urlscan.io logo urlscan.io
SecurityTrails logo

www.fireeye.com Open in urlscan Pro
2a02:e980:d::ba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/e5T1w547UZ
Effective URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerabili...
Submission: On January 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 8 countries across 27 domains to perform 68 HTTP transactions. The main IP is 2a02:e980:d::ba, located in United States and belongs to INCAPSULA, US. The main domain is www.fireeye.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 7th 2018. Valid for: 2 years.
This is the only time www.fireeye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.244.42.197 13414 (TWITTER)
1 1 2a02:e980:13::ba 19551 (INCAPSULA)
28 2a02:e980:d::ba 19551 (INCAPSULA)
1 1 95.100.142.38 16625 (AKAMAI-AS)
1 13.108.248.135 14340 (SALESFORCE)
2 104.17.70.206 13335 (CLOUDFLAR...)
3 23.210.248.44 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
1 172.217.23.98 15169 (GOOGLE)
2 95.101.176.176 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 2 172.217.16.198 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.210.250.213 16625 (AKAMAI-AS)
1 104.244.42.67 13414 (TWITTER)
1 13.108.249.7 14340 (SALESFORCE)
1 183.79.249.252 24572 (YAHOO-JP-...)
1 192.28.147.68 53580 (MARKETO)
1 13.110.64.53 14340 (SALESFORCE)
1 182.22.30.220 23816 (YAHOO Yah...)
2 2a00:1288:f03... 10310 (YAHOO-1)
1 66.117.29.6 15224 (OMNITURE)
68 30
2    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a02:e980:13::ba (United States)

ASN19551 (INCAPSULA, US)
fireeye.com
28    2a02:e980:d::ba (United States)

ASN19551 (INCAPSULA, US)
www.fireeye.com
1    95.100.142.38 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-142-38.deploy.static.akamaitechnologies.com
cloud.typography.com
1    13.108.248.135 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ord.la1-c2-ord.salesforceliveagent.com
c.la2c2.salesforceliveagent.com
2    104.17.70.206 (United States)

ASN13335 (CLOUDFLARENET, US)
www2.fireeye.com
3    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
2    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)
js.maxmind.com
1    2a02:26f0:10c:399::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
www.googleadservices.com
2    95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:34::75 (United States)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
8443343.fls.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    13.108.249.7 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ord.la1-c2-ord.salesforceliveagent.com
d.la2c2.salesforceliveagent.com
1    183.79.249.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
s.yimg.jp
1    192.28.147.68 (United States)

ASN53580 (MARKETO, US)
848-did-242.mktoresp.com
1    13.110.64.53 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg1-c6-iad5.la1-c1-ia5.salesforceliveagent.com
d.la1-c1-ia5.salesforceliveagent.com
1    182.22.30.220 (Tokyo, Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
b91.yahoo.co.jp
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
1    66.117.29.6 (United States)

ASN15224 (OMNITURE, US)
fireeye.tt.omtrdc.net
Domain Requested by
28 www.fireeye.com t.co
www.fireeye.com
www.googletagmanager.com
2 s.yimg.com t.co
www.fireeye.com
2 www.facebook.com www.fireeye.com
connect.facebook.net
2 connect.facebook.net t.co
connect.facebook.net
2 8443343.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 px.ads.linkedin.com 1 redirects www.fireeye.com
2 www.google.de www.fireeye.com
2 www.google.com 1 redirects www.fireeye.com
2 munchkin.marketo.net www.googletagmanager.com
munchkin.marketo.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 bat.bing.com www.googletagmanager.com
www.fireeye.com
2 js.maxmind.com www.fireeye.com
2 www.googletagmanager.com www.fireeye.com
www.googletagmanager.com
2 s7.addthis.com www.fireeye.com
2 www2.fireeye.com www.fireeye.com
www2.fireeye.com
2 t.co www.fireeye.com
1 fireeye.tt.omtrdc.net www.fireeye.com
1 b91.yahoo.co.jp www.fireeye.com
1 d.la1-c1-ia5.salesforceliveagent.com www.fireeye.com
1 848-did-242.mktoresp.com www.fireeye.com
1 s.yimg.jp www.googletagmanager.com
1 v1.addthisedge.com s7.addthis.com
1 d.la2c2.salesforceliveagent.com www.fireeye.com
1 analytics.twitter.com www.fireeye.com
1 z.moatads.com s7.addthis.com
1 googleads.g.doubleclick.net www.fireeye.com
1 www.linkedin.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
1 c.la2c2.salesforceliveagent.com www.fireeye.com
1 cloud.typography.com 1 redirects
1 fireeye.com 1 redirects
68 34
Subject Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
fireeye.com
Entrust Certification Authority - L1K		 2018-05-07 -
2020-05-06		 2 years crt.sh
la1-c2-ord.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2018-07-31 -
2020-07-30		 2 years crt.sh
www2.fireeye.com
CloudFlare Inc ECC CA-2		 2019-04-06 -
2020-04-06		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.maxmind.com
COMODO RSA Organization Validation Secure Server CA		 2018-10-15 -
2020-11-06		 2 years crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2018-12-24 -
2020-03-24		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.yahoo.co.jp
Cybertrust Japan Public CA G3		 2019-09-24 -
2020-10-23		 a year crt.sh
*.mktoresp.com
GeoTrust RSA CA 2018		 2018-02-05 -
2020-02-05		 2 years crt.sh
la1-c1-ia5.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2019-05-14 -
2021-05-13		 2 years crt.sh
rd.listing.yahoo.co.jp
Cybertrust Japan Public CA G3		 2019-08-30 -
2020-09-29		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-01-21 -
2020-03-06		 a month crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-19 -
2020-11-25		 3 years crt.sh

This page contains 2 frames:

Primary Page: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Frame ID: 81B7C0CD8D7D2F79C9C47007913B8829
Requests: 77 HTTP requests in this frame

Frame: https://8443343.fls.doubleclick.net/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Frame ID: 05D80E2674E5FAEEE61E83DF244A3C3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/e5T1w547UZ Page URL
  2. https://fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-re... HTTP 301
    https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

48 %
IPv6

27
Domains

34
Subdomains

30
IPs

8
Countries

3127 kB
Transfer

5171 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/e5T1w547UZ Page URL
  2. https://fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html HTTP 301
    https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cloud.typography.com/6746836/6977592/css/fonts.css HTTP 302
  • https://www.fireeye.com/content/dam/fireeye-www/fw/f/651819/F3FCCD5E6343B3320.css
Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368291063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&dr=https%3A%2F%2Ft.co%2Fe5T1w547UZ&ul=en-us&de=UTF-8&dt=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1971667323&gjid=289580258&cid=1062655896.1579707244&tid=UA-363943-1&_gid=1372948908.1579707244&_r=1&gtm=2wg181MVGC8KK&z=1822308997 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_gid=1372948908.1579707244&gjid=289580258&_v=j79&z=1822308997 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997&slf_rd=1&random=3836899627
Request Chain 33
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&time=1579707243753 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6572%26url%3Dhttps%253A%252F%252Fwww.fireeye.com%252Fblog%252Fproducts-and-services%252F2020%252F01%252Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html%26time%3D1579707243753%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&time=1579707243753&liSync=true
Request Chain 34
  • https://8443343.fls.doubleclick.net/activityi;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html HTTP 302
  • https://8443343.fls.doubleclick.net/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
e5T1w547UZ
t.co/ 		528 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/e5T1w547UZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ea591f278d30c27a58315de5a5102860bc4b61ada3c0e6e2e1fdbf19fab6b525
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/e5T1w547UZ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
250
content-type
text/html; charset=utf-8
date
Wed, 22 Jan 2020 15:34:02 GMT
expires
Wed, 22 Jan 2020 15:39:02 GMT
server
tsa_o
set-cookie
muc=994f6e0c-1d3b-43fd-b4b1-a34c776e0921; Max-Age=63072000; Expires=Fri, 21 Jan 2022 15:34:02 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
a6745ebd5b9c8753169f3d5ac8f12512
x-response-time
121
x-xss-protection
0
Primary Request fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
www.fireeye.com/blog/products-and-services/2020/01/
Redirect Chain
  • https://fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
  • https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
95 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Requested by
Host: t.co
URL: https://t.co/e5T1w547UZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f1eed34ee53069fa479ce9063dff30eb16e5db2411d20ccf7136ac61890a5298
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.fireeye.com
:scheme
https
:path
/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://t.co/e5T1w547UZ
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://t.co/e5T1w547UZ

Response headers

status
200
accept-ranges
bytes
cache-control
no-cache="set-cookie"
content-encoding
gzip
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-type
text/html; charset=UTF-8
date
Wed, 22 Jan 2020 15:34:03 GMT
etag
"17bd1-59cbc3c0e199e-gzip"
last-modified
Wed, 22 Jan 2020 15:32:38 GMT
set-cookie
AWSELB=F33FE3570E13943BCC35AAB1BBA4B9E9759295F2A3963E71B1BA799201318376B930D025167CE6505E9A4FE9FFFBEBF458890C1733F7C152DA1ED8826FA7D185D33D884FBE;PATH=/;MAX-AGE=900 visid_incap_153517=QDZiNTttTHK1/9yWl1Aeq2prKF4AAAAAQUIPAAAAAADP8TAVD9STFcUtuOms0V4M; expires=Thu, 21 Jan 2021 10:40:11 GMT; path=/; Domain=.fireeye.com nlbi_153517=at04bMgmoR6KmrTG2auQYQAAAABw83iNOFDBglPqfWSE217f; path=/; Domain=.fireeye.com incap_ses_260_153517=wjJ0EWV8RFYYfjPK7eubA2prKF4AAAAAEhQzOcMmIMFkeoTQegxykQ==; path=/; Domain=.fireeye.com
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff nosniff
x-dispatcher
dispatcher1uswest1
x-frame-options
ALLOW-FROM https://content.fireeye.com
x-vhost
publish
x-xss-protection
1; mode=block
x-iinfo
3-16375685-16375686 NNNY CT(0 0 0) RT(1579707242344 0) q(0 0 0 0) r(2 3) U12

Redirect headers

status
301
location
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
content-length
0
strict-transport-security
max-age=31536000
jquery.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375705-16375686 PNNy RT(1579707242755 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
38305
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:21 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"1baa2-58e925bdaf940-gzip"
accept-ranges
bytes
csrf.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fbcc2c7d4dfbc5d0251c789843b8d7edf25306dfa23188ad267e2786357233c0
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375706-16375707 NNNY CT(0 0 0) RT(1579707242758 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1676
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:21 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"f3e-58e925bdaf940-gzip"
accept-ranges
bytes
clientlibs_nav.min.js
www.fireeye.com/etc/designs/fireeye-www/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_nav.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
201509acaf1a9afdbeb88068bb7a0d7114bc6254e1ef032789290f1335eb54b0
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375708-16375709 NNNY CT(0 0 0) RT(1579707242759 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
3406
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 04:15:12 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"2a7a-5998e1ba8b400-gzip"
accept-ranges
bytes
F3FCCD5E6343B3320.css
www.fireeye.com/content/dam/fireeye-www/fw/f/651819/
Redirect Chain
  • https://cloud.typography.com/6746836/6977592/css/fonts.css
  • https://www.fireeye.com/content/dam/fireeye-www/fw/f/651819/F3FCCD5E6343B3320.css
245 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/content/dam/fireeye-www/fw/f/651819/F3FCCD5E6343B3320.css
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
67a99837e80451fd25c1abdf9c96a984bf2aff964034155311361e47213f748b
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
status
200
x-iinfo
3-16375726-16375707 PNNy RT(1579707242814 0) q(0 1 1 -1) r(2 4) U12
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
last-modified
Wed, 04 Apr 2018 18:35:15 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css
etag
"3d5e0-5690a15823ec0-gzip"
accept-ranges
bytes

Redirect headers

Date
Wed, 22 Jan 2020 15:34:03 GMT
Last-Modified
Wed, 04 Apr 2018 18:37:39 GMT
Server
Apache
ETag
"115e2100d163a3d87ac532e0b7ef66d5:1522867059"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://www.fireeye.com/content/dam/fireeye-www/fw/f/651819/F3FCCD5E6343B3320.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Wed, 22 January 2020 15:34:03 GMT
patch.css
www.fireeye.com/content/dam/fireeye-www/fw/css/ 		559 B
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/content/dam/fireeye-www/fw/css/patch.css
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1658ce76f85d7484329e8b1af212597c2e68c19955bba460567514f0a3bd8d92
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
publish
status
200
x-iinfo
3-16375710-16375711 NNNN CT(155 156 0) RT(1579707242763 0) q(0 0 3 -1) r(5 5) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
281
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jul 2019 19:55:15 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css
etag
"22f-58cf47916cec0-gzip"
accept-ranges
bytes
clientlibs_fw-2019.min.css
www.fireeye.com/etc/designs/fireeye-www/ 		207 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw-2019.min.css
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a8686085bedfe95bbd6ba2d40ff04dc10e0c09a6cd35381d9564b171495b1ef6
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375712-16375713 NNNN CT(155 156 0) RT(1579707242764 0) q(0 0 3 -1) r(5 7) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
40608
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 04:15:12 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css
etag
"33bcc-5998e1ba8b400-gzip"
accept-ranges
bytes
clientlibs_base.min.css
www.fireeye.com/etc/clientlibs/fireeye-blog/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/clientlibs/fireeye-blog/clientlibs_base.min.css
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
757eb886edd9a887fc95b701c88b08191eb743657027636c0c9d4973547ebb4a
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375714-16375715 NNNN CT(156 155 0) RT(1579707242765 0) q(0 0 3 -1) r(5 5) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1501
x-xss-protection
1; mode=block
last-modified
Fri, 04 Oct 2019 04:55:04 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
text/css
etag
"1507-5940e81577a00-gzip"
accept-ranges
bytes
utils.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/clientlibs/granite/utils.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375716-16375709 PNNy RT(1579707242766 0) q(0 2 2 -1) r(3 3) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
3706
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:21 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"26ad-58e925bdaf940-gzip"
accept-ranges
bytes
granite.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375717-16375686 PNNy RT(1579707242767 0) q(0 3 3 -1) r(5 5) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1702
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:21 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"f90-58e925bdaf940-gzip"
accept-ranges
bytes
jquery.min.js
www.fireeye.com/etc.clientlibs/foundation/clientlibs/ 		16 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/foundation/clientlibs/jquery.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375718-16375709 PNYy RT(1579707242768 0) q(0 3 3 -1) r(5 5) U12
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:45 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
User-Agent
content-type
application/javascript
etag
"10-58e925d492f40"
accept-ranges
bytes
shared.min.js
www.fireeye.com/etc.clientlibs/foundation/clientlibs/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/foundation/clientlibs/shared.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4086c8cd4c3361452c1c1da9af3034fc90f4a375c4f6195f31d6dcf1c7b56f00
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375719-16375711 PNNN RT(1579707242769 0) q(0 5 5 -1) r(6 6) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
6920
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:45 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"5e7e-58e925d492f40-gzip"
accept-ranges
bytes
modern.min.js
www.fireeye.com/etc.clientlibs/clientlibs/granite/lodash/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/clientlibs/granite/lodash/modern.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375720-16375715 PNNN RT(1579707242770 0) q(0 5 5 -1) r(7 7) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
11784
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2017 06:49:31 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"87c8-55bb8866db4c0-gzip"
accept-ranges
bytes
kernel.min.js
www.fireeye.com/etc.clientlibs/cq/personalization/clientlib/personalization/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
79b2448738716f0daf11d4a206e105e3b79e9d082f9c9bf4ad2bd55e591a1a3c
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375721-16375686 PNNy RT(1579707242771 0) q(0 5 5 -1) r(7 7) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
26194
x-xss-protection
1; mode=block
last-modified
Fri, 26 Jul 2019 09:42:47 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:03 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"1dd96-58e925d67b3c0-gzip"
accept-ranges
bytes
deployment.js
c.la2c2.salesforceliveagent.com/content/g/js/34.0/ 		40 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.la2c2.salesforceliveagent.com/content/g/js/34.0/deployment.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.248.135 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ord.la1-c2-ord.salesforceliveagent.com
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
3aadac47cf44df595934bec631a78bf2ba62081ab95528e684a85b4c74453e77

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 15:34:03 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Fri, 29 Nov 2019 16:32:14 GMT
Server
Jetty(9.4.z-SNAPSHOT)
Accept-Ranges
bytes
Content-Length
41338
Content-Type
application/javascript
fireeye-2-color.png
www.fireeye.com/content/dam/fireeye-www/fw/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fireeye.com/content/dam/fireeye-www/fw/images/fireeye-2-color.png
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2f454290d840efc756bf1009cfa026cbb69b657d41f8962e63427f001374c495
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
x-content-type-options
nosniff
last-modified
Mon, 25 Feb 2019 20:12:45 GMT
etag
"e54-582bd904dc940"
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
image/png
status
200
x-iinfo
3-16375722-16375715 PNNN RT(1579707242771 0) q(0 7 7 -1) r(8 8) U12
date
Wed, 22 Jan 2020 15:34:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
3668
x-xss-protection
1; mode=block
vision-promo-400x300.gif
www.fireeye.com/content/dam/fireeye-www/vision/assets/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fireeye.com/content/dam/fireeye-www/vision/assets/images/vision-promo-400x300.gif
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1bd7f4e0046709278c0eea6fdb53df44dd4d14e7d6878330a5652c36aca53ff3
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
x-content-type-options
nosniff
last-modified
Wed, 18 Dec 2019 20:56:16 GMT
etag
"1f27ae-59a00acf57c00"
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
image/gif
status
200
x-iinfo
3-16375723-16375686 PNNy RT(1579707242772 0) q(0 7 7 -1) r(8 8) U12
date
Wed, 22 Jan 2020 15:34:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2041774
x-xss-protection
1; mode=block
forms2.min.js
www2.fireeye.com/js/forms2/js/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.fireeye.com/js/forms2/js/forms2.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 15 Jan 2020 18:37:37 GMT
server
cloudflare
age
1756
etag
"480c26-2a546-59c3200aa1e40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400
cf-ray
559297022b77bddc-AMS
expires
Wed, 22 Jan 2020 19:34:03 GMT
clientlibs_fw.min.js
www.fireeye.com/etc/designs/fireeye-www/ 		176 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw.min.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c13d407e35f86bdaa09b6f2874d0a389130f44788e1040a3f1d08a05c770140a
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375739-16375711 PNNN RT(1579707243096 0) q(0 3 3 -1) r(5 5) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
52682
x-xss-protection
1; mode=block
last-modified
Fri, 13 Dec 2019 04:15:12 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:04 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"2be2b-5998e1ba8b400-gzip"
accept-ranges
bytes
addthis_widget.js
s7.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 20:57:37 GMT
server
nginx/1.15.8
etag
W/"5e2765c1-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
date
Wed, 22 Jan 2020 15:34:03 GMT
x-host
s7.addthis.com
content-length
114924
_Incapsula_Resource
www.fireeye.com/ 		121 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=555183332
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6798d98d141c0f2a801293867faeba2b3fceadbb1b5cd1ec37ec59b77cc2aef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache
x-robots-tag
noindex
content-length
17712
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8700932df38c372bb997e1425dbdcec8634be78d39dde0aa04bd2e9ddf8f6c61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
br
last-modified
Wed, 22 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
63701
x-xss-protection
0
expires
Wed, 22 Jan 2020 15:34:03 GMT
token.json
www.fireeye.com/libs/granite/csrf/ 		2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/libs/granite/csrf/token.json
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:03 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/json;charset=iso-8859-1
status
200
x-iinfo
3-16375738-16375709 PNYy RT(1579707243094 0) q(0 2 2 -1) r(4 4) U12
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
x-xss-protection
1; mode=block
expires
-1
me
js.maxmind.com/geoip/v2.1/country/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.maxmind.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fwww.fireeye.com
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e8d381255db594089fcc7664987199d386849d20d938b498d408bd9d0530ad

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
559297015b739772-FRA
content-length
761
insight.min.js
sjs.bizographics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 15:34:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=22642
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 04388985B84C45FE8D4062C960DD41C9 Ref B: FRAEDGE0407 Ref C: 2020-01-22T15:34:03Z
access-control-allow-origin
*
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3630
date
Wed, 22 Jan 2020 14:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 22 Jan 2020 16:33:33 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
age
26399
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19134-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1579707244.783921,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9920
x-xss-protection
0
server
cafe
etag
4870430129932666244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Jan 2020 15:34:03 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8443343
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e7c24ea6d840d2145dd0186f99d9055f3f4b037e1aed9593a9d0ef4cb5d2e9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
br
last-modified
Wed, 22 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27826
x-xss-protection
0
expires
Wed, 22 Jan 2020 15:34:03 GMT
marketoCookieServlet.js
www.fireeye.com/bin/ 		286 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/bin/marketoCookieServlet.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
54e4fe4494ee9ab2fdd2b4bd8891891dd8d3ffc40dbbac762123405a90b1edfb
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-vhost
publish
status
200
x-iinfo
3-16375742-16375709 PNNy RT(1579707243136 0) q(0 3 3 -1) r(4 4) U12
strict-transport-security
max-age=31536000; includeSubDomains
content-length
198
x-xss-protection
1; mode=block
last-modified
Wed, 22 Jan 2020 15:30:02 GMT
x-frame-options
ALLOW-FROM https://content.fireeye.com
date
Wed, 22 Jan 2020 15:34:04 GMT
vary
Accept-Encoding,User-Agent
content-type
application/javascript
etag
"11e-59cbc32c28f09-gzip"
accept-ranges
bytes
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-176-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a6ce7e8796b3ad20ebca195d3424b34e0397063ae0fa76e340ca1c263694f99

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 15:34:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 02:01:16 GMT
Server
Apache
ETag
"0b691ed6f4fce14e966035ea72b61af4:1578967276"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=368291063&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-ioc...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_gid=1372948908.1579707244&gjid=289580258&_v=j79&z=1822308997
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997&slf_rd=1&random=3836899627
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997&slf_rd=1&random=3836899627
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-363943-1&cid=1062655896.1579707244&jid=1971667323&_v=j79&z=1822308997&slf_rd=1&random=3836899627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerabilit...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6572%26url%3Dhttps%253A%252F%252Fwww.fireeye.com%252Fblog%252Fproducts-and-servic...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerabilit...
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&time=1579707243753&liSync=true
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:04 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
yGkQb14/7BVA8tZBKCsAAA==

Redirect headers

date
Wed, 22 Jan 2020 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
status
302
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-pop
prod-efr5
content-length
20
x-li-uuid
6D2FY14/7BWAK8WojisAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6572&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&time=1579707243753&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-servic...
8443343.fls.doubleclick.net/ Frame 05D8
Redirect Chain
  • https://8443343.fls.doubleclick.net/activityi;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-serv...
  • https://8443343.fls.doubleclick.net/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fire...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8443343.fls.doubleclick.net/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8443343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8443343.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 22 Jan 2020 15:34:03 GMT
expires
Wed, 22 Jan 2020 15:34:03 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
401
x-xss-protection
0
set-cookie
IDE=AHWqTUkgxytdpdOnW_ko8XBZWptbhWAz2CbSDoXVf1P2oVBMwQAVbp6jGPP-PBDn; expires=Mon, 15-Feb-2021 15:34:03 GMT; path=/; domain=.doubleclick.net; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 22 Jan 2020 15:34:03 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8443343.fls.doubleclick.net/activityi;dc_pre=CPSp-ojEl-cCFTVY5QodQuUOag;src=8443343;type=sitew0;cat=firee0;ord=8247426911779;gtm=2od181;auiddc=928810864.1579707244;u1=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html;~oref=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 22-Jan-2020 15:49:03 GMT; path=/; domain=.doubleclick.net; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t.co
URL: https://t.co/e5T1w547UZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
TAtYMvmlEvEoS3Nij7yWbjkwZ8wKqPdh5DLJ8KMN8BqItu0hb9HIZqFEUdDMYuHBqSspt0wJl6DN07/rlPy+/w==
x-fb-trip-id
2000377899
date
Wed, 22 Jan 2020 15:34:03 GMT, Wed, 22 Jan 2020 15:34:03 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5870833&Ver=2&mid=83210b57-f8ed-fd61-9463-ffeff3d2b5de&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&p=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&r=https%3A%2F%2Ft.co%2Fe5T1w547UZ&evt=pageLoad&msclkid=N&rn=889741
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: C063FB1682A84B5284E939F834EEBA13 Ref B: FRAEDGE0407 Ref C: 2020-01-22T15:34:03Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1847206522249226
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1847206522249226?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0513ee972740cc3c2061689181fd2200f087413d804345de7ac5d05a2d3b0d8f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114948
x-xss-protection
0
pragma
public
x-fb-debug
TDWgeOxWEujKVw7cH65KbLW1aNsO//M25lN8DQ3C0vIUlWigCNYN0CMx6gmOSlRhiFaznf3zSSDayeDLgkzGtQ==
x-fb-trip-id
2000377899
date
Wed, 22 Jan 2020 15:34:03 GMT, Wed, 22 Jan 2020 15:34:03 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw2v7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Wed, 22 Jan 2020 15:34:03 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a6745ebd5b9c8753169f3d5ac8f12512
x-transaction
001ae47e00650f8e
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1847206522249226&ev=PageView&dl=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&rl=https%3A%2F%2Ft.co%2Fe5T1w547UZ&if=false&ts=1579707243816&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1579707243815.395557116&it=1579707243786&coo=false&rqm=GET
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:03 GMT, Wed, 22 Jan 2020 15:34:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 22 Jan 2020 15:34:03 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1063990389/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1063990389/?random=1579707243819&cv=9&fst=1579707243819&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg181&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&ref=https%3A%2F%2Ft.co%2Fe5T1w547UZ&tiba=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b27f8e50df8542ab93bc6a0f582d6ba98d70072dfe548b586fe56c673e11681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1143
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1063990389/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1063990389/?random=1579707243819&cv=9&fst=1579705200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg181&sendb=1&frm=0&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&ref=https%3A%2F%2Ft.co%2Fe5T1w547UZ&tiba=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&async=1&fmt=3&is_vtc=1&random=275526994&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1063990389/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1063990389/?random=1579707243819&cv=9&fst=1579705200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg181&sendb=1&frm=0&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&ref=https%3A%2F%2Ft.co%2Fe5T1w547UZ&tiba=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&async=1&fmt=3&is_vtc=1&random=275526994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
752c7139c09399f8cddbab1d71aeb083524c9b8c03bd2e4b90a966f5a2bdc763

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
fireicons.woff
www.fireeye.com/content/dam/fireeye-www/fw/f/ 		72 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/content/dam/fireeye-www/fw/f/fireicons.woff?mva1rk
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1de5a2b057fc1fd85e8b3ccffa91101c8304a88b32fccb33e19d7657a1460dae
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw-2019.min.css
Origin
https://www.fireeye.com

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Sep 2019 21:47:18 GMT
date
Wed, 22 Jan 2020 15:34:04 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/x-font-woff
status
200
x-iinfo
3-16375768-16375709 PNNy RT(1579707243617 0) q(0 0 0 -1) r(1 3) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-length
36804
x-xss-protection
1; mode=block
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c3f798bdde59c64755a4c33767a0e71b52dd39c21f4ab89fd12634582f3bed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d1e4ec6235dcfe83b8acd4b53c23c0219f907814d53e3f7802bee9a6a30d6d7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47ab2c68d4d2a483c9acca1adfa39a747e60d90ebc2d4a20e286f4395f5b155d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c4592519a4cfc8940c9f97d6e2474547e5727f21672bc4f6207f96bb9d43211

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08d28b17f25567ddd8c194c6e0fda5f91fb0348eca5da3d3e4e430913b299bcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af3448cd96702455db358ac221e082df9ffb5f43bb3c69df18b9ae2fe4a552b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3def2fdee0e6288ea076c7c2d0db897efec9762062cfb7a52b0d4087eeb212eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcf5ca1256b444bb0c6f30c83a6b56833fea661c7ebaa04e66b245cf8e3c2aef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bd4ef669f2dc4574947479804de0667ceee407931d7088b8021ee925b1fc693

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.fireeye.com

Response headers

Content-Type
application/x-font-woff2
getForm
www2.fireeye.com/index.php/form/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.fireeye.com/index.php/form/getForm?munchkinId=848-DID-242&form=3353&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&callback=jQuery112407710181319165259_1579707244294&_=1579707244295
Requested by
Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		0
76 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary9qmc3rAAvp5bQwR0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://www.fireeye.com
date
Wed, 22 Jan 2020 15:34:04 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 15:34:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
44F36A7E5503EFD2
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=30705
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
oHBUgg2Oj5pK0QQXXOzoagkYOxKdK6e002JN34Wg9N3QQYy2+t/OPlfVe5S14r+v8UpnJhaEELY=
me
js.maxmind.com/geoip/v2.1/country/ 		761 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.maxmind.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fwww.fireeye.com
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957a8277a55a1a49913966920d53bbf1fb0d21ba53c026aadc36eb61299ad5a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com

Response headers

date
Wed, 22 Jan 2020 15:34:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
559297067a9f9772-FRA
content-length
761
segmentation.segment.js
www.fireeye.com/etc/ 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/segmentation.segment.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
x-content-type-options
nosniff, nosniff
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/x-javascript
status
200
x-iinfo
3-16375800-16375709 PNNy RT(1579707243953 0) q(0 0 0 -1) r(2 2) U12
date
Wed, 22 Jan 2020 15:34:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
content-length
0
x-xss-protection
1; mode=block
stores.init.js
www.fireeye.com/etc/clientcontext/default/content/jcr:content/ 		2 KB
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/clientcontext/default/content/jcr:content/stores.init.js?path=%2Fcontent%2Ffireeye-www%2Fen_US%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability&_=1579707243691
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
83c3b24b776636702187d99058fdaabc4441087ea0577892d7e063b5ca0f98f3
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:04 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
text/javascript;charset=iso-8859-1
status
200
x-iinfo
3-16375801-16375711 PNNN RT(1579707243956 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-length
772
x-xss-protection
1; mode=block
munchkin.js
munchkin.marketo.net/156/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/156/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-176-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 22 Jan 2020 15:34:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 20:22:41 GMT
Server
Apache
ETag
"24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4198
Expires
Fri, 01 May 2020 15:34:04 GMT
read-blogentries
www.fireeye.com/bin/www-blogs/ 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/bin/www-blogs/read-blogentries?categoryPath=%2Fcontent%2Ffireeye-www%2Fen_US%2Fblog%2Fproducts-and-services
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
18a2fc26cfe6fdc7dcf3f16780f574aa7b9f0ba3fb63ca4824c13a3ecd6636b7
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:04 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
status
200
x-iinfo
3-16375802-16375715 PNNN RT(1579707243958 0) q(0 0 0 -1) r(3 3) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-length
4801
x-xss-protection
1; mode=block
adsct
analytics.twitter.com/i/ 		31 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nw2v7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
124
pragma
no-cache
last-modified
Wed, 22 Jan 2020 15:34:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
14cb08087e3e21fa39917fafebffd774
x-transaction
002c86640080bba6
expires
Tue, 31 Mar 1981 05:00:00 GMT
MultiNoun.jsonp
d.la2c2.salesforceliveagent.com/chat/rest/System/ 		226 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2c2.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573a00000008kP3]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572a0000000H8aJ&org_id=00D3000000063LS&version=34
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.249.7 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ord.la1-c2-ord.salesforceliveagent.com
Software
/
Resource Hash
e9af63d754bbf76f2cba4ee42fc4b244a02680488c4e009dbf9ac086bfa4d8cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
_ate.track.config_resp
v1.addthisedge.com/live/boost/fewebadmin/ 		3 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/fewebadmin/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
4e040b6884ad0623aece79feb28b75ee490c568a930c6bbfd83255d058d54611

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 15:34:05 GMT
content-encoding
gzip
surrogate-key
fewebadmin
server
Jetty(9.4.8.v20180619)
etag
2015823830--gzip
vary
Accept-Encoding
cache-tag
fewebadmin
status
200
cache-control
public, max-age=48, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
782
_Incapsula_Resource
www.fireeye.com/ 		1 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fireeye.com/_Incapsula_Resource?SWKMTFSR=1&e=0.1999521846010368
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache
x-robots-tag
noindex
content-length
1
content-type
text/plain
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/twitterprofiledata/ 		91 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/clientcontext/default/contextstores/twitterprofiledata/loader.json?authorizableId=anonymous
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8d857cc8dac6ee38e2715f3c6497b2841c63b742c84eec546b7830e549082aac
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:05 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/json;charset=utf-8
status
200
x-iinfo
3-16375850-16375715 PNNN RT(1579707244361 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-length
96
x-xss-protection
1; mode=block
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/fbprofiledata/ 		90 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/clientcontext/default/contextstores/fbprofiledata/loader.json?authorizableId=anonymous
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
27566ff7b6b2d9741e6e57f7b326ae745e9d961b4a50f0dcc08a0023a265d442
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:05 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/json;charset=utf-8
status
200
x-iinfo
3-16375871-16375715 PNNN RT(1579707244542 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
content-length
96
x-xss-protection
1; mode=block
loader.json
www.fireeye.com/etc/clientcontext/default/contextstores/fbinterestsdata/ 		5 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fireeye.com/etc/clientcontext/default/contextstores/fbinterestsdata/loader.json?authorizableId=anonymous
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:e980:d::ba , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7b86d506062bf09d8db4e081fbf442b773929e5c13a70f415243e12185f37767
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
content-encoding
gzip
x-content-type-options
nosniff, nosniff
date
Wed, 22 Jan 2020 15:34:05 GMT
x-vhost
publish
x-frame-options
ALLOW-FROM https://content.fireeye.com
content-type
application/json;charset=utf-8
status
200
x-iinfo
3-16375897-16375715 PNYN RT(1579707244723 0) q(0 0 0 -1) r(1 1) U12
strict-transport-security
max-age=31536000; includeSubDomains
vary
User-Agent
x-xss-protection
1; mode=block
conversion.js
s.yimg.jp/images/listing/tool/cv/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVGC8KK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.79.249.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
e55596fc1c3349cbbc926529c29c27e1de7b98b47a31cc7bb4789970e571065f

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 22 Jan 2020 15:25:57 GMT
content-encoding
gzip
last-modified
Thu, 29 Aug 2019 10:27:08 GMT
server
ATS
age
489
vary
Accept-Encoding
p3p
policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
status
200
cache-control
public, max-age=600
accept-ranges
bytes
content-type
application/javascript
content-length
1421
via
http/1.1 edge2367.img.umd.yahoo.co.jp (ApacheTrafficServer [cRs f ]), http/1.1 edge2376.img.umd.yahoo.co.jp (ApacheTrafficServer [cRs f ])
expires
Wed, 22 Jan 2020 15:35:57 GMT
visitWebPage
848-did-242.mktoresp.com/webevents/ 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://848-did-242.mktoresp.com/webevents/visitWebPage?_mchNc=1579707245510&_mchCn=&_mchId=848-DID-242&_mchTk=_mch-fireeye.com-1579707245510-71041&_mchHo=www.fireeye.com&_mchPo=&_mchRu=%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=https%3A%2F%2Ft.co%2Fe5T1w547UZ&_mchQp=
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
akka-http/10.1.7 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 22 Jan 2020 15:34:06 GMT
Content-Encoding
gzip
Server
akka-http/10.1.7
Transfer-Encoding
chunked
X-Request-Id
06a2960b-abc9-4774-a98b-91275d25f6cf
Content-Type
text/plain; charset=UTF-8
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Wed, 22 Jan 2020 15:34:05 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
MultiNoun.jsonp
d.la1-c1-ia5.salesforceliveagent.com/chat/rest/System/ 		496 B
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-ia5.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573a00000008kP3]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572a0000000H8aJ&org_id=00D3000000063LS&version=34
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.64.53 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg1-c6-iad5.la1-c1-ia5.salesforceliveagent.com
Software
/
Resource Hash
f1a74501b40b2391a0e901bbb8cdd56d4a4031f8fcc8aedd6306e9214c4d0357
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
/
b91.yahoo.co.jp/pagead/conversion/1000244663/ 		42 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b91.yahoo.co.jp/pagead/conversion/1000244663/?random=1579707246829&cv=9&fst=1579707246829&num=1&fmt=3&value=0&label=ppcGCKvb3mcQ_c2swgM&guid=ON&disvt=true&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&ref=https%3A%2F%2Ft.co%2Fe5T1w547UZ&tiba=FireEye%20and%20Citrix%20Tool%20Scans%20for%20Indicators%20of%20Compromise%20Related%20to%20CVE-2019-19781%20%7C%20FireEye%20Inc&hn=www.googleadservices.com&async=1
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.22.30.220 Tokyo, Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Jan 2020 15:34:07 GMT
Via
http/1.1 mscedge1001.img.bbt.yahoo.co.jp (ApacheTrafficServer [c sSf ])
X-Content-Type-Options
nosniff
Content-Type
image/gif
Server
ATS
Age
2
P3P
policyref="http://privacy.yahoo.co.jp/w3c/p3p_jp.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Cache-Control
no-cache, must-revalidate, private
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
42
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: t.co
URL: https://t.co/e5T1w547UZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
6c1472520b668aae52d693d940ccb27e6018a2b6034257eab0e3fa0635d6e05d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 22 Jan 2020 14:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2586
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
content-length
6923
x-amz-id-2
J3TRhKbfDVpflXaPA6vht2grmHDb12qnXypooZP0XNSoNYyFrPxPmvcWdsoYQIuPkT28wATkaok=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 24 Feb 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 20 Jan 2020 10:57:46 GMT
server
ATS
etag
"87979af60825dc3955d617bf362ac2cf-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-request-id
A58F49475CB4B50E
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
SLAS5izKJxtni8maKdLju1blUijqa4el
accept-ranges
bytes
content-type
application/javascript
json
fireeye.tt.omtrdc.net/m2/fireeye/mbox/ 		96 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fireeye.tt.omtrdc.net/m2/fireeye/mbox/json?mbox=target-global-mbox&mboxSession=9c7ec3c1f4a64ec682a466c829351936&mboxPC=&mboxPage=a0112becf05341c3b45551db0fd729bd&mboxRid=55087ae8458348c68279c102bd942e10&mboxVersion=1.7.1&mboxCount=1&mboxTime=1579710846853&mboxHost=www.fireeye.com&mboxURL=https%3A%2F%2Fwww.fireeye.com%2Fblog%2Fproducts-and-services%2F2020%2F01%2Ffireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html&mboxReferrer=https%3A%2F%2Ft.co%2Fe5T1w547UZ&browserHeight=1200&browserWidth=1585&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.117.29.6 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
/
Resource Hash
f9aad012b5b1e448f4181932b1966d6238a69e5f4bb9091be0ad4d7ad5daa765

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 15:34:06 GMT
status
200
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fireeye.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
96
x-request-id
55087ae8458348c68279c102bd942e10
435600.json
s.yimg.com/wi/config/ 		2 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/435600.json
Requested by
Host: www.fireeye.com
URL: https://www.fireeye.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
Origin
https://www.fireeye.com

Response headers

date
Wed, 22 Jan 2020 15:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1289
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
E82ABBD0539DC90D
x-amz-id-2
sn95DH3nxhvG/RPKwNDl2GVVEPAAnPqfTZ/Jlj8EMWZtGNZkb2vdLBKBYMuXw6zfg3vHWGV+YZI=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| companyDetails6Sense undefined| jsonVal undefined| companyRevenueRange undefined| companyCountry undefined| companyIndustry undefined| companyName undefined| companyRegion undefined| companyDomain undefined| segments object| dataLayer function| $ function| jQuery object| matched object| browser object| Granite object| fdc object| geoip2 undefined| cookiesOK function| onAccept function| onDecline function| ipLocation string| userAgent boolean| gomezAgent boolean| prtgAgent object| _satellite object| google_tag_manager function| postscribe string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| uetq string| GoogleAnalyticsObject function| ga function| twq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| gtag function| fbq function| _fbq function| UET object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| addthis_config object| addthis_share function| showCountryNotification undefined| _6SenseJsonObj undefined| _6SenseTime undefined| isJsonStale undefined| jsonObj function| targetPageParams object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH function| _ function| generateURLSignature function| initializeTeaserLoader function| initializeLandingPageLoader object| CQ_Analytics object| CQ_Context boolean| CQ_trackTeasersStats boolean| CQ_trackLandingPagesStats object| ClientContext object| ContextCloud object| _laq object| digitalData function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin boolean| liveAgentDeployment object| liveagent object| MktoForms2 function| jQuery112407710181319165259_1579707244294 object| feedcontainerSr undefined| feedurlSr undefined| levelsFeedSr undefined| typeofEmp undefined| jobDescriptinUrlSr object| content object| jobFunctionsArray function| displayFeedSR function| filterResultsSR function| getPostings function| populateDropDowns function| replaceQueryParam function| addMissingUTMsFromCookies number| slideTotal number| currentSlide string| target function| getCurrentSlide function| showHideControls string| activeLbox function| calculateTopMargin function| closec08 function| updatec08 function| fixCta function| showNav function| showNavSub function| showNavMore function| initNav number| totalSlides function| changeSlide function| initCarousel function| msieversion undefined| intervalId function| showSuggestions undefined| content_category_1 undefined| content_category_2 undefined| content_category_3 undefined| flag undefined| startTimer undefined| getParameterByName undefined| validateMarketoform undefined| marketoFormViewTealiumEvent undefined| marketoFormSubmitTealiumEvent undefined| bannerEvent undefined| getContentCategory undefined| fireproofFormSubmitTealiumEvent function| marketoFormViewGtmEvent function| marketoFormSubmitGTMEvent function| readCookie object| jQuery1124016853962350471297 object| html5 object| Modernizr function| yepnope object| respond function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| campaigns object| queryString object| object number| qIndex function| onYouTubeIframeAPIReady object| yahoo_conversion_id object| yahoo_conversion_label object| yahoo_conversion_value object| MunchkinTracker boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len object| yahoo_conversion_language object| yahoo_conversion_color object| yahoo_ss_retargeting_id object| yahoo_ss_retargeting object| yahoo_sstag_custom_params object| dotq object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf

3 Cookies

Domain/Path Name / Value
.fireeye.com/ Name: mboxEdgeCluster
Value: 26
.fireeye.com/ Name: mbox
Value: session#9c7ec3c1f4a64ec682a466c829351936#1579709107|PC#9c7ec3c1f4a64ec682a466c829351936.26_0#1642952047
.fireeye.com/ Name: check
Value: true

10 Console Messages

Source Level URL
Text
console-api log URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html(Line 1215)
Message:
currentPagePath :: /blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability
console-api log URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html(Line 1221)
Message:
undefined
console-api log URL: https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html(Line 1222)
Message:
[object Object]
console-api log URL: https://www.fireeye.com/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js(Line 2782)
Message:
authorizableId is anonymous
console-api log URL: https://www.fireeye.com/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js(Line 2786)
Message:
https://www.fireeye.com/blog/products-and-services/2020/01/fireeye-and-citrix-tool-scans-for-iocs-related-to-vulnerability.html
console-api log URL: https://www.fireeye.com/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js(Line 2799)
Message:
object is null
console-api log URL: https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw.min.js(Line 352)
Message:
cookie value
console-api log URL: https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw.min.js(Line 352)
Message:
cookie value
console-api log URL: https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw.min.js(Line 352)
Message:
cookie value
console-api log URL: https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_fw.min.js(Line 352)
Message:
cookie value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8443343.fls.doubleclick.net
848-did-242.mktoresp.com
analytics.twitter.com
b91.yahoo.co.jp
bat.bing.com
c.la2c2.salesforceliveagent.com
cloud.typography.com
connect.facebook.net
d.la1-c1-ia5.salesforceliveagent.com
d.la2c2.salesforceliveagent.com
fireeye.com
fireeye.tt.omtrdc.net
googleads.g.doubleclick.net
js.maxmind.com
munchkin.marketo.net
px.ads.linkedin.com
s.yimg.com
s.yimg.jp
s7.addthis.com
sjs.bizographics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
v1.addthisedge.com
www.facebook.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www2.fireeye.com
z.moatads.com
104.17.70.206
104.244.42.197
104.244.42.67
13.108.248.135
13.108.249.7
13.110.64.53
151.101.12.157
172.217.16.198
172.217.23.98
182.22.30.220
183.79.249.252
192.28.147.68
2001:4860:4802:34::75
23.210.248.44
23.210.250.213
2606:4700::6810:262f
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:81f::2002
2a00:1450:400c:c0c::9c
2a02:26f0:10c:399::3adf
2a02:e980:13::ba
2a02:e980:d::ba
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
66.117.29.6
95.100.142.38
95.101.176.176
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0513ee972740cc3c2061689181fd2200f087413d804345de7ac5d05a2d3b0d8f
08d28b17f25567ddd8c194c6e0fda5f91fb0348eca5da3d3e4e430913b299bcd
0d1e4ec6235dcfe83b8acd4b53c23c0219f907814d53e3f7802bee9a6a30d6d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1658ce76f85d7484329e8b1af212597c2e68c19955bba460567514f0a3bd8d92
18a2fc26cfe6fdc7dcf3f16780f574aa7b9f0ba3fb63ca4824c13a3ecd6636b7
1bd7f4e0046709278c0eea6fdb53df44dd4d14e7d6878330a5652c36aca53ff3
1de5a2b057fc1fd85e8b3ccffa91101c8304a88b32fccb33e19d7657a1460dae
201509acaf1a9afdbeb88068bb7a0d7114bc6254e1ef032789290f1335eb54b0
27566ff7b6b2d9741e6e57f7b326ae745e9d961b4a50f0dcc08a0023a265d442
2a6ce7e8796b3ad20ebca195d3424b34e0397063ae0fa76e340ca1c263694f99
2f454290d840efc756bf1009cfa026cbb69b657d41f8962e63427f001374c495
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74
3aadac47cf44df595934bec631a78bf2ba62081ab95528e684a85b4c74453e77
3def2fdee0e6288ea076c7c2d0db897efec9762062cfb7a52b0d4087eeb212eb
4086c8cd4c3361452c1c1da9af3034fc90f4a375c4f6195f31d6dcf1c7b56f00
41c3f798bdde59c64755a4c33767a0e71b52dd39c21f4ab89fd12634582f3bed
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47ab2c68d4d2a483c9acca1adfa39a747e60d90ebc2d4a20e286f4395f5b155d
4e040b6884ad0623aece79feb28b75ee490c568a930c6bbfd83255d058d54611
54e4fe4494ee9ab2fdd2b4bd8891891dd8d3ffc40dbbac762123405a90b1edfb
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6798d98d141c0f2a801293867faeba2b3fceadbb1b5cd1ec37ec59b77cc2aef4
67a99837e80451fd25c1abdf9c96a984bf2aff964034155311361e47213f748b
6bd4ef669f2dc4574947479804de0667ceee407931d7088b8021ee925b1fc693
6c1472520b668aae52d693d940ccb27e6018a2b6034257eab0e3fa0635d6e05d
752c7139c09399f8cddbab1d71aeb083524c9b8c03bd2e4b90a966f5a2bdc763
757eb886edd9a887fc95b701c88b08191eb743657027636c0c9d4973547ebb4a
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
79b2448738716f0daf11d4a206e105e3b79e9d082f9c9bf4ad2bd55e591a1a3c
7b27f8e50df8542ab93bc6a0f582d6ba98d70072dfe548b586fe56c673e11681
7b86d506062bf09d8db4e081fbf442b773929e5c13a70f415243e12185f37767
83c3b24b776636702187d99058fdaabc4441087ea0577892d7e063b5ca0f98f3
8700932df38c372bb997e1425dbdcec8634be78d39dde0aa04bd2e9ddf8f6c61
8d857cc8dac6ee38e2715f3c6497b2841c63b742c84eec546b7830e549082aac
957a8277a55a1a49913966920d53bbf1fb0d21ba53c026aadc36eb61299ad5a1
9c4592519a4cfc8940c9f97d6e2474547e5727f21672bc4f6207f96bb9d43211
9e7c24ea6d840d2145dd0186f99d9055f3f4b037e1aed9593a9d0ef4cb5d2e9c
a8686085bedfe95bbd6ba2d40ff04dc10e0c09a6cd35381d9564b171495b1ef6
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af3448cd96702455db358ac221e082df9ffb5f43bb3c69df18b9ae2fe4a552b5
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
bcf5ca1256b444bb0c6f30c83a6b56833fea661c7ebaa04e66b245cf8e3c2aef
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c13d407e35f86bdaa09b6f2874d0a389130f44788e1040a3f1d08a05c770140a
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55596fc1c3349cbbc926529c29c27e1de7b98b47a31cc7bb4789970e571065f
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
e9af63d754bbf76f2cba4ee42fc4b244a02680488c4e009dbf9ac086bfa4d8cc
ea591f278d30c27a58315de5a5102860bc4b61ada3c0e6e2e1fdbf19fab6b525
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a74501b40b2391a0e901bbb8cdd56d4a4031f8fcc8aedd6306e9214c4d0357
f1e8d381255db594089fcc7664987199d386849d20d938b498d408bd9d0530ad
f1eed34ee53069fa479ce9063dff30eb16e5db2411d20ccf7136ac61890a5298
f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578
f9aad012b5b1e448f4181932b1966d6238a69e5f4bb9091be0ad4d7ad5daa765
fbcc2c7d4dfbc5d0251c789843b8d7edf25306dfa23188ad267e2786357233c0