Submitted URL: https://publ.maillist-manage.com/click.zc?od=2d5a885a69b60a972cf198c50d84dbb621185630859ca1fd0&repDgs=1313b09e682c7f4d&linkDgs=13...
Effective URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-...
Submission: On October 15 via api from BE

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 175.41.134.19, located in Singapore, Singapore and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is blogs.manageengine.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 8th 2018. Valid for: 2 years.
This is the only time blogs.manageengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 8.39.54.68 2639 (ZOHO-AS)
25 175.41.134.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 207.224.234.120 209 (CENTURYLI...)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 8.39.54.111 2639 (ZOHO-AS)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
3 216.52.72.123 2639 (ZOHO-AS)
41 10
Domain Requested by
25 blogs.manageengine.com blogs.manageengine.com
4 fonts.gstatic.com blogs.manageengine.com
3 js.zohostatic.com dtzpfzv31buvf.cloudfront.net
2 dyjgaef5vuq51.cloudfront.net salesiq.zoho.com
dtzpfzv31buvf.cloudfront.net
2 salesiq.zoho.com widgets.zohosalesiq.com
salesiq.zoho.com
1 dtzpfzv31buvf.cloudfront.net salesiq.zoho.com
1 widgets.zohosalesiq.com blogs.manageengine.com
1 secure.gravatar.com blogs.manageengine.com
1 www.manageengine.com blogs.manageengine.com
1 fonts.googleapis.com blogs.manageengine.com
1 publ.maillist-manage.com 1 redirects
41 11
Subject Issuer Validity Valid

COMODO RSA Domain Validation Secure Server CA
2018-03-08 -
2020-01-19
2 years crt.sh
*.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years crt.sh
widgets.zohosalesiq.com
COMODO RSA Domain Validation Secure Server CA
2018-08-02 -
2020-08-01
2 years crt.sh
*.google.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA
2019-07-02 -
2021-04-29
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.zohostatic.com
Sectigo RSA Domain Validation Secure Server CA
2019-03-12 -
2021-03-11
2 years crt.sh

This page contains 2 frames:

Primary Page: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Frame ID: 89FF15DD7638A020BCB4369B16B202BE
Requests: 37 HTTP requests in this frame

Frame: https://dyjgaef5vuq51.cloudfront.net/Oct_14_2019_2_https/styles/embedtheme1.css
Frame ID: 36E0E0BB692CA78961A87655A55A022D
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://publ.maillist-manage.com/click.zc?od=2d5a885a69b60a972cf198c50d84dbb621185630859ca1fd0&repDgs=1313b09... HTTP 302
    https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /Red Hat/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

41
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

600 kB
Transfer

1900 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://publ.maillist-manage.com/click.zc?od=2d5a885a69b60a972cf198c50d84dbb621185630859ca1fd0&repDgs=1313b09e682c7f4d&linkDgs=1313b09e680f72c0&mrd=1313b09e682b807a&m=1 HTTP 302
    https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html
blogs.manageengine.com/active-directory/adauditplus/2019/09/06/
Redirect Chain
  • https://publ.maillist-manage.com/click.zc?od=2d5a885a69b60a972cf198c50d84dbb621185630859ca1fd0&repDgs=1313b09e682c7f4d&linkDgs=1313b09e680f72c0&mrd=1313b09e682b807a&m=1
  • https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign...
31 KB
9 KB
Document
General
Full URL
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 / PHP/7.2.11
Resource Hash
b0bdd8e9b9478318f45bf1fc0d757f68f5be61304aa0916dfe1a1c5c681adc2e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
blogs.manageengine.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
X-Powered-By
PHP/7.2.11
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Link
<https://blogs.manageengine.com/?p=58081>; rel=shortlink
Access-Control-Allow-Origin
*
Set-Cookie
PHPSESSID=mta85313rp2o93ahncbhh3cs8j; path=/
Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8706
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
ZGS
Date
Tue, 15 Oct 2019 16:33:23 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
0
Connection
keep-alive
Set-Cookie
2aef5325a7=15286c4a13d4886219bafd229be6f847; Path=/ ZCAMPAIGN_CSRF_TOKEN=f9e77e54-30f2-43c0-b421-ee6771c6b7c6;path=/;Secure;priority=high JSESSIONID=97282835805C26DAEAB84B0BD171776F; Path=/; Secure; HttpOnly
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Pragma
no-cache
Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods
GET,POST,OPTIONS
Location
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Strict-Transport-Security
max-age=15768000
css
fonts.googleapis.com/
23 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Roboto+Slab:400,300,700|Montserrat:400,700
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b9dcd12b5fae9d263c5d111c371d774d10f0e24695be1438d0edaccb364ff1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 15 Oct 2019 16:33:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 15 Oct 2019 16:33:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 15 Oct 2019 16:33:24 GMT
stylesheet.css
blogs.manageengine.com/wp-content/themes/zoho/fonts/proxima-nova/
6 KB
1 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/fonts/proxima-nova/stylesheet.css
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
900a33e948c56f174b57cfa098eaa732c7df88279064a7d94743c7196ee8c800
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Mar 2016 13:45:26 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"186e-52d3953cec980-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
624
Expires
Tue, 22 Oct 2019 16:33:24 GMT
font-awesome.min.css
blogs.manageengine.com/wp-content/themes/zoho/fonts/font-awesome/css/
27 KB
7 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/fonts/font-awesome/css/font-awesome.min.css
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Mar 2016 13:45:27 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"6b4e-52d3953de0bc0-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6248
Expires
Tue, 22 Oct 2019 16:33:24 GMT
style.css
blogs.manageengine.com/wp-content/themes/zoho/
39 KB
10 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/style.css
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
2ebc46cb7e1a471676856f601036908db84fc1635a77f5dea082a4a360641663
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jul 2019 13:16:40 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"9a71-58d3f5f025e00-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9349
Expires
Tue, 22 Oct 2019 16:33:24 GMT
style_settings.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/style_settings.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
c293eae87bff93fb4634b6687887550d6ac3b74ba8b1e606d467ea9dfcd86560
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"18f8-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1791
Expires
Tue, 22 Oct 2019 16:33:24 GMT
phone.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/phone.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
e754e0d0ea6e12801baa02a9786d2b5d7b5b9378491aa3f50864ed165c28c441
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"331c-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2269
Expires
Tue, 22 Oct 2019 16:33:24 GMT
jquery.dataTables.min.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/jquery.dataTables.min.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
8ba51bb2df43b6bc2930f6b79270149436c1bad04f6bd933b9dddb5f55cab974
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"33de-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2035
Expires
Tue, 22 Oct 2019 16:33:24 GMT
bootstrap-social.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
24 KB
3 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/bootstrap-social.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
d3688b3b11458e93ee7820817e4fd85d45fa9b27c74981807a038201b3efc8c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"6136-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3022
Expires
Tue, 22 Oct 2019 16:33:24 GMT
bootstrap.min-preview.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/bootstrap.min-preview.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
c4e41907d864800ed4f05dcdba1abed84022b55fcf8280f8782f0afafea1195a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"2f79-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2118
Expires
Tue, 22 Oct 2019 16:33:24 GMT
font-awesome.min.css
blogs.manageengine.com/wp-content/plugins/oauth-client/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/font-awesome.min.css?version=4.8&ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"7103-57eeefdbea800-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6640
Expires
Tue, 22 Oct 2019 16:33:25 GMT
style.min.css
blogs.manageengine.com/wp-includes/css/dist/block-library/
29 KB
5 KB
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Aug 2019 08:09:30 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"726f-58f31fe94070c-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4767
Expires
Tue, 22 Oct 2019 16:33:25 GMT
pagenavi-css.css
blogs.manageengine.com/wp-content/plugins/wp-pagenavi/
374 B
754 B
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jan 2019 09:37:26 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"176-57eef17da0180-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
239
Expires
Tue, 22 Oct 2019 16:33:25 GMT
animate-custom.css
blogs.manageengine.com/wp-content/themes/zoho/css/
0
459 B
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/css/animate-custom.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Last-Modified
Fri, 04 Mar 2016 13:45:24 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"0-52d3953b04500"
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
0
Expires
Tue, 22 Oct 2019 16:33:25 GMT
style_login_widget.css
blogs.manageengine.com/wp-content/plugins/oauth-client/
0
0
Stylesheet
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/style_login_widget.css?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 / PHP/7.2.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Oct 2019 16:33:25 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
X-Powered-By
PHP/7.2.11
Strict-Transport-Security
max-age=15768000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
modernizr-2.6.2.min.js
blogs.manageengine.com/wp-content/themes/zoho/js/vendor/
15 KB
7 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/js/vendor/modernizr-2.6.2.min.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Mar 2016 13:45:26 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"3c3a-52d3953cec980-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
6252
Expires
Tue, 22 Oct 2019 16:33:25 GMT
jquery.js
blogs.manageengine.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Aug 2019 08:09:30 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"17a69-58f31fe94bea3-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
33776
Expires
Tue, 22 Oct 2019 16:33:25 GMT
jquery-migrate.min.js
blogs.manageengine.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"2748-5333ff613c400-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4014
Expires
Tue, 22 Oct 2019 16:33:25 GMT
manageengine-logo.svg
www.manageengine.com/images/logo/
9 KB
3 KB
Image
General
Full URL
https://www.manageengine.com/images/logo/manageengine-logo.svg
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.224.234.120 Seattle, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST - CenturyLink Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
774070a1d2e226ea9e9f74cb3f4ab500fa8315daf7fd7982020764946d2e0517
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Mar 2017 07:43:36 GMT
Server
Apache
ETag
"24ed-54ad437f6da00-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2812
Expires
Thu, 14 Nov 2019 16:33:23 GMT
4cf6b70f3f220712afc98265613b5c29
secure.gravatar.com/avatar/
124 B
405 B
Image
General
Full URL
https://secure.gravatar.com/avatar/4cf6b70f3f220712afc98265613b5c29?s=40&d=blank&r=g
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f73eec3172e82079a59a23168cc2f6866a7766adc0e9aeec1db5a0f3867d21ad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT vie 1
date
Tue, 15 Oct 2019 16:33:24 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
source-age
8640476
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="4cf6b70f3f220712afc98265613b5c29.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/4cf6b70f3f220712afc98265613b5c29?s=40&d=blank&r=g>; rel="canonical"
content-length
124
expires
Tue, 15 Oct 2019 16:38:24 GMT
comment-reply.min.js
blogs.manageengine.com/wp-includes/js/
2 KB
2 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-includes/js/comment-reply.min.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 02:14:50 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"8ba-5834f701a9a80-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1093
Expires
Tue, 22 Oct 2019 16:33:25 GMT
plugins.js
blogs.manageengine.com/wp-content/themes/zoho/js/
120 KB
36 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/js/plugins.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
910a32325dc67ed2665687badc8de2cdc5a917fa19fdba3a468249edd1376c8d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2016 14:55:35 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"1dfcc-52d8ac60c87c0-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
35894
Expires
Tue, 22 Oct 2019 16:33:25 GMT
script.js
blogs.manageengine.com/wp-content/themes/zoho/js/
13 KB
4 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/js/script.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
9774bef34826fd1dedf05258435f84ae85484efc6e9db60bfe35b1bee2e6973d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jul 2019 13:12:27 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"343d-58d3f4fede4c0-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3713
Expires
Tue, 22 Oct 2019 16:33:25 GMT
wp-embed.min.js
blogs.manageengine.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-includes/js/wp-embed.min.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 12:40:26 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"57b-574a661196280-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
753
Expires
Tue, 22 Oct 2019 16:33:25 GMT
form.js
blogs.manageengine.com/wp-content/plugins/akismet/_inc/
700 B
847 B
Script
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Aug 2019 08:25:41 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"2bc-58f323873f293-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
318
Expires
Tue, 22 Oct 2019 16:33:25 GMT
app.js
widgets.zohosalesiq.com/
32 KB
9 KB
Script
General
Full URL
https://widgets.zohosalesiq.com/app.js?widgetcode=88ba256164a2af178d02cf266b50f6535ecaebc83566b443d8088ebe0fa5e653b5af50fcd55219c183e7a6443e2c9a16
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:d200:5:a901:86c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
ZGS /
Resource Hash
f7fd0d86b3338f8a4ca418432cdcb923acecc89cffc382ef891b5ad6461198fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 11:32:43 GMT
content-encoding
gzip
age
18042
x-cache
Hit from cloudfront
status
200
content-length
9080
access-control-allow-origin
*
last-modified
Wed, 28 Aug 2019 04:46:27 GMT
server
ZGS
etag
"5d660723-2378"
content-type
application/javascript
via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-amz-cf-id
bq29TGUoZ_HZjqI2ZKdI0lnDUd3L82VKy4YtGG1Tx389THRouiaM9g==
expires
Wed, 14 Oct 2020 08:54:17 GMT
wp-emoji-release.min.js
blogs.manageengine.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://blogs.manageengine.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.4
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Aug 2019 08:09:30 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"3610-58f31fe94e99b-gzip"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4622
Expires
Tue, 22 Oct 2019 16:33:25 GMT
proxima_nova-regular-webfont.woff2
blogs.manageengine.com/wp-content/themes/zoho/fonts/proxima-nova/
20 KB
20 KB
Font
General
Full URL
https://blogs.manageengine.com/wp-content/themes/zoho/fonts/proxima-nova/proxima_nova-regular-webfont.woff2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/wp-content/themes/zoho/js/vendor/modernizr-2.6.2.min.js?ver=5.2.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
3a734b136e548848dd7e6c942246d7768664d716fd21e1382951e14468fdbd25
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://blogs.manageengine.com/wp-content/themes/zoho/fonts/proxima-nova/stylesheet.css
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Last-Modified
Fri, 04 Mar 2016 13:45:26 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"5014-52d3953cec980"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
20500
Expires
Tue, 22 Oct 2019 16:33:25 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v9/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v9/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c68d891f07355e5d0807b4a4f18ac8f16f6e9088277be3134c7efa570022ab2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Roboto+Slab:400,300,700|Montserrat:400,700
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 00:01:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:23 GMT
server
sffe
age
405123
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11272
x-xss-protection
0
expires
Sat, 10 Oct 2020 00:01:22 GMT
fontawesome-webfont.woff2
blogs.manageengine.com/wp-content/plugins/oauth-client/fonts/
70 KB
71 KB
Font
General
Full URL
https://blogs.manageengine.com/wp-content/plugins/oauth-client/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
175.41.134.19 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-175-41-134-19.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1 /
Resource Hash
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
cors
Referer
https://blogs.manageengine.com/wp-content/plugins/oauth-client/css/font-awesome.min.css?version=4.8&ver=5.2.4
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Last-Modified
Tue, 08 Jan 2019 09:30:08 GMT
Server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1
ETag
"11850-57eeefdbea800"
Strict-Transport-Security
max-age=15768000
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
71760
Expires
Tue, 22 Oct 2019 16:33:25 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Roboto+Slab:400,300,700|Montserrat:400,700
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 01:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
486772
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13708
x-xss-protection
0
expires
Fri, 09 Oct 2020 01:20:33 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Roboto+Slab:400,300,700|Montserrat:400,700
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 23:29:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
61414
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13612
x-xss-protection
0
expires
Tue, 13 Oct 2020 23:29:51 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: blogs.manageengine.com
URL: https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Roboto+Slab:400,300,700|Montserrat:400,700
Origin
https://blogs.manageengine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 09:58:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
542080
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Thu, 08 Oct 2020 09:58:45 GMT
widget
salesiq.zoho.com/
99 KB
30 KB
Script
General
Full URL
https://salesiq.zoho.com/widget
Requested by
Host: widgets.zohosalesiq.com
URL: https://widgets.zohosalesiq.com/app.js?widgetcode=88ba256164a2af178d02cf266b50f6535ecaebc83566b443d8088ebe0fa5e653b5af50fcd55219c183e7a6443e2c9a16
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.39.54.111 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
8d14b3178c1ec637add94548d56a6ee760524d834327560e12c46a3311f4ea5a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Server
ZGS
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Expires
Tue, 15 Oct 2019 16:38:25 GMT
getembeddetails.ls
salesiq.zoho.com/
15 KB
5 KB
XHR
General
Full URL
https://salesiq.zoho.com/getembeddetails.ls?widgetcode=88ba256164a2af178d02cf266b50f6535ecaebc83566b443d8088ebe0fa5e653b5af50fcd55219c183e7a6443e2c9a16&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fblogs.manageengine.com&pagetitle=NTLM%C2%A0vulnerabilities%20that%20make%20you%20susceptible%20to%20relay%20attacks%20-%20ManageEngine%20Blog
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.39.54.111 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
dd8f4233e5609b12c8c8d4af503859a38e282154ff0a510165ab250844b33906
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Sec-Fetch-Mode
cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:33:25 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Server
ZGS
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://blogs.manageengine.com
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
X-XSS-Protection
1
floatbutton.css
dyjgaef5vuq51.cloudfront.net/Oct_14_2019_2_https/styles/
82 KB
15 KB
Stylesheet
General
Full URL
https://dyjgaef5vuq51.cloudfront.net/Oct_14_2019_2_https/styles/floatbutton.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:3a00:1a:c240:b540:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
ZGS /
Resource Hash
19367afebb5733cf70bb90841c1dd8351c834b96e9e93b9880083d58b4278418

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 05:15:13 GMT
content-encoding
gzip
age
39973
x-cache
Hit from cloudfront
status
200
content-length
15122
access-control-allow-origin
*
last-modified
Mon, 14 Oct 2019 13:17:45 GMT
server
ZGS
etag
"5da47579-3b12"
content-type
text/css
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-amz-cf-id
EB78yErfLvUmou8vihCcVVqRlnU1B3sajTlflnrLfq2IqHQot0BwDw==
expires
Wed, 14 Oct 2020 05:15:13 GMT
floatbutton.js
dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/
53 KB
13 KB
Script
General
Full URL
https://dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/floatbutton.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:200:e:4eab:82c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
ZGS /
Resource Hash
5d642f442dccbe74cbd60c289f696b511947d98ea89ecf5c5f92f6e17a52e864

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 03:41:32 GMT
content-encoding
gzip
age
39970
x-cache
Hit from cloudfront
status
200
content-length
12855
access-control-allow-origin
*
last-modified
Mon, 14 Oct 2019 13:17:45 GMT
server
ZGS
etag
"5da47579-3237"
content-type
application/javascript
via
1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-amz-cf-id
XoBu_oJhK1azx8s9EEM_83GOxFTs-yDu7j4W3HS6nSbzjZY7CG24yA==
expires
Wed, 14 Oct 2020 03:41:32 GMT
embedtheme1.css
dyjgaef5vuq51.cloudfront.net/Oct_14_2019_2_https/styles/ Frame 36E0
141 KB
31 KB
Stylesheet
General
Full URL
https://dyjgaef5vuq51.cloudfront.net/Oct_14_2019_2_https/styles/embedtheme1.css
Requested by
Host: dtzpfzv31buvf.cloudfront.net
URL: https://dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/floatbutton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:3a00:1a:c240:b540:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
ZGS /
Resource Hash
e93a077733cbed43d9947857d0a841668b847081d7a38e5b5a71f5ae8c7a7738

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 15 Oct 2019 05:17:35 GMT
content-encoding
gzip
age
39960
x-cache
Hit from cloudfront
status
200
content-length
30942
access-control-allow-origin
*
last-modified
Mon, 14 Oct 2019 13:17:45 GMT
server
ZGS
etag
"5da47579-78de"
content-type
text/css
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-amz-cf-id
Nw5_977oxWl_PJG4zzBvOsKoiGNPbu1W3BtNeI_ZePg9pNfvPu7UnQ==
expires
Wed, 14 Oct 2020 05:17:35 GMT
wmsliteapi.js
js.zohostatic.com/ichat/Jun_25_2019_3_https/js/ Frame 36E0
13 KB
4 KB
Script
General
Full URL
https://js.zohostatic.com/ichat/Jun_25_2019_3_https/js/wmsliteapi.js
Requested by
Host: dtzpfzv31buvf.cloudfront.net
URL: https://dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/floatbutton.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.72.123 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
36315e8c22b1909269c735ec3f6c5b642681c20fe70d6951d45704806a38648a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:19:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jun 2019 13:50:21 GMT
Server
ZGS
ETag
"5d12269d-1006"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
4102
Expires
Wed, 14 Oct 2020 16:19:18 GMT
siqchatwindow1.js
js.zohostatic.com/salesiq/Oct_14_2019_2_https/js/ Frame 36E0
764 KB
194 KB
Script
General
Full URL
https://js.zohostatic.com/salesiq/Oct_14_2019_2_https/js/siqchatwindow1.js
Requested by
Host: dtzpfzv31buvf.cloudfront.net
URL: https://dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/floatbutton.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.72.123 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
c3d6692402abad731ea91ba91846f79e50cfbada519d3aa776ae50c41bc76674

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:19:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Oct 2019 13:17:45 GMT
Server
ZGS
ETag
"5da47579-30787"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
198535
Expires
Wed, 14 Oct 2020 16:19:18 GMT
resource.js
js.zohostatic.com/salesiq/Oct_14_2019_2_https/js/resource/embed/ Frame 36E0
34 KB
10 KB
Script
General
Full URL
https://js.zohostatic.com/salesiq/Oct_14_2019_2_https/js/resource/embed/resource.js
Requested by
Host: dtzpfzv31buvf.cloudfront.net
URL: https://dtzpfzv31buvf.cloudfront.net/Oct_14_2019_2_https/js/floatbutton.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.72.123 , United States, ASN2639 (ZOHO-AS - ZOHO, US),
Reverse DNS
Software
ZGS /
Resource Hash
1c4be793d142e540392a99981c0bf2aa6b497c6848caf00c363c84225e17a9c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blogs.manageengine.com/active-directory/adauditplus/2019/09/06/ntlm-vulnerabilities-that-make-you-susceptible-to-relay-attacks.html?utm_source=Zcampaigns&utm_medium=nlmail-news&utm_campaign=ME-Newsletter-C1&utm_term=october2019
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 16:19:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Oct 2019 13:17:45 GMT
Server
ZGS
ETag
"5da47579-24da"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
9434
Expires
Wed, 14 Oct 2020 16:19:18 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| html5 object| Modernizr function| yepnope undefined| $ function| jQuery object| no_ajax_pages object| addComment object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| jQuery112405936395066233897 function| Waypoint object| NProgress object| wp object| $EventManager object| $zoho object| $DBUtil object| $ZSIQDOMUtil function| $JSONUtil function| Connection function| ConnectionManager function| CORSObj function| WebSocketObj object| $History object| $UTSConnector object| s object| t object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| twemoji object| $ZSIQLSDB object| $ZSIQCookie object| $zsalobj object| UDHandler object| $ZSIQUtil object| $ZSIQLicence function| handleIframeFunction object| $UTSHandler object| $ZSIQUTS object| $ZSIQUTSAction function| _ZLDReq object| $ZSIQChat boolean| isdomloadhandled object| _ZSIQ object| $ZSIQAnalytics object| $ZSIQAutopick object| $zohosq object| $zcb object| $zv object| $zlm object| $zlch string| $zla boolean| $ZSIQ_UTSinitialized function| $ZSisThresholdExceeded function| $ZDestroyFloatData function| $ZNotifyTracking function| $ZShandleEvent number| SIQ_FLOAT number| SIQ_BUTTON number| SIQ_PERSONALIZE boolean| _WINDOW_REPOPULATE function| loadStaticFiles function| notifyOnCDNFailure function| appendReferrer function| checkApiDataAndStorage function| updateApiObject function| handleStorageDataAndUpdateToServer string| api_lang string| val object| $ZSIQChatWindow function| zsiqdrag object| $ZSIQTemplate object| $ZSIQWidgetUI object| $ZSIQWidget object| siq_layer

3 Cookies

Domain/Path Name / Value
blogs.manageengine.com/active-directory/adauditplus/2019/09/06 Name: ZLD2433000000997005avuid
Value: %22553ce5ff-623d-4f99-a914-4137ccbd1820%22
blogs.manageengine.com/active-directory/adauditplus/2019/09/06 Name: ZLSLANG88ba256164a2af178d02cf266b50f6535ecaebc83566b443d8088ebe0fa5e653b5af50fcd55219c183e7a6443e2c9a16
Value: %22en%22
blogs.manageengine.com/active-directory/adauditplus/2019/09/06 Name: isiframeenabled
Value: true

1 Console Messages

Source Level URL
Text
console-api log URL: https://blogs.manageengine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.manageengine.com
dtzpfzv31buvf.cloudfront.net
dyjgaef5vuq51.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.zohostatic.com
publ.maillist-manage.com
salesiq.zoho.com
secure.gravatar.com
widgets.zohosalesiq.com
www.manageengine.com
175.41.134.19
207.224.234.120
216.52.72.123
2600:9000:20eb:d200:5:a901:86c0:93a1
2600:9000:21f3:200:e:4eab:82c0:21
2600:9000:21f3:3a00:1a:c240:b540:21
2a00:1450:4001:817::200a
2a00:1450:4001:825::2003
2a04:fa87:fffe::c000:4902
8.39.54.111
8.39.54.68
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
19367afebb5733cf70bb90841c1dd8351c834b96e9e93b9880083d58b4278418
1c4be793d142e540392a99981c0bf2aa6b497c6848caf00c363c84225e17a9c9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2ebc46cb7e1a471676856f601036908db84fc1635a77f5dea082a4a360641663
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
36315e8c22b1909269c735ec3f6c5b642681c20fe70d6951d45704806a38648a
3a734b136e548848dd7e6c942246d7768664d716fd21e1382951e14468fdbd25
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d642f442dccbe74cbd60c289f696b511947d98ea89ecf5c5f92f6e17a52e864
774070a1d2e226ea9e9f74cb3f4ab500fa8315daf7fd7982020764946d2e0517
8ba51bb2df43b6bc2930f6b79270149436c1bad04f6bd933b9dddb5f55cab974
8d14b3178c1ec637add94548d56a6ee760524d834327560e12c46a3311f4ea5a
900a33e948c56f174b57cfa098eaa732c7df88279064a7d94743c7196ee8c800
910a32325dc67ed2665687badc8de2cdc5a917fa19fdba3a468249edd1376c8d
9774bef34826fd1dedf05258435f84ae85484efc6e9db60bfe35b1bee2e6973d
b0bdd8e9b9478318f45bf1fc0d757f68f5be61304aa0916dfe1a1c5c681adc2e
b4d6b22089928a2b989f6f596c10c26ffaa7b71fb20a4125fde64ab1d3b43cd5
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
b9dcd12b5fae9d263c5d111c371d774d10f0e24695be1438d0edaccb364ff1fe
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c293eae87bff93fb4634b6687887550d6ac3b74ba8b1e606d467ea9dfcd86560
c3d6692402abad731ea91ba91846f79e50cfbada519d3aa776ae50c41bc76674
c4e41907d864800ed4f05dcdba1abed84022b55fcf8280f8782f0afafea1195a
c68d891f07355e5d0807b4a4f18ac8f16f6e9088277be3134c7efa570022ab2d
d3688b3b11458e93ee7820817e4fd85d45fa9b27c74981807a038201b3efc8c8
dd8f4233e5609b12c8c8d4af503859a38e282154ff0a510165ab250844b33906
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e754e0d0ea6e12801baa02a9786d2b5d7b5b9378491aa3f50864ed165c28c441
e93a077733cbed43d9947857d0a841668b847081d7a38e5b5a71f5ae8c7a7738
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f73eec3172e82079a59a23168cc2f6866a7766adc0e9aeec1db5a0f3867d21ad
f7fd0d86b3338f8a4ca418432cdcb923acecc89cffc382ef891b5ad6461198fd