co=1154&cp=1144&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1144&cd=943&ah=1144&am=943&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=608026249&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:04 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:04 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=480&w=640&fy=472.5&gp=358&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439900936&de=989603483111&cu=1535439900936&m=5586&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5031&an=1616&gi=1&gf=5031&gg=1616&ix=5031&ic=5031&ez=1&ck=1242&kw=1145&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5031&bx=1616&ci=1242&jz=1145&dj=1&aa=1&ad=4714&cn=1299&gn=1&gk=4714&gl=1299&ik=4714&co=1299&cp=1390&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4978&cd=1390&ah=4978&am=1390&rf=0&re=1&ft=4429&fv=1014&fw=640&wb=2&cl=0&at=0&d=58859187%3A2330032511%3A4705739487%3A138239552356&bo=298588227&bp=21625748602&bd=interstitial_a&zMoatPS=interstitial_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A1&fs=150929&na=2036159527&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:06 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:06 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=PENTONCONTENT1&ud=false&qm=0&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9Zp%5B)1xfq_GUKB%7BJ9AKqD(ao%5DDXx2Tlw4%26ExM_1g%2Bu6%40QV%3BO5FN6tRAlTJ%3F_v%3D(tN%23V.xm9%25KMD4YP%60T11K%3E(7b%5DQ%22_KF5%5D5%2F%5BGI%3F4Y~iD%3Dn%3CG.**s!%7D%2318YCC2J.bq!CASw%5EXm0o(%2FLyhqFBjK7%3DuCbR%7CDoD%3DhOIs11_iCuIE)5.Efn%3Bb%25r%2F%7DMCMYUWx%3DoFj9yG3%3FjGT%22WM%3DkoD%23%3BId%2FSC6ks%3CzKUExvR27ByCDT(OJF8psid%23a.dk%3FI4%3CVEtX%3EA)%2Cea*X%3Dy%3E%5B%25B7kE%3FSF(f%25%3BS%243O3P0oJU4b6W%3AGcS4(%5B*rUePpw4iqi%3CFEtmChkQPuf3%2BrNaU51%40%40HHzt%24bV%2F.4bIu%40vv%7DqB%3DmfV%7DDXwJd%5E%7CXoNFodK0p)%22wbSR%5Di3U1Il9OpPP%60%22AkM%22%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%2CJP%3Ch%2CqkAS%3Bx!93iPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23c%25%24(%3DNqUcRe%2Ba%2F%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&qq=001000000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=2267&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&cm=1&f=0&j=&o=3&t=1535439901713&de=485739441509&cu=1535439902077&m=5570&ar=de60227-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5066&cd=2&ah=5066&am=2&re=0&wb=1&cl=0&at=0&d=itprotoday.com%3AWhat%20is%20Mimikatz%3A__page__%3A-&gw=pentoncontent20495821&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98334&na=1337199027&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:07 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:07 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902151&de=568296097738&cu=1535439902151&m=5703&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5169&an=1317&gi=1&gf=5169&gg=1317&ix=5169&ic=5169&ez=1&ck=1112&kw=930&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5169&bx=1317&ci=1112&jz=930&dj=1&aa=1&ad=5020&cn=1168&gn=1&gk=5020&gl=1168&ik=5020&co=1168&cp=1137&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4992&cd=1137&ah=4992&am=1137&rf=0&re=0&wb=2&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324799&bo=298588227&bp=21625748602&bd=300_1_lft&zMoatPS=300_1_lft&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=675749272&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:07 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:07 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=5730&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5175&an=1318&gi=1&gf=5175&gg=1318&ix=5175&ic=5175&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5175&bx=1318&ci=1113&jz=943&dj=1&aa=1&ad=5011&cn=1154&gn=1&gk=5011&gl=1154&ik=5011&co=1154&cp=1144&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5001&cd=1144&ah=5001&am=1144&rf=0&re=0&wb=2&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=1448946786&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:08 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:08 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902328&de=319072944314&cu=1535439902328&m=5933&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5377&an=5175&gi=1&gf=5377&gg=5175&ix=5377&ic=5377&ez=1&ck=1113&kw=943&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5377&bx=5175&ci=1113&jz=943&dj=1&aa=1&ad=5213&cn=5011&gn=1&gk=5213&gl=5011&ik=5213&co=1154&cp=1144&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5206&cd=5001&ah=5206&am=5001&rf=0&re=0&wb=2&cl=0&at=0&d=15763947%3A2368727671%3A4764317265%3A138241720067&bo=298588227&bp=21625748602&bd=728_1_a&zMoatPS=728_1_a&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=1%3A0&fs=150929&na=323355730&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:08 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:08 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 6ms
5ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=1&qs=1&ak=-&i=PENTONMEDIA1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BA&qp=00000&is=voqBBkBBBBHhBBwBBZkJjBRCqUCY3CTCB6BXwUcu8gKCBS9lYBBBCCBpYFmR4BOZBBgSJTcBBBBBBBBHUoKOFCyz7BB3CZ6mv5TimBBe9oeCt9lXqBvBCfBBBBBBBBBBBBBBCBMBaBeBBkKzQClBeaKaMVMBj5iMPzyHVY9zqxknZlysGxCBcBBBC9CctORpnICyRBBB4OBBBBBBBBBBC9TiFF3dOKBCBBxBBBBBBBfBz1BD7fB3BpkBJUDyDCS6IDDDCCCCDDCCCCCCCBdh2eBBBGI79kNB8DJoDBBBBCiBBiB&iv=6&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.itprotoday.com%2Fmanagement-mobility%2Fwhat-mimikatz&f=0&j=&o=3&t=1535439902445&de=405823912984&cu=1535439902445&m=5816&ar=763aa27-clean&cb=0&ll=2&lm=0&ln=1&r=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=2267&le=1&gm=1&io=1&ct=undefined&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A50%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=0&pg=50&pf=50&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5102&cd=193&ah=5102&am=193&rf=0&re=0&wb=1&cl=0&at=0&d=15763947%3A2315416066%3A4683765308%3A138234324481&bo=298588227&bp=21625748602&bd=300_1_rht&zMoatPS=300_1_rht&gw=pentonmedia53440730609&zMoatOrigSlicer1=298588227&zMoatOrigSlicer2=21625748602&zMoatDomain=itprotoday.com&zMoatSubdomain=itprotoday.com&dfp=0%2C1&la=21625748602&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=1%3A0&fs=150929&na=1305681417&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.itprotoday.com/management-mobility/what-mimikatz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Aug 2018 07:05:08 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 28 Aug 2018 07:05:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.itprotoday.com
URL: https://www.itprotoday.com/ajax/penton-legal-comm-get-message

Domain: api-34-220-197-142.b2c.com
URL: https://api-34-220-197-142.b2c.com:444/api/4?Hzcfzqz9qtznhY5w

Domain: api-34-220-197-142.b2c.com
URL: https://api-34-220-197-142.b2c.com:444/api/4?cSxbfZYliJF6qOP6

Domain: api-34-220-197-142.b2c.com
URL: https://api-34-220-197-142.b2c.com:444/api/4?iewmC4i323p0Lmis

Domain: api-34-220-34-65.b2c.com
URL: https://api-34-220-34-65.b2c.com:444/api/4?crnuRs0waRRG2dz0

Domain: api-34-220-34-65.b2c.com
URL: https://api-34-220-34-65.b2c.com:444/api/4?SZbNr55INRNHb06e

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 67) Message: gdpr cookie not set
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 72) Message: gdprCookie==>on
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 76) Message: lpage==>notblocked
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	(Line 2) Message: step 1
console-api	log	(Line 4) Message: step 2
console-api	log	(Line 6) Message: step 3
console-api	log	(Line 8) Message: step 4
console-api	log	(Line 10) Message: step 5
console-api	log	(Line 12) Message: step 6
console-api	log	(Line 14) Message: step 7
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 133) Message: notemptyInterstitial
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 5) Message: logo_path->https://www.itprotoday.com/sites/all/themes/penton_subtheme_itprotoday/images/logos/footer.png
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 9) Message: variables undefined... waiting...
console-api	log	URL: https://assets.adobedtm.com/2ebe67d2ca0193084439038012c34f9112a85c00/scripts/satellite-58ec10b264746d32da004227.js(Line 14) Message: variables found... executing polar script
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 108) Message: adblockval
console-api	log	URL: https://www.itprotoday.com/management-mobility/what-mimikatz(Line 108) Message: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.de
api-34-220-197-142.b2c.com
api-34-220-34-65.b2c.com
api.b2c.com
api.demandbase.com
assets.adobedtm.com
assets.pinterest.com
bcp.crwdcntrl.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
embed.calculoid.com
ib.adnxs.com
idsync.rlcdn.com
img.en25.com
log.pinterest.com
og3i93vzhywk-a.akamaihd.net
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.advertising.com
pixel.rubiconproject.com
plugin.mediavoice.com
polarcdn-pentos.com
protect-us.mimecast.com
pubads.g.doubleclick.net
px.moatads.com
s.adroll.com
s.delvenetworks.com
s.dpmsrv.com
s1481.t.eloqua.com
scripts.demandbase.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
smetrics.itprotoday.com
ssl.google-analytics.com
static.chartbeat.com
stats.g.doubleclick.net
sync.outbrain.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
use.typekit.net
video.limelight.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.itprotoday.com
x.bidswitch.net
z.moatads.com
api-34-220-197-142.b2c.com
api-34-220-34-65.b2c.com
www.itprotoday.com
104.111.238.191
104.111.241.136
104.18.219.82
117.121.250.129
13.32.98.174
13.32.98.89
13.32.98.97
149.56.155.167
151.101.12.84
151.101.14.2
172.217.22.34
172.217.23.130
172.217.23.134
172.82.225.132
173.241.240.143
178.79.245.69
18.153.11.17
185.33.223.216
185.64.189.110
2.16.186.57
2.18.232.23
2.18.233.40
2.18.234.21
2.18.235.40
205.185.208.52
207.211.31.106
209.167.231.17
23.38.53.224
2400:cb00:2048:1::6811:3e57
2600:1480:3000:41::
2600:1f14:cc5:8001:cec8:c3b6:3190:d15e
2600:1f14:cc5:8002:3306:a3e5:c339:db18
2600:1f14:cc5:8002:8816:1c50:c32b:b4f1
2600:9000:20ac:7000:18:1fcd:348:2461
2a00:1288:110:833::4000
2a00:1450:4001:814::2008
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::2004
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
34.226.13.209
34.249.136.192
35.156.164.244
52.3.188.64
54.171.229.6
54.221.210.243
54.246.125.195
54.247.73.220
54.93.159.17
69.173.144.137
93.184.220.113
001bd9ccfa1e62b2fcfc16e5a7a7652dfcf2299ed3f9db1d0e321f4aa352c895
0842c72db6cd686ecc8c527001f406cd31b564755d09d714123cae0a58620273
0a7b685f109ddb5894bfc662e137cbbc2cd8f32f2ba0b2a51f56796c2b0d0027
0ac78725a5d1872849bd2d0e7f9a538a8a94ea12f41d573ef1270c7864c1987a
0c77171cf6014a3215682419106e199692e4bec9671650429d0502ce56d1062a
0f8b93eb848a04359fb96b0dfc67fe8376ddc70b809e09f3acd24c0c89fbc3ed
101801a7a8f6809143b714588e2c49dfd2fae930433c24a57b27eb5aa32df1f3
10a7711c82e85a368aae8b9e3803b9023fe9fe615f65c4fc46ed86074979351f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1181fc2363ddeb7e8bc12098cdd930ab584f4857bf230aa09f0cac4fa4edc766
12260d8e3e5f7c60dfda5731f3b77e1748c45fe480bec2d0cee49616dd48ae04
165a0b0be2f684bfbe827eea29a5d704d5b12faa88ffe48be2adbf58114be57e
1aec33dbddcd14fc3d2c6a6e6684e5046f02a88063d65b91a8363fb0992a100f
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1cee67d5be04d3b088873b1f748e35dc5891529fb5d0912e2627d75345ef37d6
1da58a56d822cd0dd5354771c969fd778c74f5100d3bbe0e77817c256e503ad0
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
1f1473e62d55983627140cd593e907e6be48c230a810abd404cc8eb83def7639
1f9dce458a02bff965ee50c8e1140145a80a84675611879ad7ecf5c4d7891087
21c3b79e09a9eb065be3e234626a96a53f4ec61d0a075c7563869cf716a0a66b
23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986
24e7f8c2fe01af8ca4ef7e8be928aa196fe7b5da82da99d7a9e609d3e416fcfd
26ff0cdffe8386668cc731eb1b189f403d7afde365998010eef2089886d5f458
288c0bc4632aa09b472ee094d6d06c8f046d65c5ea24000f8e473947b5778b31
294b569b2fd03fa6ad9c38d7c290c01f5f3779e943baffb63d8e64b0414abcd4
2d35a988d0bdd318646c216fa4b757a6bcbab34427895984e960bc332465c3b1
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
2fd8f852b0cc7f021bcc7ad1ad3e868b1e9e7934790725ac42720ce42e590915
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687
3238fa66139cc0181b3fbb74a9c622a2a5e0e8e5e91029c1d2f0a50c1ba23499
3504d4f9bc38321c107a5eb7c233bc61f11402582bf1a74f0d033745d10ec47b
38703e7f928279e1cc4d584a297d4833681feff0f7ebe3a2d1f219de515aea10
391d46a5a9d2383fd012f445101aa5c432e856f6f49293d9e4c5dc05efb7c792
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e9890108f9ace5126927ca71556d35baa56c178553d3fdf6c00586c12fa2564
3eb1d79659d9af273f8c97e4d1fbbc44669f2c834614d83d8d7231e85feffad3
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
40593a6bb4475cfe0e40946f44b57a46dafca8ac26ae21a0aca2d42d9829b4bf
41b9806cbf47d18fe7dd27095a3c86d5aa0fd9f565dd7ea5c1486c11680df6df
45067ff7787ed1cff6f56511c3edaa9ef03a2dbb1d045f032f045f985f3fedf8
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac
4abec3c8d11c31dbfbdedb567c796b0451d91ebd08420e49eb891403666f3ce6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518a3e9e084d0c0c65de0ece88304bd3aca1708dddd68de46b32e0608ba6ab60
51dd2084e7051ecd88a585abf0c85afaa94be1ec1e82f0bed1edf2db9c917ae3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599fbcf0afb3cb15a84b5f40ef05cca6bfb7251c86e5a9cee75b9864cb549dd7
5c69727f8a9961e5eb4cad1e3d462a38fefd6d66c427886cf4217183cd9e5bd8
5d7581d4d5355a53145dc63954d4ef6a9ff0e14e608709687b319dac83748ce7
618a5a55ae8bba4a9ca3f779b831e327f31cf600a0433d2e77364cc3b0080d3c
66bfeab465f1b4a317245e695c45231ef3d3e5d049a34e2b7ec1fc3918da04ad
69c1cea03a0d0cd4e8e5830c2b8836ef203a5550cc9c769911452d5fcb85b247
6adc3ad1f545424f39187573000bdf0bd130e0147c3ab389f831189dba31ba8c
6e9c6774dbbb0025dae9ed72301d09153fd6d59bfcf58179042a31faee3419f1
702ccff51d8e340e1a1988ee698fce8ff57809537ed1fbc0e2e7cfe774ee637d
70efdeff42d0723194656fdd5529f0895449ac02f5e4546dd89c027a669fb67d
73c5df3819337239019d0cde4493daa545320531ed87ff8653ea8173bd1cbd2d
78e5bf76280c3cd0c1c490211575819486da3bb92389f86e8919d91e3fbba054
78e7be846a8aebe6d18e3ec34183bf63ea02bb7308a05daf6312d46d06edbb82
79d474e185d860f49725b00f9334b2c1e1d3f5211d3f3e53040a7c8c8f2df5ae
81138af8c561541df314a4a9e88b655cf2ac72a3bce968e58b1c1e04b6b3148f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853bc4be7afe0923f46b278f617abf943551e17962af6ad404387b8cfff6d5f2
872e1d8cec45e7f42f4ed80e957faa8ab0966c812a3c52d9a64e58f0e546c27c
8a730774e3275f75ba53eae3695f8948adcd6fa9443bea58127a87d020406a63
8f1f3daea9ee20bcf5705bf0c9db05ac43a29a5b2c2cf3830d09c076446ad7d7
8f714c796933172a5bf419c4bb2199c88f4c4d32c93cc4843fcc4c2b20b44ef6
96151be6cbc7cbdbcf91515521728afe3411b3435e412d28cd42b542a5f5d9f0
965b4eea6a991c4e10e006e8050cc9d0a5be8447d4cc0478e447e33b1e932841
98089e6d36f78e9766c9ea34d5acb3611f3a92cd81c5eb102095d924ffc7d08b
9842ee9628926d84377536cc79c0bfed768ceec94a761007ba0a359f1f9efcfe
9a670c55a65b74a0c5283c6d3e681335d322979b474f1f4ec2df2cf8df47ff56
9b4426ed92c16b452ce5b2bfa6f6754f784cb5164eb568a4968a444c2587e909
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9edf7e644e12112fb314122d043c6d731610c7a9cb3a04af8a5cbefd7b682f13
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a54ada34dc82db4b43985e36290329a6557f6a34872ffc7dce8f3d01a97659e6
a73c1a22aaba1908b9ec1e721340ed52b0189317c458154032148f640b978460
a91084723850c74b04c1e7957c1a54f1e1873396cd90a55d25ee733495229cd1
b0d2dd268e1387880b1ecef4901920cc027c519876caa402f4bc76c55ab9e115
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b372ffb82df9022379106618e77decbbe8dc7272d1a7668aa4e9e380f2dba37e
b3e2a381253ac0ca3051d48f841207aff92743c36274cd8e158cc28fe5618d03
ba4f6d82047b2d4b76e2e2a28c206b489e6a84f97c63291f06284cfee7fd42b1
baf050d685cb38b59d8108170868b9a71b786f9671fb1b3e57034573be0e78e6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0f513ef3a9cd25362568afc5ee9c1494c653bf2b04b386e9bc9f520d8adc561
c2cff65c8da08bb1c87cb9acebbf4f632925ea9b46cd61cd12f575e7d95725c5
c389d2c60cd588381a115d2bad194492123fbd5b73f86a85149ec4e5de8503f6
c3e284361322b6e49157e26d6e3619693542192ac81eb7dd20eaefd8eba5eb3d
c408e86d0e29b023cd88d94c6117da723c17ffc81e4b47b92dba8f1912fb33ec
c4a1ef9deef1b5a9af2e75eccfce45a5ddb742aa92571e0d7b3a59230179cca0
c4f5adbeba2f2829356da1a3bf546eea0d53a856a56be83ceaca685b3c42a385
c6dd058543ca147289230fb4d3749fc7b7e62530d79cc0147e8018b46feb2aa6
cc64f983295551ca94b188fdd2b1195a0b72609115d03a8dbd3231798a00b2f3
cd7ef3470790333dc1242956969a7e5715e36b073c41bf5bb7b971244dc37d4d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0554b64f545870f0a5683ecb0ed32795df21576e14aa6b7f281c78d88bc207f
d35f8025aee4ca8ca59548d72f24d22d62b270b046102e6b258140959a18e111
d902e0d106af907b11062e85594713c4cfa660f1bb2f94cd82df6e4b7ca96384
da1d7bfe44434bdedb022f6917e5bb7acec32d6735d3cbb729e171590af4df93
db24fe8ee6b55d3ee90232e6e7e32c8136ebd7017b12261f77d3b909ce7207c7
dfdc11e2fb8b09465c20afcdb048552e197af37e0377785e2cb150e432d536c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d4811947a677b69190e0c75c74f5766ec90dbf72d28858dadefdb089fd07b3
e6f6d66459cdaf4ccd8b6a49546f78a77215acef509b0c771738e5c93ddfc2e9
e8c7b0c163fdad9ffdde6cfcad8ef1446e316a3032980ce06ac3d8da4344b710
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170
ed625eac0d6401941d0dc3cd4a5a511a25a9d7d73bfa1c1501d49c952ce5a4e1
ee8c01493285d346f8278ae0ff01633abd39e181d0c1106076d9cb2f6d9fd50a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3bd482cd3ec17583f25ad0819d1ccbcd0cdcb0fe26f8d87b7f30fd61b3dc640
f4a3128164a85904d143a851bc4afc99129da1815e5eef8df5c15ff4b82d6f69
f7d3a5e83ab0db74bd9ce3800f7e2b57083a45d72048eb0a1ec59ea71d5d1c7d

www.itprotoday.com Open in urlscan Pro 2400:cb00:2048:1::6811:3e57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

204 Requests

97 %HTTPS

30 %IPv6

42 Domains

59 Subdomains

54 IPs

9 Countries

1914 kBTransfer

5885 kBSize

0 Cookies

25 Outgoing links

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.itprotoday.com Open in urlscan Pro
2400:cb00:2048:1::6811:3e57 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

97 %
HTTPS

30 %
IPv6

42
Domains

59
Subdomains

54
IPs

9
Countries

1914 kB
Transfer

5885 kB
Size

0
Cookies

204 HTTP transactions
5 data transactions